|
PHP - Send Post Request With Multiple Headers
How do I send multiple headers with this code?
Code: [Select] <?php $postdata = http_build_query( array( 'var1' => 'some content', 'var2' => 'doh' ) ); $opts = array('http' => array( 'method' => 'POST', 'header' => 'Content-type: application/x-www-form-urlencoded', 'content' => $postdata ) ); $context = stream_context_create($opts); $result = file_get_contents('http://example.com/submit.php', false, $context); ?> *this header: Code: [Select] User-Agent: Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16 Similar TutorialsHi, I'm trying to setup a quick PHP script that will grab the email from the url (see below) and after inserting into MySQL db - which is working fine - the script will complete two additional tasks: 1. send that same captured email out to a external db as in shown via http://domain1.com/insert.php?email=$lead (example), but then send to a DIFFERENT source - the originator of the lead - a portback acknowledgement using Header (sending the status and email to http://domain2.com/check.php?e=$lead&s=$status for their records). See the code below: ------------------------- Code: [Select] $lead = $_REQUEST['e_mail']; // will grab email from posted url string and assign to local variable $result = mysql_query($command); // this is just to execute the MySQL insert which works just fine but included here to explain validation below // Create API Call string to insert lead into iContact folder $requestURL = "http://domain1.com/insert.php?email=$lead"; // Execute API Call to CAKE $xml = simplexml_load_file($requestURL) or die("feed not loading"); if ($result) { $status = 1; // mark lead as sucess // send postback on lead status header("Location: http://domain2.com/check.php?e=$lead&s=$status"); } -------- Problem: I'm getting all sorts of errors with the simplexml_load_file() function and can't figure out why it won't work. Any input appreciated as this the only way I know how to pass the lead onward and then inform/update the other party of receipt of information. thanks! I am confused why I am getting the following error and was wondering if I could get a 2nd pair of eyes.. error: [29-Jul-2010 20:58:01] PHP Warning: session_start() [<a href='function.session-start'>function.session-start</a>]: Cannot send session cookie - headers already sent in /home/curren11/public_html/mysite***.com/file_monitor.php on line 2 [29-Jul-2010 20:58:01] PHP Warning: session_start() [<a href='function.session-start'>function.session-start</a>]: Cannot send session cache limiter - headers already sent (output started at /home/curren11/public_html/mysite***.com/file_monitor.php:2) in /home/curren11/public_html/mysite***.com/file_monitor.php on line 2 Here is the code: <?php session_start(); $root_path = realpath(getcwd()); $error_monitor_file = $root_path.'/file_modify.txt'; $hour = date("H"); $today = date("m-d-Y"); $myFile2 = "file_monitor.php.log"; $fh3 = fopen($myFile2, 'a'); $log_msg = "Last ran on: ".$today." at: ".$hour." \n"; fwrite($fh3, $log_msg); function scan_dir($path) { $out = array(); $files = opendir($path); while ($f = readdir($files)) { $extension = substr($f,-3); if ($f=='.' or $f=='..' or $extension=='jpg' or $extension=='JPG' or $extension=='png' or $extension=='gif' or $f=='file_monitor.php' or $f=='file_modify.txt' or $f=='file_monitor.php.log' or $f =='error_log' ) { continue; } if (is_dir($path.'/'.$f)) { $out = array_merge($out, scan_dir($path.'/'.$f)); } //if (((!is_dir($path.'/'.$f)) && ($f!='.' or $f!='..' or $extension!='jpg' or $extension!='JPG' or $extension!='png' or $extension!='gif')) else // { $out[] = $path. '/'. $f; //} } $_SESSION['all_files'] = $out; return $out; } $a = scan_dir(getcwd()); $count_array = count($_SESSION['all_files']); $loop_count=0; while($loop_count < $count_array) { // file in directory when was it last changed ? $filechange1 = date("m-d-Y-H", filemtime($_SESSION['all_files'][$loop_count])); // was it chnaged today and have I sent out an alert yet? if($filechange1 == $today."-".$hour) { $fh2 = fopen($error_monitor_file, 'a'); fwrite($fh2, "\n alert, file: ".