|
PHP - Auto-logging Into An Https Site
Hi guys,
We have an independent billing system that we use to track payments. I want to write a PHP script to automatically post a payment to the billing system. I went into the billing system, hit "View source" and got the link + required variables that will allow me to simulate entering a payment. The problem is that it's asking me to enter my credentials everytime I try to simulate the payment. Is a module or something that will automatically enter my credentials in this HTTPS site? Thanks Similar TutorialsHey Guys, I have a question here and I'm strugling with it, what I am trying to do is redirecting the user as soon as he opens the page to a HTTPS pagefor example. I have a really long URL for my email loginpage so instead of giving user long loink with port number and stuff I have this address "http://company.com/mail" and actualy under this mail directir there is a index.php with this code Code: [Select] <?php header('Location: https://ssl.company.com/crm/webmail/this/location'); exit; exit(); ?> it works great but the problem is it send the user to the NONE-Secure page (HTTP) instead of the secure... Does anyone know how can I go around this?! Thanks Hi, I am trying to make a registration form for users. The registration is for a seminar introducing a particular system for them. This (web based) system is merely a remote website. But in order for the users to actually use the system at the seminar, they HAVE to have logged in on the system in advance/prior to the seminar at least once. So in my registration form I want to include a curl login of the system, which should be invisible to the users. Hence I don't want to open a popup loading the system/remote site - I would like for this to happen without the users knowing it. So they enter username and password, Curl then does the login and then returns either "Succes! You were logge in!" or "There was an error. You were not logged in!". I have no use for additional information from the remote site - the only thing is that they should login this once - that's it. My code is below - and it works if the remote site is NOT using https (that is http ;-)) but if the remote site IS running https I get no message back. The line "if (stristr($result, "loginerrors"))" is set because the remote site includes the keyword "loginerrors" if you weren't logged in properly. Any suggestions? <?php $post_data['username'] = 'something@domain.com'; $post_data['password'] = 'MyPassword'; //traverse array and prepare data for posting (key1=value1) foreach ( $post_data as $key => $value) { $post_items[] = $key . '=' . $value; } //create the final string to be posted using implode() $post_string = implode ('&', $post_items); //create cURL connection $curl_connection = curl_init('https://www.domain.com/login.php'); //set options curl_setopt($curl_connection, CURLOPT_CONNECTTIMEOUT, 30); curl_setopt($curl_connection, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"); curl_setopt($curl_connection, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl_connection, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($curl_connection, CURLOPT_SSL_VERIFYPEER, false); //set data to be posted curl_setopt($curl_connection, CURLOPT_POSTFIELDS, $post_string); //perform our request $result = curl_exec($curl_connection); if (stristr($result, "loginerrors")) { echo "There was an error. You were not logged in!"; }else{ echo "Succes! You were logge in!"; } //close the connection curl_close($curl_connection); ?> This is probably some silly mistake but I can't figure out why this code isn't working. I put this at the top of my php page: Code: [Select] <?php $https_url = 'https://somesite.com'; if ( isset( $_SERVER['HTTPS'] ) && $_SERVER['HTTPS'] == 'off' ) { header('location: ' . $https_url); exit; } else if ( !isset( $_SERVER['HTTPS']) && $_SERVER['SERVER_PORT'] == 443 ) { header('location: ' . $https_url); exit; } ?