PHP - Urgent - Block Someone From Posting From A Remote Area
Have a friend that has a form and can post to my domain from a remote domain. How do i stop this?
Similar TutorialsHi there, I'm running a php based website and I'm getting a lot of remotely posts to the forms. Is any way to prevent this using php or .htacces. Any tip o a site from where I should start? Thank you in advance. Hey people! I'm currently working on an free API that i will be sharing with the web community in the next few months and had a question that much of this project hinges upon: Is there a way to allow a remote include of one php file from my server? Case: I am allowing 2 ways for users to access the APi: 1. Using AJAX or cURL accessing a REST method over POST or GET (This part is already functional) 2. Allowing an include of the API Library I'm not sure if it will be completely opensource yet, only free, this is why I don't want to simply provide the source files to users. Example of what I would like to do: <?php include('http://mysite.com/myAPI/classLib.php'); ?> Anybody have a solution for that?? Thanks in advance, E Hi guys, I have this problem and id appreciate all your advice in helping solve it. I'm working on a service with is "cloud" hosted. However I want it so when a person employed by Corporation A logs onto myservice.corporationa.com they enter their Corporation A LDAP details but somehow that sends them to myservice.com and authenticates them. I know how to do the get LDAP details part to put on myservice.corporationa.com but no idea how to do the rest and make it send back etc. Any ideas? Many many thanks in advance. (PS - If this all makes sense please do let me know) Hi, I'm writing some software and I'm wanting to store user statistics on my web-server remotely. My application outputs the statistics into a txt file and asks the user if they would like to submit this data to my server to help the project (statistics gathering ) and if they submit it I want the information stored in a mysql database on my web-server. I was thinking about passing the data in through the url in an http request to the page, but there's too much data. I'm interested in finding out if it's possible to upload a file directly to a php script. I could use FTP to place it on my server, but that would require me putting the ftp login into the program, which I don't feel safe about doing that. At least with a php script I'm able to filter and process any input before it's inserted into the database. Is it actually possible to upload directly to my server from a php file in an http request from an application though? On my website, I have a download folder containing several files ranging in size from 6Mb to 700Mb. Users have no problems downloading the smaller files but often have problems downloading the files over 500Mb. We also have an archive of all the files located on a sub-domain on a server in England. Those users that are having problems downloading large files from the main site usually have no problem downloading the large files if we send them the URL for the archive. I've added a button that calls the following script so the users can choose where to download from but have no idea how to code the script. Here's what I've tried: // ukdloader script <?php $php_scripts = '../../php/'; require $php_scripts . 'PDO_Connection_Select.php'; require $php_scripts . 'GetUserIpAddr.php'; function ukdloader($l_filename=NULL) { $ip = GetUserIpAddr(); if (!$pdo = PDOConnect("foxclone_data")) { exit; } if( isset( $l_filename ) ) { echo <a href="http://foxclone.org/".$l_filename"> /* This is the archive site */ $ext = pathinfo($l_filename, PATHINFO_EXTENSION); $stmt = $pdo->prepare("INSERT INTO download (address, filename,ip_address) VALUES (?, ?, inet_aton('$ip'))"); $stmt->execute([$ip, $ext]) ; $test = $pdo->query("SELECT id FROM lookup WHERE INET_ATON('$ip') BETWEEN start AND end ORDER BY start DESC, end DESC"); $ref = $test->fetchColumn(); $ref = intval($ref); $stmt = $pdo->prepare("UPDATE download SET ref = '$ref' WHERE address = '$ip'"); $stmt->execute() ; } else { echo "isset failed"; } } ukdloader($_GET["f"]); exit; Thanks in advance. folks, i know i may be asking a question that has been answered before but i am asking this here again because i could not find any simple and straightforward answers. i want to debug my php scripts. no web server is involved. all