First question! Woho!
I'm currently coding a Dashboard for a Discord bot in PHP.
Recently, when trying to select a server, it would only display 3 malfunctioning items. So I checked the complete array using print_r() and it turned out it rate-limited me.
Now, I got no idea why that happened, as I'm the only person on the server. So what am I doing wrong? Here is the code for listing the selection page:
$all = DiscordAPI("/users/#me/guilds");
foreach ($all as $guild) {
echo "<a href='/?server=" . $guild['id'] . "'><p>";
if ($guild['icon']) {
if (substr($guild['icon'], 0, 2) == "a_") {
echo "<img class='server-icon' src='https://cdn.discordapp.com/icons/" . $guild['id'] . "/" . $guild['icon'] . ".gif?size=64'>";
} else {
echo "<img class='server-icon' src='https://cdn.discordapp.com/icons/" . $guild['id'] . "/" . $guild['icon'] . ".webp?size=64'>";
}
} else {
$words = explode(" ", $guild['name']);
$acronym = "";
foreach ($words as $w) {
$acronym .= $w[0];
}
echo "<img class='server-icon' src='https://cdn.statically.io/avatar/s=64/" . $acronym . "'>";
}
echo $guild['name'];
echo "</p></a>";
}
And here is the code for the DiscordAPI() function:
function DiscordAPI($endpoint)
{
if (!$_SESSION['token']) {
die("No token provided");
}
$ch = curl_init("https://discord.com/api" . $endpoint);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
"Authorization: Bearer " . $_SESSION['token']
));
$data = curl_exec($ch);
curl_close($ch);
return json_decode($data, true);
}
There are 2 API calls before this code to verify that there is a valid token.
Quick sidenote: I got Autism, so I might understand stuff a bit differently. Don't be scared to ask if I worded something hard to understand. Thank you for trying to understand me.
Can be found there many resources on Internet with the same code and instructions about how to show your MailChimp subscriber count in WordPress. I used that code without problems until today, when received an PHP Warning:
PHP Warning: Missing argument 2 for Mailchimp::call(), called in
/.../mc-subscriber-count/mc-subscriber-count.php on line 19 and
defined in /.../mc-subscriber-count/Mailchimp.php on line 192
The mc-subscriber-count.php full code:
function wpb_mc_sub_count() {
include "Mailchimp.php";
$lastRunLog = __DIR__ . '/logs/lastrun.log';
$subfile = __DIR__ . '/logs/subcount.log';
$lastRun = file_get_contents( $lastRunLog );
if ( time() - $lastRun >= 86400 ) {
$MailChimp = new MailChimp( 'Your_MailChimp_API_Key' );
$mc = $MailChimp->call( 'lists/list' ); // THE LINE 19
/*****************************************************/
$subscriber_count .= $mc[data][0][stats][member_count];
file_put_contents( $lastRunLog, time() );
file_put_contents( $subfile, $subscriber_count );
} else {
$subscriber_count .= file_get_contents( $subfile );
}
return number_format( $subscriber_count );
}
add_shortcode( 'mc-subscribers', 'wpb_mc_sub_count' );
add_filter( 'widget_text', 'do_shortcode' );
The Mailchimp.php code (only the function from the line 192 - full code here):
public function call($url, $params) {
$params['apikey'] = $this->apikey;
$params = json_encode($params);
$ch = $this->ch;
curl_setopt($ch, CURLOPT_URL, $this->root . $url . '.json');
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
curl_setopt($ch, CURLOPT_VERBOSE, $this->debug);
$start = microtime(true);
$this->log('Call to ' . $this->root . $url . '.json: ' . $params);
if($this->debug) {
$curl_buffer = fopen('php://memory', 'w+');
curl_setopt($ch, CURLOPT_STDERR, $curl_buffer);
}
$response_body = curl_exec($ch);
$info = curl_getinfo($ch);
$time = microtime(true) - $start;
if($this->debug) {
rewind($curl_buffer);
$this->log(stream_get_contents($curl_buffer));
fclose($curl_buffer);
}
$this->log('Completed in ' . number_format($time * 1000, 2) . 'ms');
$this->log('Got response: ' . $response_body);
if(curl_error($ch)) {
throw new Mailchimp_HttpError("API call to $url failed: " . curl_error($ch));
}
$result = json_decode($response_body, true);
if(floor($info['http_code'] / 100) >= 4) {
throw $this->castError($result);
}
return $result;
}
How to solve that warning?