$_SESSION['all_files'][$loop_count]." was changed today within the last hour ! \n"); fclose($fh2); } $loop_count ++; // log file? was it changed this past hour? if (file_exists($error_monitor_file)) { $filechange_log = date("m-d-Y-H", filemtime($error_monitor_file)); if ( ($loop_count == $count_array ) && ($filechange_log == $today."-".$hour ) ) { email(); } } } // function for email... function email() { require_once ('class.phpmailer.php'); $mail = new PHPMailer(); $mail->IsSMTP(); // send via SMTP $mail->Host = "localhost"; // SMTP servers $mail->SMTPAuth = true; // turn on SMTP authentication $mail->Username = "**c66@***ar.com"; // SMTP username $mail->Password = "*****"; // SMTP password $mail->From = "***@***.com"; $mail->FromName = "Colonial Cottage File Changed"; $mail->AddAddress("email@*****.com"); $mail->WordWrap = 50; // set word wrap //$mail->AddAttachment("/var/tmp/file.tar.gz"); // attachment //$mail->AddAttachment("/tmp/image.jpg", "new.jpg"); $mail->IsHTML(true); // send as HTML $mail->Subject ="Unauthorized file changed today!"; $mail->Body = "" ; $mail->AltBody = "This is the text-only body"; if(!$mail->Send()) { exit(); } } if ((file_exists($error_monitor_file)) && $hour == "00") { unlink($error_monitor_file); } fclose($fh3); exit(); ?> Quick question for you guys. I am collecting payment data for a product. Is it possible to send data from my form via http directly into another payment form via the post http headers? So say if i had all the details payment info and address info and i matched my form exactly to theirs. Is it possible to write a php script to send the data from my form directly to another websites form to make an order, say amazon or a big site like this? ?first_name=samuel&last_name=east&action=Submit Any Help? Thanks Hi Chaps, I'm working on a PHP script to mysqldump database to file. Using this as a base: http://www.edmondscommerce.co.uk/mysql/php-mysql-dump-script/, I've managed to strip it down to this: Code: [Select] set_time_limit(0); $mysql_host='localhost'; $mysql_database='database'; $mysql_username='username'; $mysql_password='pasword'; _mysql_test($mysql_host,$mysql_database, $mysql_username, $mysql_password); $print_form = 0; header('Content-type: text/plain'); header('Content-Disposition: attachment; filename="'.$mysql_database."_".date('Y-m-d').'.sql"'); $filename = $mysql_database."_".date('Y-m-d').'.sql'; _mysqldump($mysql_database); function _mysqldump($mysql_database) { $sql="show tables;"; $result= mysql_query($sql); if( $result) { while( $row= mysql_fetch_row($result)) { _mysqldump_table_structure($row[0]); _mysqldump_table_data($row[0]); } } else { echo "/* no tables in $mysql_database */\n"; } mysql_free_result($result); } function _mysqldump_table_structure($table) { echo "/* Table structure for table `$table` */\n"; echo "DROP TABLE IF EXISTS `$table`;\n\n"; $sql="show create table `$table`; "; $result=mysql_query($sql); if( $result) { if($row= mysql_fetch_assoc($result)) { echo $row['Create Table'].";\n\n"; } } mysql_free_result($result); } function _mysqldump_table_data($table) { $sql="select * from `$table`;"; $result=mysql_query($sql); if( $result) { $num_rows= mysql_num_rows($result); $num_fields= mysql_num_fields($result); if( $num_rows> 0) { echo "/* dumping data for table `$table` */\n"; $field_type=array(); $i=0; while( $i <$num_fields) { $meta= mysql_fetch_field($result, $i); array_push($field_type, $meta->type); $i++; } echo "insert into `$table` values\n"; $index=0; while( $row= mysql_fetch_row($result)) { echo "("; for( $i=0; $i <$num_fields; $i++) { if( is_null( $row[$i])) echo "null"; else { switch( $field_type[$i]) { case 'int': echo $row[$i]; break; case 'string': case 'blob' : default: echo "'".mysql_real_escape_string($row[$i])."'"; } } if( $i <$num_fields-1) echo ","; } echo ")"; if( $index <$num_rows-1) echo ","; else echo ";"; echo "\n"; $index++; } } } mysql_free_result($result); echo "\n"; } function _mysql_test($mysql_host,$mysql_database, $mysql_username, $mysql_password) { global $output_messages; $link = mysql_connect($mysql_host, $mysql_username, $mysql_password); if (!$link) { array_push($output_messages, 'Could not connect: ' . mysql_error()); } else { array_push ($output_messages,"Connected with MySQL server:$mysql_username@$mysql_host successfully"); $db_selected = mysql_select_db($mysql_database, $link); if (!