the scripts are used for parsing and preparing data files...something like we do with unix shell scripting. the scripts reside on a linux box and each script may call functions in other included scripts. i can connect to the linux box using my notebook. on my notebook i have Eclipse and PhpEd. i want to debug those php scripts on the linux box using my notebook's Eclipse or PhpEd. (no webserver or html involved and php cli is already setup and running scripts on the linux box). If this (using PhpEd and Eclipse on the notebook to remotely debug) is not possible can you please suggest me how do i debug those scripts while i am on the linux server (using command line etc.). please help me how to set up. regards, kali Ok, the database I have been working on the past few days is located on my websites server (1&1) and today I am trying to get a connection to it on a website that is on a different server, but I am getting my echo statement of saying it can't find the database even though I changed it from "localhost" to the physical address of the database. Any ideas? I am setting up an API for my users, and the user sends post data via cURL. Is there a way I can see what site that the post data is coming from? would $_SERVER['REMOTE_HOST'] work? I am not using that to validate information. hi, I am trying to restore a mysql db from a remote location below is the function it is working fine when i am passing local location, but gives error on passing remote location Code: [Select] function restore($path) { $f = fopen('restore.sql' , 'w+'); if(!$f) { echo "Error While Restoring Database"; return; } $zip = new ZipArchive(); if ($zip->open($path) === TRUE) { #Get the backup content $sql = $zip->getFromName('adobe4u_new-sqldump.sql'); #Close the Zip File $zip->close(); #Prepare the sql file fwrite($f , $sql); fclose($f); #Now restore from the .sql file //$command = "mysql --user=root --password=password --database=adobe4u < restore.sql"; //exec($command); // Name of the file $filename = 'restore.sql'; // Temporary variable, used to store current query $templine = ''; // Read in entire file $lines = file($filename); // Loop through each line foreach ($lines as $line) { // Skip it if it's a comment if (substr($line, 0, 2) == '--' || $line == '') continue; // Add this line to the current segment $templine .= $line; // If it has a semicolon at the end, it's the end of the query if (substr(trim($line), -1, 1) == ';') { // Perform the query mysql_query($templine) or print('Error performing query \'<strong>' . $templine . '\': ' . mysql_error() . '<br /><br />'); // Reset temp variable to empty $templine = ''; } } // Restoring END #Delete temporary files without any warning @unlink('restore.sql'); echo '<div class="success">Successfully Updated!</div>'; } else { echo '<div class="error">Some thing went wrong! Updation Failed</div>'; } } Please can anyone help me in it, so That if i pass a remote location of database it will extract it locally I have been searching for hours to try and figure out how I could print a remote page using PHP. I know in javascript, you can print the current page with: Code: [Select] <a href="javascript:window.print()">Print Page</a> But what I want to do is "javascript:window.print(http://some-link.com)", but would be nice if I could do it using PHP, if it's even possible. Hello I am in need of writting to a txt file on a remote server. When trying I get this error: "failed to open stream: HTTP wrapper does not support writeable connections in /home....." How can I write to a siply txt file on a remote server? I need to check a file's size with php and ssh. Everything I've seen online for remote files uses curl and port 80. I'll be checking a LAN computer that isn't running a webserver, but is running an SSH server. How can I do this? I've tried this: Code: [Select] <?php $tomorrow = date ('n-j-y'); echo system(ssh root@192.168.2.169 ls -lah "/MacRadio X/WMIS Logs/WMIS $tomorrow Log" | awk {print $5}); ?