|
PHP - How To Make 2fa Authentication By Sms, Call Voice Or Email,
how to make 2FA Authentication by sms, call voice or email, i want to to make a step 2 for security in my application si If a login to myaccount is attempted i want to initiate 2fa with choice of SMS , email or call with PIN then to validate it are there any PHP frameworks or services Open Source or paid that could deliver this functionality for me? i found Nexmo sms but it is for sms only and twilio authy.. does any one have any reccomndation? Similar TutorialsOVERVIEW: The code is about making call to the escreen web service using SOAP and Curl with client authentication required. Currently I am not getting any result only HTTP 403 and 500 errors. The call requires client authenticate cert to be on the callng site. CODE: $content = "<TicketRequest> <Version>1.0</Version> <Mode>Test</Mode> <CommitAction></CommitAction> <PartnerInfo> <UserName>xxxxxxxxxx</UserName> <Password>xxxxxxxxxxx</Password> </ PartnerInfo> <RequestorOrderID></RequestorOrderID> <CustomerIdentification> <IPAddress></IPAddress> <ClientAccount>xxxxxxxxxx</ClientAccount> <ClientSubAccount>xxxxxxxxxx</ClientSubAccount> <InternalAccount></InternalAccount> <ElectronicClientID></ElectronicClientID> </CustomerIdentification> <TicketAction> <Type></Type> <Params> <Param> <ID>4646</ID> <Value></Value> </Param> </Params> </TicketAction> </TicketRequest>"; $wsdl = "https://services.escreen.com/SingleSignOnStage/SingleSignOn.asmx"; $headers = array( "Content-type: text/xml;charset=\"utf-8\"", "Accept: text/xml", "Cache-Control: no-cache", "Pragma: no-cache", // "SOAPAction: \"\"", "Content-length: ".strlen($content), ); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $wsdl); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_VERBOSE, '1'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $content); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, '1'); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, '1'); //curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: text/xml")); curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); //curl_setopt($ch, CURLOPT_HTTPHEADER, array('SOAPAction: ""')); curl_setopt($ch, CURLOPT_CAPATH, '/home/pps/'); curl_setopt($ch, CURLOPT_CAINFO, '/home/pps/authority.pem'); curl_setopt($ch, CURLOPT_SSLCERT, 'PROTPLUSSOL_SSO.pem'); curl_setopt($ch, CURLOPT_SSLCERTPASSWD, 'xxxxxxxxxxxx'); $output = curl_exec($ch); // Check if any error occured if(curl_errno($ch)) { echo 'Error no : '.curl_errno($ch).' Curl error: ' . curl_error($ch); } print_r($output); QUESTIONS: 1. I need to call the RequestTicket method and pass the XML string to it. I don't know how to do it here(pass the method name to call). 2. For client authentication they gave us three certs, one root cert, one intermediate cert and a client authentication cert PROTPLUSSOL_SSOpem(it was a .pfx file). Since we are on linux we converted them to pem . In curl calls I could not find way to how to include both the root cert and the intermediate cert ,so I combined them by making a new pem file and copying the intermediate cert and them the root cert and naming it authority.pem . I am not sure whether it works or not and would like your opinion. 3. For the current code Iam getting the error Error no : 77 Curl error: error setting certificate verify locations: CAfile: /home/pps/authority.pem CApath: /home/pps/ If I disable the curl error message,I am getting blank page with page title 403 - Forbidden. Access is denied. If I comment out the CURLOPT_CAPATH and CURLOPT_CAINFO lines it gives http 500 error page with the message as content and the following at the top. > HTTP/1.1 500 Internal Server Error. Cache-Control: private Content-Type: text/html Server: Microsoft-IIS/7.5 X-AspNet-Version: 1.1.4322 X-Powered-By: ASP.NET Date: Thu, 02 Sep 2010 14:46:38 GMT Content-Length: 1208 If I comment out as above and also CURLOPT_SSLCERT and CURLOPT_SSLCERTPASSWD it gives 403 error with the message as content. So I would request you to help me out by pointing out whats wrong with the current code. Thank you. Hello everyone, I have a site where users sign up using an email address as their username. I want to be able to verify that their email address is valid without having to send them a