I'm trying to make a PHP extauth script, i configured extauth in ejabberd.cfg and give permission to auth.php file, the script is the following
#!/usr/bin/php
<?php
error_reporting(0);
$auth = new JabberAuth();
$auth->dbhost = "";
$auth->dbuser = "";
$auth->dbpass = "";
$auth->dbbase = "";
$auth->play(); // We simply start process !
class JabberAuth {
var $dbhost; /* MySQL server */
var $dbuser; /* MySQL user */
var $dbpass; /* MySQL password */
var $dbbase; /* MySQL database where users are stored */
var $debug = true;/* Debug mode */
var $debugfile = "/var/log/pipe-debug.log"; /* Debug output */
var $logging = true; /* Do we log requests ? */
var $logfile = "/var/log/pipe-log.log" ; /* Log file ... */
/*
* For both debug and logging, ejabberd have to be able to write.
*/
var $jabber_user; /* This is the jabber user passed to the script. filled by $this->command() */
var $jabber_pass; /* This is the jabber user password passed to the script. filled by $this->command() */
var $jabber_server; /* This is the jabber server passed to the script. filled by $this->command(). Useful for VirtualHosts */
var $jid; /* Simply the JID, if you need it, you have to fill. */
var $data; /* This is what SM component send to us. */
var $dateformat = "M d H:i:s"; /* Check date() for string format. */
var $command; /* This is the command sent ... */
var $mysock; /* MySQL connection ressource */
var $stdin; /* stdin file pointer */
var $stdout; /* stdout file pointer */
function JabberAuth()
{
#define_syslog_variables();
#openlog("pipe-auth", LOG_NDELAY, LOG_SYSLOG);
if($this->debug) {
#error_reporting(E_ALL);
#ini_set("log_errors", "1");
#ini_set("error_log", $this->debugfile);
}
$this->logg("Starting pipe-auth ..."); // We notice that it's starting ...
$this->openstd();
}
function stop()
{
$this->logg("Shutting down ..."); // Sorry, have to go ...
closelog();
$this->closestd(); // Simply close files
exit(0); // and exit cleanly
}
function openstd()
{
$this->stdout = #fopen("php://stdout", "w"); // We open STDOUT so we can read
$this->stdin = #fopen("php://stdin", "r"); // and STDIN so we can talk !
}
function readstdin()
{
$l = #fgets($this->stdin, 3); // We take the length of string
$length = #unpack("n", $l); // ejabberd give us something to play with ...
$len = $length["1"]; // and we now know how long to read.
if($len > 0) { // if not, we'll fill logfile ... and disk full is just funny once
$this->logg("Reading $len bytes ... "); // We notice ...
$data = #fgets($this->stdin, $len+1);
// $data = iconv("UTF-8", "ISO-8859-15", $data); // To be tested, not sure if still needed.
$this->data = $data; // We set what we got.
$this->logg("IN: ".$data);
}
}
function closestd()
{
#fclose($this->stdin); // We close everything ...
#fclose($this->stdout);
}
function out($message)
{
#fwrite($this->stdout, $message); // We reply ...
$dump = #unpack("nn", $message);
$dump = $dump["n"];
$this->logg("OUT: ". $dump);
}
function myalive()
{
if(!is_resource($this->mysock) || !#mysql_ping($this->mysock)) { // check if we have a MySQL connection and if it's valid.
$this->mysql(); // We try to reconnect if MySQL gone away ...
return #mysql_ping($this->mysock); // we simply try again, to be sure ...
} else {
return true; // so good !
}
}
function play()
{
do {
$this->readstdin(); // get data
$length = strlen($this->data); // compute data length
if($length > 0 ) { // for debug mainly ...
$this->logg("GO: ".$this->data);
$this->logg("data length is : ".$length);
}
$ret = $this->command(); // play with data !
$this->logg("RE: " . $ret); // this is what WE send.
$this->out($ret); // send what we reply.
$this->data = NULL; // more clean. ...