> but it didn't work. I got a T_VARIAABLE error. This was the same command I used right from the command line, and it worked. I'll also need to add a check to the file size, and if it's less than 175K, send me an email...but I'll work on that after I have the first part working. Thanks! Hey guys i'm using the following code to POST data to the HTTPS url given below. But I m unable to perform a remote login and access the rest of the website. Can u find out the flaws in the code snippet and rectify it ? Or suggest a new code snippet. Also can anyone suggest how to open/read the contents of the login restricted pages on a successful login . $fullurl = "https://premium.rpnet.biz/login.php/"; $postFields="username=&password=&cookieval=on&login="; $username=""; $password=""; $ch = curl_init(); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_FAILONERROR, 0); curl_setopt($ch, CURLOPT_USERPWD, "$username:$password"); curl_setopt($ch, CURLOPT_POSTFIELDS,$postFields); curl_setopt($ch, CURLOPT_URL, $fullurl); curl_setopt($ch, CURLOPT_COOKIEFILE, "cookie.txt"); # The name of the file containing the cookie data. curl_setopt($ch, CURLOPT_COOKIEJAR, "cookie.txt"); $returned = curl_exec($ch); curl_close ($ch); var_dump($returned); --------------------------------------------------------------- Output: HTTP/1.1 200 OK Date: Fri, 05 Nov 2010 16:27:58 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3 Set-Cookie: PHPSESSID=nthfd25gn6vpm89k18fpgamgc6; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 6336 Connection: close Content-Type: text/html; charset=UTF-8 ================================================ If I change the url to https://premium.rpnet.biz/usercp.php/ then the output is HTTP/1.1 302 Found Date: Fri, 05 Nov 2010 16:28:00 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: lo[uname]=deleted; expires=Thu, 05-Nov-2009 16:27:59 GMT; path=/; domain=premium.rpnet.biz Set-Cookie: lo[pass]=deleted; expires=Thu, 05-Nov-2009 16:27:59 GMT; path=/; domain=premium.rpnet.biz Location: https://premium.rpnet.biz/login.php Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 bool(true) The title may be a bit misleading, but essentially what I have is a custom CMS I built in PHP. What I want to do next is to build some sort of authentication to ensure my code was not copied and reused on another server. I need some way to communicate between my CMS and an external script to ensure that it is valid. I was thinking of putting a file on a domain. A simple function that accepts an url this function takes the url, searches the db, if it finds it, send back an result. My CMS obviously queries this function with the current url of the domain and if the url is in my db, the software works, otherwise it displays a message saying it was illegally copied. How do I build this interaction between the two? I could use AJAX, but i need something a bit more robust so that your average developer doesn't figure it out too easily. Hello everyone I was working on a code i found on the internet to remotely download a file on my server but for some reason, nothing is been downloaded. You help is required. index.php <html> <head> <title>Remote Upload Page</title> </head> <body> <form method="post" action="download.php"> <p align="center"><b><font face="Tahoma">Enter Download URL :</font></b></p> <p align="center"> <input type="text" name="Link" size="50" dir="ltr"> <input type="submit" name="submit" value="Upload" dir="ltr"> </p> </body> </html> download.php <?php define('BUFSIZ', 4095); $url = $_post['Link']; $dir = 'files/'; $rfile = fopen($url, 'r'); $lfile = fopen($dir . basename($url), 'w'); fwrite($lfile, fread($rfile, BUFSIZ), BUFSIZ); fclose($rfile); fclose($lfile); echo '<p align="center"><b><font face="Tahoma" size="5" color="#339933">File Remote Download Complete !</font></b></p>'; ?> I hope anyone can fix this. Thanks in advance Hello everyone. I have a script which opens a remote file, downloads it into a buffer and then sends it out to the user. At the moment, I'm using fopen() to retrieve the remote file. Everything works correctly, except when the user requests a range of the file. To do this, I tried fseek() but the problem is that fseek() does not work with remote files and gives me an error. Is there any other way I can go about doing this? Thanks. Hi guys, I am after some code (PHP/AJAX/jQuery) that will let me send a command to a AJAX listener on another pc (or even eventually browser window), a bit like doing remote command/control. I thought about how does IM services do it and after research found they are dependent on a file or a db, any way to not be dependent on those? Or do I need to be? Furthermore if I do, anyone have a clean example (even a step by step tutorial) of an IM code with AJAX listener etc that I can use as an example and guide to