> When I was just trying this code out it worked and redirected to https. No errors no infinite loops...it worked perfectly. However, once our server guy actually applied the SSL to the page, the code stopped working and I get the error "The page must be viewed over a secure location." It throws the error before it processes anything on that page. I found the code online on another help forum and it worked for everyone else, so what am I doing wrong? I also tried a different version of the code that also works for everyone else but got the same error. Thanks for your help! Hello, Ive got a fairly successful website and im looking at cloning it, I want to set up a cron to check the main site if there are any new posts and if there are insert it into the DB. Ive got them on 2 separate hosts so i don't want to just read from the DB increase the main site goes down and brings the whole 2nd site down. What would be the easiest way to do it? Not looking for people to give code, Just their suggestions. Cheers Hi, I want to auto login to remote site from my site using curl,i am using a curl script that login on same page with showing only html page,created cookie on my server too but i want to create cookie on remote server so that if i will open that remote site URL on my browser on another tab it shows me as logged-in. Here is a code i am using $fp = fopen("cookie.txt", w); fclose($fp); echo 'still loading <br/>'; if (fb_login($login_email,$login_pass)){ $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'https://askabookdealer.com/logincode.php?redirected=1&referrer=index'); curl_setopt($ch, CURLOPT_POSTFIELDS,'txtuname='.$login_email.'&txtpass='.$login_pass.'&x=15&y=6&login_submit='); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_COOKIEJAR, str_replace('\\','/',dirname(__FILE__)).'/cookie.txt'); curl_setopt($ch, CURLOPT_COOKIEFILE, str_replace('\\','/',dirname(__FILE__)).'/cookie.txt'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.6) Gecko/2009011913 Firefox/3.0.6 (.NET CLR 3.5.30729)"); $html = curl_exec($ch); curl_close($ch); echo $html; } function fb_login($login_email, $login_pass){ $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'https://askabookdealer.com/logincode.php?redirected=1&referrer=index'); curl_setopt($ch, CURLOPT_POSTFIELDS,'txtuname='.$login_email.'&txtpass='.$login_pass.'&x=15&y=6&login_submit='); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_COOKIEJAR, str_replace('\\','/',dirname(__FILE__)).'/cookie.txt'); curl_setopt($ch, CURLOPT_COOKIEFILE, str_replace('\\','/',dirname(__FILE__)).'/cookie.txt'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.6) Gecko/2009011913 Firefox/3.0.6 (.NET CLR 3.5.30729)"); $html = curl_exec($ch); $err = 0; $err = curl_errno($ch); curl_close($ch); if ($err != 0){ echo 'error='.$err."\n"; return(false); } else { echo 'fetching..'; return(true); } } Please Help,how can i get the solution for this,Thanks. ive been searching a code for auto complete search and found this code on the net. but when i tried it, it failed. hope u can help me debug it. Code: [Select] <script type="text/javascript"> function lookup(inputString) { if(inputString.length == 0) { // Hide the suggestion box. $('#suggestions').hide(); } else { $.post("rpc.php", {queryString: ""+inputString+""}, function(data){ if(data.length >0) { $('#suggestions').show(); $('#autoSuggestionsList').html(data); } }); } } // lookup function fill(thisValue) { $('#inputString').val(thisValue); setTimeout("$('#suggestions').hide();", 200); } </script> <body> <div> <form> <div> Type your county: <br /> <input type="text" size="30" value="" id="inputString" onkeyup="lookup(this.value);" onblur="fill();" /> </div> <div class="suggestionsBox" id="suggestions" style="display: none;"> <img src="upArrow.png" style="position: relative; top: -12px; left: 30px;" alt="upArrow" /> <div class="suggestionList" id="autoSuggestionsList"> </div> </div> </form> </div> </body> the other code is this -- <?php $db = new mysqli('localhost', 'root' ,'', 'countries'); if(!$db) { echo 'ERROR: Could not connect to the database.'; } else { if(isset($_POST['queryString'])) { $queryString = $db->real_escape_string($_POST['queryString']); if(strlen($queryString) >0) { $query = $db->query("SELECT value FROM countries WHERE value LIKE '$queryString%' LIMIT 10"); if($query) { while ($result = $query ->fetch_object()) { echo '<li onClick="fill(\''.$result->value.'\');">'.$result->value.'</li>'; } } else { echo 'ERROR: There was a problem with the query.'; } } else { } } else { echo 'There should be no direct access to this script!'; } } ?> when i input a letter or phrase on the search bar the other code pops on it. $connet = mysql_connect("host", "db_username", "pass") or die(mysql_error()); $user = $_SESSION['SESS_FIRST_NAME']; mysql_select_db('db_name, $connet) or die(mysql_error()); mysql_query("SELECT members Get $earn='earned' WHERE $user='username' LIMIT 1;"); $earn = $total_earn; ?> <a>$<?php echo "$total_earn";?></a> I can seem to login it tells me to check my password and username but i dont know the username and password are correct