confirmation email that they have to click some link in before they are allowed to sign in to the website. Maybe something that pings the email server for a specific address, and if the address is not valid, alert the user to enter a valid address. Does anyone have any ideas or information that you could point me to to assist me with this task? Thanks in advance for any help or ideas. Hi I am very new to PHP. I'm wanting a feedback form on my website where the form is sent via SMTP rather than sendmail. I have checked that php is working by doing this code: Code: [Select] <?php error_reporting(E_ALL); ini_set('display_errors', True); $path = '/home/****/php'; set_include_path(get_include_path() . PATH_SEPARATOR . $path); echo("<p>Sending PEAR Mail.php...</p>"); require('Mail.php'); $from = "Info <info@***.co.uk>"; $to = "Info <info@***.co.uk>"; $subject = "Hi - Test message!"; $body = "Hi,\n\nHow are you?"; $host = "mail.***.co.uk"; $username = "info@***.co.uk"; $password = "***"; $headers = array ('From' => $from, 'To' => $to, 'Subject' => $subject); $smtp = Mail::factory('smtp', array ('host' => $host, 'auth' => true, 'username' => $username, 'password' => $password)); $mail = $smtp->send($to, $headers, $body); if (PEAR::isError($mail)) { echo("<p>" . $mail->getMessage() . "</p>"); } else { echo("<p>Message successfully sent!</p>"); } ?> This works fine. I then created a form in my contact page: Code: [Select] <form name="feedbackform" action="form-mailer2.php" method="post"> <input type="hidden" name="Required" value="Name,Comments"> <p>Name: <input name="Name" size="30"> <span class="formsmall">required</span></p> <p>E-mail: <input name="Email" size="30"> <span class="formsmall">optional</span></p> <p>Feedback/Comments:</p> <p><textarea name="Comments" rows="5" cols="40"></textarea></p> <p><input type="submit" value="Submit" name="submitform"><input type="reset" value="Reset" name="reset"></p> </form> I then used the code based on the php initial example and the code file that would get the form details from the contact page and send to the email address via smtp. I have left the validations in - although if these are no good please feel free to tell me! I will want to put a captcha in but need to look into that yet. Anyway, the code I have created is now this (which is saved in the file form-mailer2.php): Code: [Select] <?php error_reporting(E_ALL); ini_set('display_errors', True); $path = '/home/****/php'; set_include_path(get_include_path() . PATH_SEPARATOR . $path); echo("<p>Sending PEAR Mail.php...</p>"); require('Mail.php'); $mailfrom = "info@***.co.uk"; $mailTo = "info@***.co.uk"; $mailSubject = "Web Feedback"; $mailHost = "mail.***.co.uk"; $mailPort = "25"; $mailAuth = "true"; $mailPassword = "****"; // Get the form fields. $name = $_POST['Name']; $email = $_POST['Email']; $comments = $_POST['Comments']; $reqFields = $_POST['Required']; // I find including the time/date useful for record-keeping. // Note that it is the web server's time/date, not yours // or the sender's. $date = date("l jS F Y, g:i A"); // A simple yet reasonably effective email address validator. if ((!ereg(".+\@.+\..+", $email)) || (!ereg("^[a-zA-Z0-9_@.-]+$", $email))) { $errorMessages .= "<li>Invalid email address: $email</li>"; } // Make sure required fields are filled in. $checkFields = explode(",",$reqFields); while(list($theField) = each($checkFields)) { if(!$$checkFields[$theField]) { $errorMessages .= "<li>Missing $checkFields[$theField]</li>"; } } // If there are errors, display them and a back button. if($errorMessages) { ?> <p>Errors were found on the form.</p> <ul> <?php echo $errorMessages; ?> </ul> <p><input type="button" value="Back" onClick="history.back()"></p> <?php } // No errors, send the message and print out success message. else { // Build the email. $body = " Name: $Name Email: $Email Phone: $Phone ----- Comments ----- $Comments -------------------- $headers["From"] = $mailTo; $headers["To"] = $mailTo; $headers["Subject"] = $mailSubject; $params["host"] = $mailHost; $params["port"] = $mailPort; $params["auth"] = $mailAuth; $params["username"] = $mailTo; $params["password"] = $mailPassword; $headers = array ('From' => $from, 'To' => $to, 'Subject' => $subject); $smtp = Mail::factory('smtp', array ('host' => $host, 'auth' => true, 'username' => $username, 'password' => $password)); $mail = $smtp->send($mailTo, $headers, $body); if (PEAR::isError($mail)) { echo("<p>" . $mail->getMessage() . "</p>"); } else { echo("<p>Message successfully sent!