UPDATE
I forgot to mention that I see that there is missing a second argument, but I don't understand what this second argument can be.
P.S. I am not a PHP coder, so don't beat me.
After the received comments I analysed repeatedly the above two functions and decided to add as a second parameter to the line 19 the `$params` variable, so it looks now like this:
$mc = $MailChimp->call( 'lists/list', $params );
I don't know if this is the correct way, but I will wait now for errors, if will be some there.
UPDATE
Because I received here only downvotes instead of help (but it doesn't matter) and my first solution doesn't worked (see the deleted text), I googled again and finally I found a better one (I hope) to display the MailChimp subscribers count in Wordpress. I just wrapped the recommended code in a shortcode like this:
function wpb_mc_sub_count() {
$api['key']= 'INSERT-YOUR-API-KEY-HERE';
$url='https://INSERT-YOUR-US-DOMAIN-KEY.api.mailchimp.com/3.0//lists/INSERT-YOUR-LISTID-HERE/?apikey=INSERT-YOUR-API-KEY-HERE';
$lastRunLog = '/logs/lastrun.log';
$subfile = '/logs/subcount.log';
$lastRun = file_get_contents($lastRunLog);
if (time() - $lastRun >= 3600) {
// it's been more than one hour so we will connect to the API
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_URL,$url);
$result=curl_exec($ch);
curl_close($ch);
$json = json_decode($result, true);
$total= $json['stats']['member_count'];
// update lastrun.log with current time
file_put_contents($lastRunLog, time());
file_put_contents($subfile, $total);
} else {
$total = file_get_contents($subfile);
}
//echo $total;
return $total;
}
add_shortcode( 'mc-subscribers', 'wpb_mc_sub_count' );
//add_filter( 'widget_text', 'do_shortcode' );
Just put the [mc-subscribers] shortcode where you want to display your MailChimp subscribers count.
I'm trying to write a vat number validation function which checks a vat number to see if it's valid.
Currently i've got this
function tep_check_vatnum($countries_id, $vatnum) {
$country = tep_get_countries_with_iso_codes($countries_id);
$iso = $country['countries_iso_code_2'];
if($iso == "GB"){
return false;
} else {
$url = "http://isvat.appspot.com/$iso/$vatnum";
$session = curl_init();
curl_setopt($session, CURLOPT_URL, $url);
// curl_setopt($session, CURLOPT_HTTPGET, 1);
// curl_setopt($session, CURLOPT_HEADER, false);
// curl_setopt($session, CURLOPT_HTTPHEADER, array('Accept: application/xml', 'Content-Type: application/xml'));
curl_setopt($session, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($session);
//echo "<!-- NOTE:" . $response . "-->";
curl_close($session);
if($response == "true"){
return true;
} else {
return false;
}
}
}
The service i'm using http://isvat.appspot.com is working, But it's not working.
EDIT
Hmm no luck. By not working, it keeps giving me an error saying the vat number isn't valid. On the create account form i've got this code.