$db_selected) { array_push ($output_messages,'Can\'t use $mysql_database : ' . mysql_error()); } else array_push ($output_messages,"Connected with MySQL database:$mysql_database successfully"); } } The problem is, I want the file to save to a specific network location, rather than the output being sent to headers. I've tried to play around with: Code: [Select] ob_start();.... $page = ob_get_contents(); ob_end_flush(); $fp = fopen("output.html","w"); fwrite($fp,$page); fclose($fp); But this outputs to the browser, then saves the file...I would like to load the page, and have the script create and save the file where I want it (without the output in the browser, or prompt to save/download file). Note: I need something like this as I'm running PHP/MySQL on IIS, so can use shell/system/etc. Any help will be hi-5-tastic! Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/hedgehog/public_html/class/class.phpmailer.php:3005) in /home/hedgehog/public_html/admin/class/authenticate.class.php on line 15 I own a website, www.gpstudios.com Some time ago I started recieiving this error after posting comments on the playgame page/news page. Try posting comments yourself on this game: http://www.gpstudios.com/playgame.php?gameid=324 I have attached a picture of the error. Unfortunately, I have no idea when this bug appeared. It must have happened a while ago, but I never noticed. Anyone know how or why I am getting this bug? Because I'm unsure as to where/when the error occurred, I cannot supply the code. Sorry for the lack of details, but I'm hoping someone will understand this error a little better than me :S Thanks, -Tom I want to be able to send a GET request to another website for example i want to be able to run this http://www.mywebsite.com/blog.php?clear_cache= using curl but when i use curl the website is loaded into my own heres my code Code: [Select] $curl = curl_init(); $json_url = $_SESSION['blog_base'] . 'blog.php?empty_cache='; curl_setopt ($curl, CURLOPT_URL, "$json_url"); $ANSWER=curl_exec ($curl); curl_close ($curl); hi everyone, can you please kindly check my code for error Code: [Select] $xmltosend = "<?xml version='1.0'?>\r\n". "<soap:Envelope xmlns:soap='http://www.w3.org/2001/12/soap-envelope' soap:encodingStyle='http://www.w3.org/2001/12/soap-encoding'>\r\n". "<soap:Body xmlns:m='https://www.trustwave.com/'>\r\n". "<request>\n". "<authentication>\n". "<username>username</username>\n". "<password>password</password>\n". "</authentication>\n". "<operation>getResellerProducts</operation>\n". "<params>\n". "<int>12345</int>\n". "</params>\n". "</request>\n". "</soap:Envelope>\n"; $reqheader = "POST /index.php HTTP/1.1\r\n". "Host:www.trustwave.com\r\n". "Content-Type: application/soap+xml; charset=utf-8\r\n". "Content-Length: ".strlen($xmltosend) ."\r\n\r\n"; $url = 'https://testapi.ssl.trustwave.com/3.0/'; // fake - obviosly! $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_POSTFIELDS, $xmltosend); curl_setopt($ch, CURLOPT_POST, true); // what to post curl_setopt($ch, CURLOPT_BINARYTRANSFER, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $reqheader); curl_setopt($ch, CURLOPT_USERPWD, "username:password"); $result = curl_exec($ch); curl_close($ch); print $result; im getting this error Code: [Select] Authorization Required This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required. anyone pleeeaassseee...!!! tia hi there - first attempt at programming in PHP so please bear with my novice attempts (not much programming experience in any languege really) i am building a site which hosts mp3s. I have MySQL database with one of the fields contating descriptive keywords for the tracks (such as slow, chilled, intense etc) i have created an html page with search form that send data to php file which runs a query of the keywords field - and all works fine now i want that in addition to the search form (with an input text box for the search criteria and the submit button) i will have a 'cloud' of key words - clickable links - that will send the data to the PHP query file (clicking on slow will search for tracks described with 'slow' and so on) - any ideas how do send data by clicking on a link? my html form is: Code: [Select] <body bgcolor="white"> <form action="test3.php" target="main" method="post"> <input type="text" name="searchkeywords" size=100><br> <input type="submit" value="Search"> <input name="searchkeywords" value="slow" type="submit"> </form> <DIV align="center" style="left : 240px; position : absolute; top : 100px;"><iframe src ="test3.php" width="1000" height="800" name="main" frameborder="2" scrolling="no"> <p>Your browser does not support iframes.