here is my whole code
<?php
//start the sessoin
session_start();
//connect to db
require "scripts/connect.php";
$username = $_POST['username'];
$password = $_POST['password'];
$username = mysqli_real_escape_string($db,$username);
$password = mysqli_real_escape_string($db,$password);
if(isset($_POST['loginbtn'])){
if(!empty($username) && !empty($password)){
//sql command
$getstaff = "SELECT * FROM `users` WHERE `username` = '$username'";
//execute the query
$query = mysqli_query($db,$getstaff);
//get the number of rows
$num_rows = mysqli_num_rows($query);
if($num_rows != 0){
//get the info
$rows = mysqli_fetch_assoc($query);
//setting the data in indivaul variables
$dbusername = $rows['username'];
$dbpassword = $rows['password'];
//getting the password the user enter and making it hash
//in order for it to match in the database
$password = md5($password);
if($dbusername === $username && $dbpassword === $password){
//create the session
$_SESSION['username'] = $username;
//redircet them to the control panel
header("location: controlpanel.php");
}else
$msg = "Please check your username or password";
}else
$msg = "User does not exist";
}else
$msg = "Please enter your username and password";
}
?>
This is where it is giving me a hard time
if($dbusername === $username && $dbpassword === $password){
//create the session
$_SESSION['username'] = $username;
//redircet them to the control panel
header("location: controlpanel.php");
}else
$msg = "Please check your username or password";
Any ideas why its not letting me enter
After getting my site hacked, I'm not really up for learning PhP, so I'm trying to use uMScript.
On the demo site, and when I just load up the files on my server, it will redirect upon log in. But when I then use my styling, for some reason the login_submit.php gives me a blank page and does not redirect, nor does it log the user in. I don't change anything except the positioning of the forum and the container around it, no PhP or JS changes, weird? I can not seem to get a hold of the creator, nor can I find a user script that matches what I'm looking for. Heck, I'm so close to going mad, I'm even willing to pay someone to do the user PhP for me haha Has anyone used this script successfully? You can try it out he http://mod-universe.com/index.php Demo: http://www.ventureha.../demo/index.php (I couldn't get the demo credentials to log in, created a new user = Okriani, kieran09) I have built a simple website to share photos with people at work. And it is based on code - known to work - from a larger website that I built a few years ago. When you land on the site, you have a login screen, and if the username/password match what is hardcoded, then I set $_SESSION['loggedIn'] = TRUE; and I redirect to the menu.php page. If your credentials do not match, then I redirect the user to an access-denied.php (403) page. Here is the problem... Occasionally, when you try to log in you will get routed to the access-denied page. But then if you try a second time you end on on the menu page. I uploaded my otherwise working code to my hosted webserver, and now I can never seem to log in. It seems to me that something is getting screwed up with the session variable? Any ideas what could be causing this strange behavior? will the following code work to log any php errors i may have on the page this code is included? Code: [Select] ini_set('error_reporting', E_ALL); error_reporting(E_ALL); ini_set('log_errors',TRUE); ini_set('html_errors',FALSE); ini_set('error_log','./error_log.txt'); ini_set('display_errors',FALSE); First time poster so please bear with me. Is there a script that will show me the process of my php program as it runs, maybe log it to a log file each step so I can see what is happening. Fairly