<?php echo tep_draw_input_field('vatnum', '', 'class="input"') . ' ' . (tep_not_null(ENTRY_COMPANY_TEXT) ? '<span class="inputRequirement">' . ENTRY_COMPANY_TEXT . '</span>': ''); ?>
if (is_numeric($country) == false) {
$error = true;
$messageStack->add('create_account', ENTRY_COUNTRY_ERROR);
} else {
if(strlen($vatnum) != 0){
if(is_numeric($vatnum) == false || tep_check_vatnum($country, $vatnum) == false){
$error = true;
$messageStack->add('create_account', "VAT Number is not a valid EU, non-UK VAT no.");
}
}
I guess there might be a problem invoking cURL. The good news is, you probably don't need to. ;) Give this a try:
function tep_check_vatnum($countries_id, $vatnum) {
$country = tep_get_countries_with_iso_codes($countries_id);
$iso = $country['countries_iso_code_2'];
if($iso == "GB"){
return false;
} else {
$url = "http://isvat.appspot.com/$iso/$vatnum";
$context = stream_context_create(array(
'http' => array(
'proxy' => 'http://PROXY_IP:PROXY_PORT'
),
));
$fp = fopen($url,'r',$context);
$response = fgets($fp);
fclose($fp);
//echo "<!-- NOTE:" . $response . "-->";
if($response == "true"){
return true;
} else {
return false;
}
}
}
It should work even if you don't have the cURL extension enabled.
Edit: As Michas said, it is difficult to find the problem with your original code without knowing what you mean by "not working". You could try to get some more information about the problem by stating error_reporting(E_ALL) or curl_error($session).
Possible causes: cURL is not installed or configured correctly or a proxy or firewall is blocking your request. While the code I suggested would eliminate the first one, the second one might also apply using it, depending on your settings.
Edit 2: Added simple proxy configuration
Sorry for the long code, I'm really losing it.
This code is supposed to get a list of urls through POST, in a textarea with breaklines between each url. The script should download each url, go through the html and take some links, then go in those links, get some data and echo it out.
For some reason, visually it looks as if I'm running getDetails() only once, as I'm getting only one set of results.
I have checked multiple times if the foreach loop takes each url separately and that part is working
Can anyone spot the problem?
require_once('simple_html_dom.php');
function getDetails($html) {
$dom = new simple_html_dom;
$dom->load($html);
$title = $dom->find('h1', 0)->find('a', 0);
foreach($dom->find('span[style="color:#333333"]') as $element) {
$address = $element->innertext;
}
$address = str_replace("<br>"," ",$address);
$address = str_replace(","," ",$address);
$title->innertext = str_replace(","," ",$title->innertext);
if ($address == "") {
$exp = explode("<strong><strong>",$html);
$exp2 = explode("</strong>",$exp[1]);
$address = $exp2[0];
}
echo $title->innertext . "," . $address . "<br>";
}
function getHtml($Url) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $Url);
curl_setopt($ch, CURLOPT_REFERER, "http://www.google.com/");
curl_setopt($ch, CURLOPT_USERAGENT, "MozillaXYZ/1.0");
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
$output = curl_exec($ch);
curl_close($ch);
return $output;
}
function getdd($u) {
$html = getHtml($u);
$dom = new simple_html_dom;
$dom->load($html);
foreach($dom->find('a') as $element) {
if (strstr($element->href,"display_one.asp")) {
$durls[] = $element->href;
}
}
return $durls;
}
if (isset($_POST['url'])) {
$urls = explode("\n",$_POST['url']);
foreach ($urls as $u) {
$durls2 = getdd($u);
$durls2 = array_unique($durls2);
foreach ($durls2 as $durl) {
$d = getHtml("http://www.example.co.il/" . $durl);
getDetails($d);
}
}
}
You're only assigning the last element in the loop, it looks like. You'll need to concatenate. Something like $address .= $element->innertext; inside the loop (note the .= instead of =).
edit: unless I'm mistaking what it's supposed to be doing. I think I may've been focusing on the wrong part of the code.
When you use DOMDocument on html you load it with $dom->loadHTMLFile() or $dom->loadHTML() you should also call libxml_use_internal_errors(true) before hand so that it will not crash because of improperly formatted html.
I have implemented a function that runs on each page that I want to restrict from non-logged in users. The function automatically redirects the visitor to the login page in the case of he or she is not logged in.