</p>"); } // I would rather redirect to a different thank you page but both of next options don't work when taking out: echo("<p>Message successfully sent!</p>"); //RedirectToURL("thank-you.php"); or header(Location: "thank-you.php" ); ?> Depending on what I change about I either get: The website cannot display the page or a list of undefinable variables. If anyone is able to understand the php and notice where the problem lies I would be so grateful. Thank you. hi friends, I am using one API in which i need to make request for flight search, i am using soapclient to connect with the server to fetch available flights, below is the xml in which request format will be. SOAP 1.1 The following is a sample SOAP 1.1 request. The placeholders shown need to be replaced with actual values. POST /tws_mind/Ws_TravelPortal.asmx HTTP/1.1 Host: 125.16.62.119 Content-Type: text/xml; charset=utf-8 Content-Length: length SOAPAction: "http://tempuri.org/Ws_fnAirAvail" <?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Ws_fnAirAvail xmlns="http://tempuri.org/"> <objReq> <destination> <string>string</string> <string>string</string> </destination> <domestic>boolean</domestic> <journeydate> <dateTime>dateTime</dateTime> <dateTime>dateTime</dateTime> </journeydate> <journeytype>string</journeytype> <Noofadults>int</Noofadults> <Noofchild>int</Noofchild> <Noofinfant>int</Noofinfant> <preferedairlines> <string>string</string> <string>string</string> </preferedairlines> <preferredclass>string</preferredclass> <returndate>dateTime</returndate> <source> <string>string</string> <string>string</string> </source> <strPreferredCarrierType>string</strPreferredCarrierType> <GetCachedData>boolean</GetCachedData> </objReq> <objSecurity> <strLoginId>string</strLoginId> <strPassword>string</strPassword> </objSecurity> </Ws_fnAirAvail> </soap:Body> </soap:Envelope> and below is the request which is made by me. $request=array( 'objReq'=>array('destination' => "DEL", 'domestic' => 1, 'journeydate'=>"25/10/2011", 'journeytype'=>"R", 'Noofadults'=>2, 'Noofchild'=>0, 'Noofinfant'=>0, 'preferedairlines'=>"", 'preferredclass'=>"Y", 'returndate'=>"28/10/2011", 'source'=>"BLR", 'strPreferredCarrierType'=>"ANY", 'GetCachedData'=>false ) 'objSecurity'=>array('strLoginId'=>"loginid", 'strPassword'=>"password" ) ); $wsdl="http://*/*/?wsdl"; try{ $cliente=new SoapClient($wsdl); $vem=$cliente->Ws_fnAirAvail($request); } catch (Exception $e) { echo $e->getMessage(); exit; } echo "<pre>"; print_r($vem); My problem is i am getting below response, if i change the request in anyway i always get the same response. Please correct my request in case i made bad request for the server. stdClass Object ( [Ws_fnAirAvailResult] => stdClass Object ( [objclsException] => stdClass Object ( [errorcode] => GEN0E0006 [errortype] => E [errordesc] => Please provide Security object. ) [strMessage] => ) ) Hello all I have a php and jquery/ajax call I am using to create a file/send an email. I get all the contents from my textboxes but I want a message to display on the screen afterwards being success or fail. In my .ajax call My call is exiting right before the ‘success:’ part. Why is my call not succeeding? Any tips/help will be appreciated Thank you
Html page just a form with a submit button
$(document).ready(function () {
var form = $("#formData");
$(form).on("submit", function (event) {
event.preventDefault();
$.ajax({
type: "post",
url: "file.php",
data: $(this).serialize(),
beforeSend: function () {
$("#status").html('<span style="color:red;">Loading everything actually creating a .TXT file of contents...</span>') //--works
},
success: function (data) {
var responseMsgType = "alert-" + data.type;
var responseMsgText = data.message;
// message below
var alertBox = '<div class="alert ' + responseMsgType + ' alert-dismissable"><button type="button" class="close" ' +
'data-dismiss="alert" aria-hidden="true">×</button>' + responseMsgText + '</div>';
if (responseMsgType && responseMsgText) {
$(form).find(".successArea").html(alertBox);
$(form)[0].reset();