new to php so there maybe something that I can set there. I can read the code and follow it there but I'd like to see it in a log after each step or after each process completes. I have done this in the old days of dbase and it really helps with the errors that can develop. Thanks in advance and what a great forum. Hi guys, I got a little bit of an issue. I have a register page, which works fine and submits to itsself, however i also have a login page which currently has no errors but doesnt allow any1 to log in. If some1 can see why that will be great, as this is causing so many issues. This is the last step i cant get past. Here is the code Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head> <title>Forensics E-learning Package</title> <script type="text/javascript" src="start.js"></script> <link rel="stylesheet" type="text/css" href="style.css" /> </head> <body> <div id="wrapper"> <div id="header"> <div id="toplinks"> </div> </div> <div id="menu"> <ul> <li><a class="selected" href="index.html">Home</a></li> <li><a href="index.php">Initial Quiz</a></li> <li><a href="about.php">About</a></li> <li><a href="member.php">Member Section</a></li> </ul> </div> <div id="content"> <div id="main"> <h1>Forensics E-Learning Package</h1><BR /></head> Login to the User Profiled E-Learning Course which is specifically aimed to raise awareness in computer forensics. <?php $submit =&$_POST['submit']; if(isset($submit)) { if($username && sha1($password)) { $username =&$_POST['username']; $password =&$_POST['password']; $_SESSION['$username'] = $username; $_SESSION['$password'] = sha1($password); $connect = mysql_connect("localhost","root", "") or die ("Couldn't Connect!"); mysql_select_db("userlogin", $connect) or die("Couldn't find db"); //$con = mysql_connect('userscores.db.7767668.hostedresource.com','userscores','L3tt3r09'); //mysql_select_db('userscores', $con); $query = mysql_query("SELECT * FROM users WHERE username=' $username'"); $numrows = mysql_num_rows($query); if ($numrows!=0) { //code to login while ($row = mysql_fetch_assoc($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; $dbscore = $row['score']; $dbdclty = $row['dclty']; $dbid = $row['id']; $dbnewdclty = $row['newdclty']; } $_SESSION['id'] = $dbid; $_SESSION['PreviousScore'] = $dbscore; $_SESSION['dclty'] = $dbdclty; $_SESSION['newdclty'] = $dbnewdclty; if ($username==$dbusername&&sha1($password)==$dbpassword) { $username==$dbusername; } else { echo ("Incorrect Password!"); } } else { echo("That user doesn't exist!"); } } else { echo("Please enter a username and password!"); } echo ("You Successfully Logged In!"); } else { ?><BR /><BR /><?php echo("Please Log In!"); } if ($submit) echo "Logged In Successfully!"; ?> <BR /><BR /> <form action='index.php' method='POST'> Username: <input type='text' name='username'><BR /> Password: <input type='password' name='password'><BR /> <input type='submit' value='Log In'> </form> <p><BR /><BR /> <a class="button" href='register.php'><span><button class="button" id="save">Register</button></span></a> </div> <div id="right"> <h2>Right Menu</h2> <div class="rightitem"> <ul> <li><a class="selected" href="index.html">Home</a></li> <li><a href="index.php">Initial Quiz</a></li> <li><a href="about.php">About</a></li> <li><a href="member.php">Members Area</a></li> <li><a href="contact.php">Leave Feedback</a></li> </ul> </div> </div> </div> <div class="clearbottom"></div> <div id="footer"></div></div> </body> </html> Thanks for any help Lance Hi, I've been semi-teaching myself curl, and I decided to try logging into Facebook with it. This is what I have so far... <?PHP $Email = strip_tags(str_replace(' ', '', $_POST['email'])); $Password = strip_tags(str_replace(' ', '', $_POST['password'])); $FBlogin = 'https://www.facebook.com/login.php?login_attempt=1'; $MoreData = "charset_test=%E2%82%AC%2C%C2%B4%2C%E2%82%AC%2C%C2%B4%2C%E6%B0%B4%2C%D0%94%2C%D0%84&lsd=u2nsf&locale=en_US&email=".urlencode($Email)."&pass=".urlencode($Password)."