</p> </iframe></DIV> </body> my php query file is: Code: [Select] <?php $con = mysql_connect("localhost","root","password"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("test", $con); $result = mysql_query("SELECT * FROM music WHERE keywords LIKE '%$_POST[searchkeywords]%'"); $txt1='<A HREF="/audioplayer-standalone/'; $txt2='" ><IMG src="images/misc_23.png" width="32" height="32" align="left" border="0"></A>'; $txt3='<script language="JavaScript" src="/audioplayer-standalone/audio-player.js"></script><object type="application/x-shockwave-flash" data="/audioplayer-standalone/player.swf" id="audioplayer'; $txt4='" height="24" width="290"><param name="movie" value="/audioplayer-standalone/player.swf"><param name="FlashVars" value="playerID=audioplayer'; $txt5='&soundFile=/audioplayer-standalone/'; $txt6='"><param name="quality" value="high"><param name="menu" value="false"><param name="wmode" value="transparent"> </object>'; echo "<table border='1'> <tr> <th width='220' align='left'>Track Name</th> <th width='220' align='left'>Artist</th> <th width='220' align='left'>Description</th> <th></th> <th></th> </tr>"; while($row = mysql_fetch_array($result)) { echo "<tr>"; echo "<td>" . $row['track'] . "</td>"; echo "<td>" . $row['artist'] . "</td>"; echo "<td>" . $row['description'] . "</td>"; echo "<td>" . $txt1.$row['filename'].$txt2 . "</td>"; echo "<td>" . $txt3.$row['id'].$txt4.$row['id'].$txt5.$row['filename'].$txt6 ."</td>"; echo "</tr>"; } echo "</table>"; // some code mysql_close($con); ?> Hello, If i am not posting this question at right location then i apologize for it. My problem is: I need to send HTTP get request to the webservice end point which must include the following http headers: GET / HTTP/1.1 Host: apis.live.net Accept: application/json Content-Type: application/json Authorization: WRAP access_token=AuthToken (here AuthToken is the Access Token String) Note: I am using OAuth for getting an access Token but for getting contents I need to send an HTTP get request. Any kind of help will be appreciated. Thanks Hi, I would like to send a value in a link and request it back in ajax and set it as a variable in php in the same page, can anyone help me here? thanks
Hello, I am a newbie regarding PHP and have done mostly only front-end web design for a couple of years and recently started querying DB's and displaying the data, but now this is a new project.
I've tested code snippets as the ones below, but fail to incorporate them in the bigger picture of what I'm trying to achieve.
<?php
// https://gist.github.com/magnetikonline/650e30e485c0f91f2f40
class DumpHTTPRequestToFile {
public function execute($targetFile) {
$data = sprintf(
"%s %s %s\n\nHTTP headers:\n",
$_SERVER['REQUEST_METHOD'],
$_SERVER['REQUEST_URI'],
$_SERVER['SERVER_PROTOCOL']
);
foreach ($this->getHeaderList() as $name => $value) {
$data .= $name . ': ' . $value . "\n";
}
$data .= "\nRequest body:\n";
file_put_contents(
$targetFile,
$data . file_get_contents('php://input') . "\n"
);
echo("Done!\n\n");
}
private function getHeaderList() {
$headerList = [];
foreach ($_SERVER as $name => $value) {
if (preg_match('/^HTTP_/',$name)) {
// convert HTTP_HEADER_NAME to Header-Name
$name = strtr(substr($name,5),'_',' ');
$name = ucwords(strtolower($name));
$name = strtr($name,' ','-');
// add to list
$headerList[$name] = $value;
}
}
return $headerList;
}
}
(new DumpHTTPRequestToFile)->execute('./dumprequest.csv');
This snippet also seems to return the headers and their values but I don't know how to efficiently write and append it to a TXT or CSV, or preferably, directly into a MySQL database.