}
}
});
return false;
});
<?php
$controls = array('txtName' => 'Name', 'txtEmail' => 'Email', 'txtSubject' => 'Subject', 'txtMessage' => 'Message');
try {
if(count($_POST)==0) { throw new \Exception ('Contact Form Message is empty'); }
$headers = array('Content-Type: text/plain; charset="UTF-8";',
'From: ' . $email,
'Reply-To: ' . $email,
'Return-Path: ' .$email);
$emailMessage = "You have a new message from your contact form" . PHP_EOL;
$emailMessage .= "-------------------------------------------------------" . PHP_EOL;
foreach($_POST as $key => $value){
if(isset($controls[$key])) {
$emailMessage .= "$controls[$key]: $value". PHP_EOL;
}
}
$mailMsg = "email6.txt";
if(file_exists($filename) == false) {
$fh = fopen($mailMsg, "w");
fwrite($fh, $headers);
fwrite($fh, $emailMessage);
fclose($fh);
} else {
$fhexists = fopen($filename, "a");
fwrite($fhexists, $content);
fclose($fhexists);
}
$responseMessage = array("type" => "success", "message" => $successMessage);
}
catch (\Exception $ex) {
$responseMessage = array("type" => "errorM", "message" => $errorMessage);
}
if(!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
$encodedJSON = json_encode($responseMessage);
header("Content-Type: application/json");
echo $encodedJSON;
} else {
echo $responseMessage["message"];
}
Trying to write a webapp in PHP which works similar to VocalPitchMonitor app (Android) with some added features. But capturing voice and display it as wave format is possible in PHP? Is there any example script for this?
Good day. I have used an open source form, but I would like to know how to make it into a functional email form (so the form values are sent to an email address). As you can see, there is already a section at the bottom for contact details and a "submit" button, but it is not working. I see that there is no value set for the form action here etc. <form action="" id="cakeform" onsubmit="return false;"> Not sure how to make this a functional email form. Any help would be appreciated. URL of form: http://kmkwebdevelopment.com/clients/test/piano-moving-estimate-uprights.html Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/sidebar.dwt" codeOutsideHTMLIsLocked="false" --> <head> <link rel="icon" href="favicon.ico" type="image/x-icon" /> <link rel="shortcut icon" href="favicon.ico" type="image/x-icon" /> </head> <body> <script type="text/javascript" src="js/formcalculations.js"></script> <link href="styles/quoteform.css" rel="stylesheet" type="text/css" /> </head> <body onload='hideTotal()'> <div id="wrap"> <form action="" id="cakeform" onsubmit="return false;"> <div> <div class="cont_order"> <fieldset> <legend>Piano Moving Estimate For Upright Pianos</legend> <label ><span style="font-size:18px; color:#900">STEP 1:</span> Please select the size of your piano:</label> <img style="margin-top:15px" src="images/small-piano-upright.jpg" alt="small upright piano" /> <label style="float:right; margin-right:202px; margin-top:30px" class='radiolabel'><input type="radio" name="selectedcake" value="Round6" onclick="calculateTotal()" /> Small (Aka: Spinet, Console) <span style="font-weight:bold">$100</span></label> <br/> <img style="margin-top:15px" src="images/medium-piano-upright.jpg" alt="medium upright piano" /> <label style="float:right; margin-right:196px; margin-top:30px" class='radiolabel'><input type="radio" name="selectedcake" value="Round8" onclick="calculateTotal()" /> Medium (Aka: Studio, Upright) <span style="font-weight:bold">$120</span></label><br/> <img style="margin-top:15px" src="images/large-piano-upright.jpg" alt="large upright piano" /> <label style="float:right; margin-right:114px; margin-top:30px" class='radiolabel'><input type="radio" name="selectedcake" value="Round10" onclick="calculateTotal()" /> Large (Aka: Full Size, Cabinet/Grand Upright) <span style="font-weight:bold">$150</span></label><br/> <br/> <label ><span style="font-size:18px; color:#900">STEP 2:</span> Enter pick up and destination addresses:</label> <br/> <p style="color:#900; font-weight:bold">PICK UP LOCATION:</p> <label style="margin-left:15px; font-weight:normal" class="inlinelabel">Street Address:</label> <input style="margin-left:10px" type="text" value="" /><br /> <label style="margin-left:15px; font-weight:normal" class="inlinelabel">City:</label> <input