I would like to make a PHP function that is run from a exernal server and iterates through a number of set URLs (array with URLs that is for each protected site) to see if they are redirected or not. Thereby I could easily make sure if protection is up and running on every page.
How could this be done?
Thanks.
$urls = array(
'http://www.apple.com/imac',
'http://www.google.com/'
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
foreach($urls as $url) {
curl_setopt($ch, CURLOPT_URL, $url);
$out = curl_exec($ch);
// line endings is the wonkiest piece of this whole thing
$out = str_replace("\r", "", $out);
// only look at the headers
$headers_end = strpos($out, "\n\n");
if( $headers_end !== false ) {
$out = substr($out, 0, $headers_end);
}
$headers = explode("\n", $out);
foreach($headers as $header) {
if( substr($header, 0, 10) == "Location: " ) {
$target = substr($header, 10);
echo "[$url] redirects to [$target]<br>";
continue 2;
}
}
echo "[$url] does not redirect<br>";
}
I use curl and only take headers, after I compare my url and url from header curl:
$url="http://google.com";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_TIMEOUT, '60'); // in seconds
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_NOBODY, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$res = curl_exec($ch);
if(curl_getinfo($ch)['url'] == $url){
echo "not redirect";
}else {
echo "redirect";
}
You could always try adding:
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
since 302 means it moved, allow the curl call to follow it and return whatever the moved url returns.
Getting the headers with get_headers() and checking if Location is set is much simpler.
$urls = [
"https://example-1.com",
"https://example-2.com"
];
foreach ($urls as $key => $url) {
$is_redirect = does_url_redirect($url) ? 'yes' : 'no';
echo $url . ' is redirected: ' . $is_redirect . PHP_EOL;
}
function does_url_redirect($url){
$headers = get_headers($url, 1);
if (!empty($headers['Location'])) {
return true;
} else {
return false;
}
}
I'm not sure whether this really makes sense as a security check.
If you are worried about files getting called directly without your "is the user logged in?" checks being run, you could do what many big PHP projects do: In the central include file (where the security check is being done) define a constant BOOTSTRAP_LOADED or whatever, and in every file, check for whether that constant is set.
Testing is great and security testing is even better, but I'm not sure what kind of flaw you are looking to uncover with this? To me, this idea feels like a waste of time that will not bring any real additional security.
Just make sure your script die() s after the header("Location:...") redirect. That is essential to stop additional content from being displayed after the header command (a missing die() wouldn't be caught by your idea by the way, as the redirect header would still be issued...)
If you really want to do this, you could also use a tool like wget and feed it a list of URLs. Have it fetch the results into a directory, and check (e.g. by looking at the file sizes that should be identical) whether every page contains the login dialog. Just to add another option...
Do you want to check the HTTP code to see if it's a redirect?
$params = array('http' => array(
'method' => 'HEAD',
'ignore_errors' => true
));
$context = stream_context_create($params);
foreach(array('http://google.com', 'http://stackoverflow.com') as $url) {
$fp = fopen($url, 'rb', false, $context);
$result = stream_get_contents($fp);
if ($result === false) {
throw new Exception("Could not read data from {$url}");
} else if (! strstr($http_response_header[0], '301')) {
// Do something here
}
}
I hope it will help you:
function checkRedirect($url)
{
$headers = get_headers($url);
if ($headers) {
if (isset($headers[0])) {
if ($headers[0] == 'HTTP/1.1 302 Found') {
//this is the URL where it's redirecting
return str_replace("Location: ", "", $headers[9]);
}
}
}
return false;
}
$isRedirect = checkRedirect($url);
if(!$isRedirect )
{
echo "URL Not Redirected";
}else{
echo "URL Redirected to: ".$isRedirect;
}
You can use session,if the session array is not set ,the url redirected to a login page.
.