<?php
foreach (getallheaders() as $name => $value) {
echo "$name: $value";
echo "<br>";
}
?>
Any help towards storing the header values of HTTP POST requests into a database would be greatly appreciated! Code: [Select] <?php if ($_SERVER['REQUEST_METHOD'] == 'POST'){ $db = mysql_connect("localhost", "*******" , "*****")or die("Error connecting to database: " . mysql_error()); $db_used = mysql_select_db("pskkorg_drp1", $db)or die("Could not select database: " . mysql_error()); $user_name = mysql_real_escape_string($_POST['username'],$db); $query = mysql_query("SELECT * FROM student WHERE Username = '$user_name'",$db) or die(mysql_error()); if(mysql_num_rows($query) == 1){ echo "Login successful, welcome back " . $user_name . ""; }else{ echo "Login unsuccessful, please ensure you are using the correct details"; } }else{ echo "Error"; } ?> take a look at this code, is there anything wrong?... it always come out the error output when i test it. when i enter this url, http://www.pskk.org/LMS/LMSscripts/FirstTimeUser10.php?Username=149090 it come out Error. suppose it will appear Login Successful since the username 149090 exist in the database. Hey everyone, so im trying to utilize a systems OPTION command send prior to the POST command, the OPTION command will for example state that it would like to request specific headers. im trying to perform this to get the headers needed before the POST command im trying to execute, the values are required for the POST command i need to perform to get a response. The URL in question would be: https://media-entitlement.mlb.com/api/v3/jwt?os=windows&did=ffeae86c-9447-4bac-a021-caad0c02c605&appname=mlbtv_web Request method: OPTIONS (to get required headers):
Host: media-entitlement.mlb.com then a post command is performed just after which retrieves the values originally requested by the OPTIONS command prior to the POST:
Host: media-entitlement.mlb.com
Now Generally speaking, i fully understand their authorization etc. but this specific set of values seem only used in this one situation, they use bam-sdk which i understand pretty well. but needless to say this authorization bearer, and api-key value only seem generated via the initial OPTIONS grab in browser. so in summary i need to understand how these OPTIONS commands can be utilized to store the required headers as a variable which can be used in the POST command. Thanks in advance for your time and energy responding. mosb3rgler Edited June 14, 2019 by mosb3rglertypo I am testing a url for http post request. It connects to the site then it is disconnected. In fire fox it is giving error that the "connection was reset". In google chrome it is giving error that "Unable to load the webpage because the server sent no data". Following is the script. I am new to curl and also new to http request response. The provider of this site tells me that everything is ok and it is sending data but i am not getting any data or any header of this site. <?php $data = '<?xml version="1.0" encoding="UTF-8"?><Request><Source ClientID="test_xml" Password="1234" /><RequestDetails Language="En"><SearchHotelPriceRequest><ServiceDestination DestinationType="city" DestinationCode="477" /><ImmediateConfirmationOnly>1</ImmediateConfirmationOnly><PeriodOfStay><CheckInDate>2012-03-01</CheckInDate><Duration>3</Duration></PeriodOfStay><Rooms> <Room NumberOfRooms="1" NumberOfAdults="2" /> </Rooms></SearchHotelPriceRequest></RequestDetails></Request>'; $ch = curl_init(); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_URL, 'https://62.218.28.13:8443/monWebService/Request/v2'); curl_setopt($ch, CURLOPT_POST, $data); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); $data = curl_exec($ch); curl_close ($ch); echo $data; ?> Hey! Can anyone help with this, is it possible to make a post to a remote website, so when the use runs the script it will post some information to a remote server and then grab some info it gets back in a get request or something along those lines? Hope someone can guide me to more info thanks! I need to make my client's site distinguish among different tabs in the same browser. (See http://www.phpfreaks.com/forums/index.php?topic=357772.0 for background.) I create a tab ID when the user first visits the site in a particular tab, and I'm passing it from page to page as a parameter. This seems to be the only way to do what I need. The tab ID is always passed through POST so that the user won't see it. If it were visible, users could make trouble (or more likely get in trouble) by adding or removing the ID themselves. This is not simple where a page is loaded by a hyperlink. The anchor tag passes parameters via GET, period. The solution I found is to link to a script named post.php, which takes the real link target and the tab ID as parameters, sends the browser a form that passes the tab ID to the real link target via POST, and auto-submits the form via JavaScript. This works, but it requires two round trips to the browser to load a page. It's also a pain to code. Is there a more efficient way to do this... perhaps a way to make the server send the browser a POST response, even though it made a GET request? If it matters, the server is Apache 2.x. Hi everyone, I am making a screen scraper in php which scrapes the usernames from forum posts and stores them in an SQL database. I need some help with part of the preg_match code if possible please? The code and also the pseudo code I have so far is:(the pseudocode I am having trouble with but will try to solve my self if possible). Edit: sorry, editted the page as was confusing to read. Please ask for clarificaiton if there is anything I have failed to explain properly. thank you. //I will be placing the following php in the confirmation page people see after making a new post, so for this example lets say the referrer header says: http://www.mysite.com/showthread.php?tid=1' Code: [Select] $threadurl=$_SERVER['HTTP_REFERER']; // scrape the page Code: [Select] $content = file_get_contents($threadurl); // find the pattern in source which makes it easy to find the username- the only things that change are the uid and the color Code: [Select] if (preg_match("/\b uid=792"><span style="color:#ffcc00">fapafap</span></a>\b /i", $content)) { //extract username from this string search Don't know! //copy the username (in this case 'fapafap') to the database along with the referral ID Code: [Select] $query_insert="INSERT INTO newpostersdatabase(username,referrerurl) VALUES('$username','$threadurl')" ; $result=mysql_query ( $query_insert); if(!$result){ die(mysql_error()); } Thank you so much for any guidance, I know that I have totally messed up with the string search also but my brain is too small it seems! Hey people of php freaks recently, I've been having issues changing a discord webhook [curl] post request to a website [curl] post request. My knowledge in PHP is very limited so, I really would appreciate some help This is the function:
function postToDiscord($message)
{
$data = array("content" => $message, "username" => "Payouts Bot");
$curl = curl_init("https://discordapp.com/api/webhooks/591662537293168650/eyme87xmCuKne4njucoDSqzojq78NaS9x7t4sgP9m-l5EmrvUeZegkM4wok-L-UdBDxo");
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($data));
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
return curl_exec($curl);
}
Currently the discord bot transfers the message into a discord channel and, I do not want that. I want it to transfer it onto a website page. As, I said i'm not very keen on this so please help me.