style="margin-left:71px" type="text" value="" /> <br /><br /> <p style="color:#900; font-weight:bold">DESTINATION LOCATION:</p> <label style="margin-left:15px; font-weight:normal" class="inlinelabel">Street Address:</label> <input style="margin-left:10px" type="text" value="" /><br /> <label style="margin-left:15px; font-weight:normal" class="inlinelabel">City:</label> <input style="margin-left:71px" type="text" value="" /> <br /><br /> <label style="margin-left:15px">Approximate distance between "pickup location" and "destination"</label> <br /> <select style="margin-left:135px" id="filling" name='filling' onchange="calculateTotal()"> <option value="None">Choose Distance:</option> <option value="Lemon">1 - 10km ($30)</option> <option value="Custard">11 - 20km ($45)</option> <option value="Fudge">21 - 30km ($60)</option> <option value="Mocha">31 - 40km ($80)</option> </select> <br/><br /> <label ><span style="font-size:18px; color:#900">STEP 3:</span> Is this a player piano?</label> <br /> <select style="margin-left:135px" id="filling2" name='filling2' onchange="calculateTotal()"> <option value="Raspberry">No</option> <option value="Pineapple">Yes ($30)</option> </select> <br/><br /> <label ><span style="font-size:18px; color:#900">STEP 4:</span> Are stairs involved? If so, please select from the diagram below:</label> <br /> <select style="margin-left:135px" id="filling3" name='filling3' onchange="calculateTotal()"> <option value="None2">None</option> <option value="Dobash">Stairway A ($5)</option> <option value="Mint">Stairway B ($10)</option> <option value="Cherry">Stairway C ($15)</option> <option value="Apricot">Stairway D ($20)</option> <option value="Buttercream">Stairway E ($25)</option> </select> <br /><br /> <img src="images/stairs.jpg" alt="stairs" /> <br/><br /> <div id="totalPrice"></div> <br /> <p style="color:#000"><span style="font-size:18px; color:#900">NOTE:</span> This estimate form is to be used as a cost "approximation" only. When speaking with one of our staff, this estimate may be altered.</p> </fieldset> </div> <div class="cont_details"> <fieldset> <legend>Contact Details</legend> <label for='name'>Name</label> <input type="text" id="name" name='name' /> <br/> <label for='address'>Address</label> <input type="text" id="address" name='address' /> <br/> <label for='phonenumber'>Phone Number</label> <input type="text" id="phonenumber" name='phonenumber'/> <br/> </fieldset> </div> <input type='submit' id='submit' value='Submit' onclick="calculateTotal()" /> </div> </form> Hi, I am using the following PHP email code, and when I send it to my Gmail account it works fine, but some servers are blocking this email and are not being received. How can I tweak it to make it more compatible? Code: [Select] $headers = "From: $row_o_email[email] \r\n"; $headers .= "BCC: $row_o_email[email] \r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; $to = $row_e['email']; mail($to, "subject", " email body ", $headers); This topic has been moved to Miscellaneous. http://www.phpfreaks.com/forums/index.php?topic=349030.0 I'm a beginner in PHP I was wondering if this is easy to do or if i'd have to outsource this to a programmer - Basically when a user fills in the PHP Form and submits it I need this to generate as a PDF which will then email/attach to MY email and NOT the user who submitted this form. I have looked at tcpdf, fpdi but i dont think any of those scripts allow me to do this specifically as from what i heard it generates a download link for the user, and that is not what i need. If anyone can help me it would be greatly appreciated. Hi, I have a regular MySQL query that displays it's results to the screen in a browser as an HTML table, all nice and fruity. The managers who use this function like to send out the results to staff, currently they simply take a screen shot and paste it into an email to send out to everyone - quite an overhead on the email system, company network, not to mention the time taken to do the screen shot and paste it into an email in the first place. It would be good if I could include a standard HTML form button (preferably) or link on the results page to shove the displayed results to Outlook as an email, that contains the table all ready for the