I modified Adam Backstrom answer and implemented chiborg suggestion. (Download only HEAD). It have one thing more: It will check if redirection is in a page of the same server or is out. Example: terra.com.br redirects to terra.com.br/portal. PHP will considerate it like redirect, and it is correct. But i only wanted to list that url that redirect to another URL. My English is not good, so, if someone found something really difficult to understand and can edit this, you're welcome.
function RedirectURL() {
$urls = array('http://www.terra.com.br/','http://www.areiaebrita.com.br/');
foreach ($urls as $url) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// chiborg suggestion
curl_setopt($ch, CURLOPT_NOBODY, true);
// ================================
// READ URL
// ================================
curl_setopt($ch, CURLOPT_URL, $url);
$out = curl_exec($ch);
// line endings is the wonkiest piece of this whole thing
$out = str_replace("\r", "", $out);
echo $out;
$headers = explode("\n", $out);
foreach($headers as $header) {
if(substr(strtolower($header), 0, 9) == "location:") {
// read URL to check if redirect to somepage on the server or another one.
// terra.com.br redirect to terra.com.br/portal. it is valid.
// but areiaebrita.com.br redirect to bwnet.com.br, and this is invalid.
// what we want is to check if the address continues being terra.com.br or changes. if changes, prints on page.
// if contains http, we will check if changes url or not.
// some servers, to redirect to a folder available on it, redirect only citting the folder. Example: net11.com.br redirect only to /heiden
// only execute if have http on location
if ( strpos(strtolower($header), "http") !== false) {
$address = explode("/", $header);
print_r($address);
// $address['0'] = http
// $address['1'] =
// $address['2'] = www.terra.com.br
// $address['3'] = portal
echo "url (address from array) = " . $url . "<br>";
echo "address[2] = " . $address['2'] . "<br><br>";
// url: terra.com.br
// address['2'] = www.terra.com.br
// check if string terra.com.br is still available in www.terra.com.br. It indicates that server did not redirect to some page away from here.
if(strpos(strtolower($address['2']), strtolower($url)) !== false) {
echo "URL NOT REDIRECT";
} else {
// not the same. (areiaebrita)
echo "SORRY, URL REDIRECT WAS FOUND: " . $url;
}
}
}
}
}
}
function unshorten_url($url){
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_URL, $url);
$out = curl_exec($ch);
$real_url = $url;//default.. (if no redirect)
if (preg_match("/location: (.*)/i", $out, $redirect))
$real_url = $redirect[1];
if (strstr($real_url, "bit.ly"))//the redirect is another shortened url
$real_url = unshorten_url($real_url);
return $real_url;
}
I have just made a function that checks if a URL exists or not
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
function url_exists($url, $ch) {
curl_setopt($ch, CURLOPT_URL, $url);
$out = curl_exec($ch);
// line endings is the wonkiest piece of this whole thing
$out = str_replace("\r", "", $out);
// only look at the headers
$headers_end = strpos($out, "\n\n");
if( $headers_end !== false ) {
$out = substr($out, 0, $headers_end);
}
//echo $out."====<br>";
$headers = explode("\n", $out);
//echo "<pre>";
//print_r($headers);
foreach($headers as $header) {
//echo $header."---<br>";
if( strpos($header, 'HTTP/1.1 200 OK') !== false ) {
return true;
break;
}
}
}
Now I have used an array of URLs to check if a URL exists as following:
$my_url_array = array('http://howtocode.pk/result', 'http://google.com/jobssss', 'https://howtocode.pk/javascript-tutorial/', 'https://www.google.com/');
for($j = 0; $j < count($my_url_array); $j++){
if(url_exists($my_url_array[$j], $ch)){
echo 'This URL "'.$my_url_array[$j].'" exists. <br>';
}
}
I can't understand your question.
You have an array with URLs and you want to know if user is from one of the listed URLs?
If I'm right in understanding your quest:
$urls = array('http://url1.com','http://url2.ru','http://url3.org');
if(in_array($_SERVER['HTTP_REFERER'],$urls))
{
echo 'FROM ARRAY';
} else {
echo 'NOT FROM ARR';
}