modify into what I need? All help is greatly appreciated. Hope you all had a good NYE _ Cheers Hi everyone, I've been trying to load a remote URL using the following; Code: [Select] $url = 'http://api.ean.com/ean-services/rs/hotel/v3/list?cid=55505&minorRev=12&apiKey=2hkhej72gxyas3ky6hhjtsga&locale=en_US¤cyCode=USD&customerIpAddress=10.184.2.9&customerUserAgent=Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US;+rv:1.9.2.25)+Gecko/20111212+Firefox/3.6.25&customerSessionId=&xml=<HotelListRequest><arrivalDate>01/22/2012</arrivalDate><departureDate>01/24/2012</departureDate><RoomGroup><Room><numberOfAdults>1</numberOfAdults><numberOfChildren>1</numberOfChildren><childAges>4</childAges></Room></RoomGroup><city>Amsterdam</city><countryCode>NL</countryCode><supplierCacheTolerance>MED</supplierCacheTolerance></HotelListRequest> '; $xml = simplexml_load_file($url); But I get met with this error; Code: [Select] Warning: simplexml_load_file() [function.simplexml-load-file]: http://api.ean.com/ean-services/rs/hotel/v3/list?cid=55505&minorRev=12&apiKey=2hkhej72gxyas3ky6hhjtsga&locale=en_US¤cyCode=USD&customerIpAddress=10.184.2.9&customerUserAgent=Mozilla/5.0%2B(Windows;%2BU;%2BWindows%2BNT%2B6.1;%2Ben-US;%2Brv:1.9.2.25)%2BGecko/20111212%2BFirefox/3.6.25&customerSessionId=&xml=%3CHotelListRequest%3E%3CarrivalDate%3E01/22/2012%3C/arrivalDate%3E%3CdepartureDate%3E01/24/2012%3C/departureDate%3E%3CRoomGroup%3E%3CRoom%3E%3CnumberOfAdults%3E1%3C/numberOfAdults%3E%3CnumberOfChildren%3E1%3C/numberOfChildren%3E%3CchildAges%3E4%3C/childAges%3E%3C/Room%3E%3C/RoomGroup%3E%3Ccity%3EAmsterdam%3C/city%3E%3CcountryCode%3ENL%3C/countryCode%3E%3CsupplierCacheTolerance%3EMED%3C/supplierCacheTolerance%3E%3C/HotelListRequest%3E%20:1: parser error : Start tag expected, '<' not found in C:\Program Files\XAMPP\xampplite\htdocs\hotel\results.php on line 29 I was told that URL I am trying to access; Code: [Select] http://api.ean.com/ean-services/rs/hotel/v3/list?cid=55505&minorRev=12&apiKey=2hkhej72gxyas3ky6hhjtsga&locale=en_US¤cyCode=USD&customerIpAddress=10.184.2.9&customerUserAgent=Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US;+rv:1.9.2.25)+Gecko/20111212+Firefox/3.6.25&customerSessionId=&xml=<HotelListRequest><arrivalDate>01/22/2012</arrivalDate><departureDate>01/24/2012</departureDate><RoomGroup><Room><numberOfAdults>1</numberOfAdults><numberOfChildren>1</numberOfChildren><childAges>4</childAges></Room></RoomGroup><city>Amsterdam</city><countryCode>NL</countryCode><supplierCacheTolerance>MED</supplierCacheTolerance></HotelListRequest> ...is a JSON response. So I was then told to do this; Code: [Select] <?php $context = stream_context_create(array('http' => array('header' => 'Accept: application/xml'))); $url = 'http://api.ean.com/ean-services/rs/hotel/v3/list?cid=55505&minorRev=12&apiKey=2hkhej72gxyas3ky6hhjtsga&locale=en_US¤cyCode=USD&customerIpAddress=10.184.2.9&customerSessionId=&xml=<HotelListRequest><arrivalDate>01/22/2012</arrivalDate><departureDate>01/24/2012</departureDate><RoomGroup><Room><numberOfAdults>1</numberOfAdults><numberOfChildren>1</numberOfChildren><childAges>4</childAges></Room></RoomGroup><city>Amsterdam</city><countryCode>NL</countryCode><supplierCacheTolerance>MED</supplierCacheTolerance></HotelListRequest> '; $xml = file_get_contents($url, false, $context); $xml = simplexml_load_string($xml); print_r($xml); ?> This then prints the array to screen. The data I am trying to access is from the Expedia Affiliate Travel Network. The URL above is from their XML Sandbox. My question is; How is the above data that gets returned a JSON response when it should be XML? and How can I access the data in the returned array without printing the array to screen? (I've tried things like echo $xml->hotelId[0] and using a foreach statement to no avail). I'm just a little confused here and have spent quite a number of hours trying to figure this out and reading other resources around the web on SimpleXML (including the PHP Manual). When working with other examples found elsewhere I seem to be ok but when dealing with this URL I seem to be out of my depth. The XML Sandbox from the EAN network is located: http://ean.mashery.com/docs/hotels/assets/XML_Sandbox The URL I am using is supposed to return a well formed XML result set. Thanks for your assistance. Bob Hello everyone. I have a problem with some of my php script. I have some php code that