manager to add in what ever they want to the email and then send (usually to 'all@mysite.com' but it would be useful if they could change or add to this as they see fit). This is kind of what happens with a normal mailto HTML tag, except I want it to contain the MySQL query result too. This is the existing table output routine (something I inherited): Code: [Select] /* Output data into a HTMl table */ echo "<p>"; echo "<table align=center width=800 border=\"1\">"; echo "<tr>"; echo "<td BGCOLOR=\"#ffcc00\"><strong>Agent name</strong></td> <td BGCOLOR=\"#ffcc00\"><strong>Number of calls made / handled</strong></td> <td BGCOLOR=\"#ffcc00\"><strong>Average call minutes</strong></td> <td BGCOLOR=\"#ffcc00\"><strong>Total mins (inc hours + secs rounded)</strong></td> </tr>"; while($row = mysql_fetch_row($numresults)) { echo "<tr>"; for($i=0; $i < mysql_num_fields($numresults); $i++) { echo "<td align=center width=443>$row[$i]</td>"; } echo "</tr>\n"; } echo "</table></p>"; This topic has been moved to Other Libraries and Frameworks. http://www.phpfreaks.com/forums/index.php?topic=319682.0 I can call the following function successfully as a single php program // Acknowledge and clear the orders function ack($client, $merchant, $id) { $docs = array('string' => $id); $params = array('merchant' => $merchant, 'documentIdentifierArray' => $docs); $result = $client->call('postDocumentDownloadAck', $params); return $result; } with $result = ack($t, $merchant,'2779540483'); successful output [documentDownloadAckProcessingStatus] => _SUCCESSFUL_ [documentID] => 2779540483 I'm trying to figure out how to call this function as an object from another program. Trying the following gives error ***Call to a member function call() on a non-object*** function postDocumentDownloadAck($t, $merchant, $id) { $this->error = null; $docs = array('string' => $this->id); $params = array('merchant' => $this->merchant, 'documentIdentifierArray' => $docs); ** I've tried the following which does nothing $result = $this->soap->call('postDocumentDownloadAck', $params); ** I've tried the following - which gives error "Call to a member function call() on a non-object" $result = $this->t->soap->call('postDocumentDownloadAck', $params); if($this->soap->fault) { $this->error = $result; return false; } return $result; } *** calling program snippet for above function $merchant= array( "merchant"=> $merchantid, "merchantName" => $merchantname, "email"=> $login, "password"=> $password); $t = new AmazonMerchantAPI($merchantid, $merchantname, $login, $password); $documentlist= $t->GetAllPendingDocumentInfo('_GET_ORDERS_DATA_'); $docid = $documentlist['MerchantDocumentInfo'][$i]['documentID']; $docs = array('string' => $docid); $ackorders = $t->postDocumentDownloadAck($t, $merchant,$docs); Any ideas of what I'm doing wrong are greatly appreciated. i wanting users to be able to update there email address and check to see if the new email already exists. if the email is the same as current email ignore the check. i have no errors showing up but if I enter a email already in the db it still accepts the new email instead of bringing the back the error message. Code: [Select] // email enterd from form // $email=$_POST['email']; $queryuser=mysql_query("SELECT * FROM members WHERE inv='$ivn' ") or die (mysql_error()); while($info = mysql_fetch_array( $queryuser )) { $check=$info['email']; // gets current email // } if($check!=$email){ // if check not equal to $email check the new email address already exists// $queryuser=mysql_query("SELECT * FROM members WHERE email='$email' "); //$result=mysql_query($sql); $checkuser=mysql_num_rows($queryuser); if($checkuser != 0) { $error= "0"; header('LOCATION:../pages/myprofile.php?id='.