Edited July 3, 2019 by LegitSpiderman This topic has been moved to Third Party PHP Scripts. http://www.phpfreaks.com/forums/index.php?topic=359184.0 Hi, For about a month, I have been trying to figure out why my code will not return anything after posting a wwwForm (I have also tried the newer equivalent of this function but I had no luck with that either.) The nameField and passwordField are taken from text boxes within the game and the code used in my login script is copied and pasted from a Register script but I have changed the file location to the login.php file. The register script works fine and I can add new users to my database but the login script only outputs "Form Sent." and not the "present" that should return when the form is returned and it never gets any further than that point meaning that it lets the user through with no consequence if they use an invalid name because the script never returns an answer. What should I do to fix this? Thanks, Unity Code:
using System.Collections;
using UnityEngine;
using UnityEngine.UI;
using UnityEngine.Networking;
public class Login : MonoBehaviour
{
public InputField nameField;
public InputField passwordField;
public Button acceptSubmissionButton;
public void CallLogInCoroutine()
{
StartCoroutine(LogIn());
}
IEnumerator LogIn()
{
WWWForm form = new WWWForm();
form.AddField("username", nameField.text);
form.AddField("password", passwordField.text);
WWW www = new WWW("http://localhost/sqlconnect/login.php", form);
Debug.Log("Form Sent.");
yield return www;
Debug.Log("Present"); if (www.text[0] == '0')
{
Debug.Log("Present2");
DatabaseManager.username = nameField.text;
DatabaseManager.score = int.Parse(www.text.Split('\t')[1]);
Debug.Log("Log In Success.");
}
else
{
Debug.Log("User Login Failed. Error #" + www.text);
}
}
public void Validation()
{
acceptSubmissionButton.interactable = nameField.text.Length >= 7 && passwordField.text.Length >= 8;
}
}
login.php:
<?php
echo "Test String2";
$con = mysqli_connect('localhost', 'root', 'root', 'computer science coursework');
// check for successful connection.
if (mysqli_connect_errno())
{
echo "1: Connection failed"; // Error code #1 - connection failed.
exit();
}
$username = mysqli_escape_string($con, $_POST["username"]);
$usernameClean = filter_var($username, FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH);
$password = $_POST["password"];
if($username != $usernameClean)
{
echo "7: Illegal Username, Potential SQL Injection Query. Access Denied.";
exit();
}
// check for if the name already exists.
$namecheckquery = "SELECT username, salt, hash, score FROM players WHERE username='" . $usernameClean . "';";
$namecheck = mysqli_query($con, $namecheckquery) or die("2: Name check query failed"); // Error code # 2 - name check query failed.
if (mysqli_num_rows($namecheck) != 1)
{
echo "5: No User With Your Log In Details Were Found Or More Than One User With Your Log In Details Were Found"; // Error code #5 - other than 1 user found with login details
exit();
}
// get login info from query
$existinginfo = mysqli_fetch_assoc($namecheck);
$salt = $existinginfo["salt"];
$hash = $existinginfo["hash"];
$loginhash = crypt($password, $salt);
if ($hash != $loginhash)
{
echo "6: Incorrect Password"; // error code #6 - password does not hash to match table
exit;
}
echo "Test String2";
echo"0\t" . $existinginfo["score"];
?>
|
|||||||