downloads a remote file and directly outputs it to the user. It works and all, it's just that when I do it on my Ubuntu LAMP server, downloading a file takes up a lot of ram. On my Windows WAMP server it works correctly and doesn't use up so much ram. Is this a problem with my code, or is it a server configuration? Below is the code I use to download the file. Code: [Select] public function output_file($file, $name, $mime_type='', $size) { session_write_close(); /* This function takes a path to a file to output ($file), the filename that the browser will see ($name) and the MIME type of the file ($mime_type, optional). If you want to do something on download abort/finish, register_shutdown_function('function_name'); */ if(is_readable($file)) die('File not found or inaccessible!'); /* $size = $size; $name = rawurldecode($name); */ /* Figure out the MIME type (if not specified) */ $known_mime_types=array( "pdf" => "application/pdf", "txt" => "text/plain", "html" => "text/html", "htm" => "text/html", "exe" => "application/octet-stream", "zip" => "application/zip", "doc" => "application/msword", "xls" => "application/vnd.ms-excel", "ppt" => "application/vnd.ms-powerpoint", "gif" => "image/gif", "png" => "image/png", "jpeg"=> "image/jpg", "jpg" => "image/jpg", "php" => "text/plain" ); if($mime_type==''){ $file_extension = strtolower(substr(strrchr($file,"."),1)); if(array_key_exists($file_extension, $known_mime_types)){ $mime_type=$known_mime_types[$file_extension]; } else { $mime_type="application/x-rar-compressed"; }; }; @ob_end_clean(); //turn off output buffering to decrease cpu usage // required for IE, otherwise Content-Disposition may be ignored if(ini_get('zlib.output_compression')) ini_set('zlib.output_compression', 'Off'); header('Content-Type: ' . $mime_type); header('Content-Disposition: attachment; filename="'.$name.'"'); header("Content-Transfer-Encoding: binary"); header('Accept-Ranges: bytes'); /* The three lines below basically make the download non-cacheable */ header("Cache-control: no-cache"); //header('Pragma: private'); // header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // multipart-download and download resuming support if(isset($_SERVER['HTTP_RANGE'])) { list($a, $range) = explode("=",$_SERVER['HTTP_RANGE'],2); list($range) = explode(",",$range,2); list($range, $range_end) = explode("-", $range); $range=intval($range); if(!$range_end) { $range_end=$size-1; } else { $range_end=intval($range_end); } $new_length = $range_end-$range+1; header("HTTP/1.1 206 Partial Content"); header("Content-Length: $new_length"); header("Content-Range: bytes $range-$range_end/$size"); } else { $new_length=$size; header("Content-Length: ".$size); } /* output the file itself */ $chunksize = 1*(1024)*(1024); //you may want to change this $bytes_send = 0; if ($file = fopen($file, 'r')) { if(isset($_SERVER['HTTP_RANGE'])) fseek($file, $range); while(!feof($file) && (!connection_aborted()) && ($bytes_send<$new_length) ) { $buffer = fread($file, $chunksize); print($buffer); //echo($buffer); // is also possible flush(); $bytes_send += strlen($buffer); } fclose($file); } else die('Error - can not open file.'); die(); } // END OUTPUT_FILE function Hi Guys, I am learning PHP via Netbeans IDE in LinuxMint because it just feels closer to Visual Studio which I used in the past, i am trying to lean more with open source technologies. I spin up a VirtualBox and installed apache2 on ubuntu. I created the netbeans project from my linuxMint to the virtualbox apache2 server (remote server) and configured the virtual directories on the apache2 server. I can the test project successfully, however I cannot seem to debug via Netbeans like toggling a breakpoint to view variable values. I found on the internet i need to configure xdebug and followed this site and used this page https://xdebug.org/wizard.php to create and install my xdebug. I then updated my php.ini file to the following:
[xDebug]
While my netbeans session id is configured "netbeans-xdebug" and debugger port to 9000. However, when i set a breakpoint in my code, netbeans seems to be stuck on "Waiting for connection" even it already passed the breakpoint. I suspect it's not even connected at all. I do see from my host laptop (where I am running netbeans) that port 9000 does open when running the project with debug and ufw is turned off in both virtualbox machine and laptop.
Any ideas? |