$error.''); } } cheers Hello phpfreaks.com, ive been wondering all week howto do so. If i make a mysql_query and chooses all emails, i only get my own. But how can i choose all the users registered in the database`? best regards William Pfaffe I am currently doing the following but wish to change to using JWTs. A webserver is running some CRM system which has its own authentication system and browsers can access public routes without logging and but must log on first to access private routes. All the routes on the webserver which are prefixed by "api" will be forwarded to specific REST API along with an "account" GUID in the header and the user's ID if it exists. For the routes that require a user to be logged in, the webserver will first check if a session exists, and if not make a preliminary GET request to the REST API which includes the GUID as well as the user's ID and encrypted password (both based on the webserver's CRM DB) in the URL. Not sure whether anything is possible by including the hashed password and am currently not doing anything with it. The REST API queries the DB using the GUID and webserver's user ID and returns the REST API's users ID and the webserver stores it in a session. The REST API receives the GUID and potentially the REST API's user ID and queries the DB to retrieve the account and potentially user before executing the route, and returns the response to the webserver which it returns it to the browser.The new approach might be something like the following: Before the webserver forwards any request to the REST API, it checks if a session is set, and if not performs a GET request to the REST API along with the GUID and if known user's credentials in the URL and receives a JWT which contains a payload including the account PK, and potentially the user PK, user's access level, etc. All future requests include this JWT in the header. The REST API no longer queries the DB to get the account ID and user authorized settings as it is provided in the JWT.A couple of questions: What should be done if a non-logged on user first accesses a public route, gets a JWT, and stores it in a session, but then later logs on and accesses a private route? The webserver thinks it has a valid JWT and will send it but the REST API will then decrypt it and find there is no user it. One option is for the webserver to use two sessions, but this sounds kludgy. Or maybe the REST API returns some header which instructs the webserver to re-authenticate, but not sure if even an option, and if so how to cleanly prevent some loop. Also, would it be necessary to issue a new JWT or can the payload in a JWT be changed? Is GET appropriate for requesting the JWT's or should I use some other method? Is it appropriate to include the user's access level in the JWT payload? Will one need to wait until the JWT has expired before their access level changes? Any ideas how to deal with using the user's password on the CRM to also authenticate on the REST API? The GUID is probably secret enough for the application and if an issue, can just use the GUID and username. Am I going down an reasonable path and anything else obvious I should be considering?Thanks! Hi all, I have an authentication part on my website that checks every page through a session variable if a user is logged in and which user it is. When I test my code on my computer it works perfectly registration and login goes smooth but when someone on another computer tries it they get the acces denied page.... does anyone know why??? Greets Ryflex Hello, I've been trying this for hours now, looking at different examples and trying to change them to work for me, but with no luck... This is what I am trying to do: I have a simple form with: - 1 input field, where I can enter a number - 1 Submit Button When I enter a number into the field and click submit, I want that number to be send to the php file that is in the ajax call, then the script will take that number and run a bunch of queries and then return a new number. I want that new number to be used to call the php script via ajax again, until no number is returned, or something else is returned like the word "done" or something like that, at which point is simply makes an alert or populated a div with a message... The point is, that depending on the number entered it could take up to an hour to complete ALL the queries, so I want the script that is called to only run a fixed amount of queries at a time and then return the number it is currently at (+1), so that it can continue with the next number when it is called again. I would like to use jquery, but could also be any other way, as long as I get this to work. I already have the php script completed that needs to be called by the ajax, it returns a single number when being called. Thank you, vb |
|||||||