&default_persistent=0&charset_test=%E2%82%AC%2C%C2%B4%2C%E2%82%AC%2C%C2%B4%2C%E6%B0%B4%2C%D0%94%2C%D0%84&lsd=u2nsf"; $Cookie = "cookie.txt"; $fp = fopen($Cookie,'wb'); $agent = "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7"; //login to facebook $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,$FBlogin); curl_setopt($ch, CURLOPT_USERAGENT, $agent); curl_setopt($ch, CURLOPT_COOKIEFILE, $Cookie); curl_setopt($ch, CURLOPT_COOKIEJAR, $Cookie); curl_setopt($ch, CURLOPT_REFERER, $FBlogin); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_POSTFIELDS, $MoreData); $Excecute = curl_exec($ch); echo $Excecute; ?> Right now I have it echo'ing out to see what's going wrong. I'm getting cookie errors from facebook saying that "I must have cookies enabled". What could be wrong in my script that would trip such an error? Thanks. i am trying to log out a user after account deletion by re-directing them. for some reason, the directories are not being removed, and i am not being redirected after that. Hi All I am building a website and I basically want to be able to log my own Error Logging. This could be anything from a usual PHP Notice, An SQL Query failing, a 404 page or a user reaching an activity they should not have (For example, hitting a default: on a switch when they shouldn't have) I have 3 options that I can think off 1) MySQL 2) Email 3) File Write All have pros and cons MySQL - Pro - I can build an admin script to read the errors and display them for me to handle and mark when completed. MySQL - CON - What is the Queries fail for what ever reason (too many connections), then the query to log the error would also fail, thus I would never know Email: PRO - Should always work, I will know straight away Email: CON - Getting the data from an email to a user friendly screen, instead of clogging up my email box File Write - PRO - I can put the data into MySQL at any point, Should near enough always work File Write - CON - Other people could possibly see the the errors, which could give away directories or weaknesses in the web project. Does anyone have any suggestions? Hi all, My session is not destroy even after I have click 'log out' The user will only log out only when I have closed the browser. May I know what could have caused the problem? Below is my code My admin.php page Code: [Select] <?php // For logging out if (isset($_SESSION['username'])) { echo '<a href="admin_logout.php">Log Out (' . $_SESSION['username'] . ')</a>'; // Connect to the database $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); // Retrieve the user data from MySQL $query = "SELECT tutor_id, name FROM tutor_profile ORDER BY name ASC"; $data = mysqli_query($dbc, $query); // Loop through the array of user data, formatting it as HTML echo '<h4>Latest members:</h4>'; echo '<table>'; while ($row = mysqli_fetch_array($data)) { echo '<td><a href="viewprofile.php?tutor_id=' . $row['tutor_id'] . '">' . $row['name'] . '</a></td></tr>'; } echo '</table>'; mysqli_close($dbc); } else { echo '<a href="admin_login.php">Log In</a>'; } ?> My logout.php page Code: [Select] <?php // If the user is logged in, delete the session vars to log them out session_start(); if (isset($_SESSION['admin_id'])) { // Delete the session vars by clearing the $_SESSION array $_SESSION = array(); // Delete the session cookie by setting its expiration to an hour ago (3600) if (isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time() - 3600); } // Destroy the session session_destroy(); } // Delete the user ID and username cookies by setting their expirations to an hour ago (3600) setcookie('admin_id', '', time() - 3600); setcookie('username', '', time() - 3600); // Redirect to the home page $home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/admin_login.php'; header('Location: ' . $home_url); ?> I am looking for some help or direction or maybe someone can point me to a tutorial some where. I am looking at adding a program to my website but it requires the user to also be logged in to use it. I would like to know how I can set it up so my users only have to log into my website once and it will automatically log them into this program using the same log in credentials. I am sure this is common and simple but I am a newbie programmer. Thank You for any advice. This topic has been moved to Miscellaneous. http://www.phpfreaks.com/forums/index.php?topic=353007.0 As long as it's SQL injection proof, would it be alright for me to let non-members add comments to a post and give the Author the ability to delete them?
|
|||||||