} while (true);
}
function command()
{
$data = $this->splitcomm(); // This is an array, where each node is part of what SM sent to us :
// 0 => the command,
// and the others are arguments .. e.g. : user, server, password ...
if($this->myalive()) { // Check we can play with MySQL
if(strlen($data[0]) > 0 ) {
$this->logg("Command was : ".$data[0]);
}
switch($data[0]) {
case "isuser": // this is the "isuser" command, used to check for user existance
$this->jabber_user = $data[1];
$parms = $data[1]; // only for logging purpose
$return = $this->checkuser();
break;
case "auth": // check login, password
$this->jabber_user = $data[1];
$this->jabber_pass = $data[3];
$parms = $data[1].":".$data[2].":".md5($data[3]); // only for logging purpose
$return = $this->checkpass();
break;
case "setpass":
$return = false; // We do not want jabber to be able to change password
break;
default:
$this->stop(); // if it's not something known, we have to leave.
// never had a problem with this using ejabberd, but might lead to problem ?
break;
}
$return = ($return) ? 1 : 0;
if(strlen($data[0]) > 0 && strlen($parms) > 0) {
$this->logg("Command : ".$data[0].":".$parms." ==> ".$return." ");
}
return #pack("nn", 2, $return);
} else {
// $this->prevenir(); // Maybe useful to tell somewhere there's a problem ...
return #pack("nn", 2, 0); // it's so bad.
}
}
function checkpass()
{
/*
* Put here your code to check password
* $this->jabber_user
* $this->jabber_pass
* $this->jabber_server
*/
return true;
}
function checkuser()
{
/*
* Put here your code to check user
* $this->jabber_user
* $this->jabber_pass
* $this->jabber_server
*/
return true;
}
function splitcomm() // simply split command and arugments into an array.
{
return explode(":", $this->data);
}
function mysql() // "MySQL abstraction", this opens a permanent MySQL connection, and fill the ressource
{
$this->mysock = #mysql_pconnect($this->dbhost, $this->dbuser, $this->dbpass);
#mysql_select_db($this->dbbase, $this->mysock);
$this->logg("MySQL :: ". (is_resource($this->mysock) ? "Connecté" : "Déconnecté"));
}
function logg($message) // pretty simple, using syslog.
// some says it doesn't work ? perhaps, but AFAIR, it was working.
{
if($this->logging) {
#syslog(LOG_INFO, $message);
}
}
}
?>
when i start ejabberd live, i get this error in an infinite loop:
extauth script has exitted abruptly with reason 'normal'
External authentication script needs to be constantly running and thus must be a loop.
This is explained in ejabberd documentation:
https://www.ejabberd.im/files/doc/dev.html#htoc9
I suspect your script is exiting and not actually looping.
As a starting point, you should have a look at this project:
https://github.com/cburschka/ejabberd-auth-php
Related
I want to make a mail send program and notify the user with a progress bar while waiting. Unfortunately it does not work as expected, the progressbar is not updated.
The Program loops through an array of mail adresses derived from a database. There first the mail address will be verified fro existence in the mailbox. If not, it will be reported. The reports are collected and at the end sent back to the browser.
The progress is reported by separate ajax posts every second by the javascript function "mitgl.progressBar" and sent by the server via the function "getProgress" at the bottom of the php.
Mail verification and mail sending works but the getProgress seems only be made once instead.
Altough the attached code is only a fragment, the rest of the code works fine.
I cannot find the problem, perhaps someone can see what i am blind for...
Javascript:
versandMail: function() {
mitgl.unselectRec();
mitgl.pInt = window.setInterval(mitgl.progressBar, 1000);
var oForm = $('form[name=vs]').get(0);
$.post(location.href, {
cmd: 'M mailVersand',
de: oForm.de.value,
fr: oForm.fr.value,
sr: oForm.sr.value,
aktiv: oForm.aktiv.value,
anfragen: oForm.anfragen.value,
vorstand: oForm.vorstand.value,
idList: (oForm.idList ? oForm.idList.value : ''),
betreff: oForm.betreff.value,
mailtext: $('textarea[name=mailtext]', oForm).htmlarea('html'),
attachments: JSON.stringify(mitgl.oVersand.mail.attachments)
}, function(data, status, oXhr){
window.clearInterval(mitgl.pInt);
$('#progressbar').remove();
$('#mailReport').remove();
if (data.isEmpty()) {
window.alert('Auswahl hat keine Adressen ergeben');
} else if (data.substr(0, 6) === 'Fehler') {
window.alert(data);
} else {
$('#protokoll tbody').html(data);
mitgl.protoLink();
mitgl.selectTop();
}
});
},
progressBar: function() {
$.post(location.href, {
cmd: 'M getProgress'
}, function(nProgress) {
if ($('#progressbar').length > 0) {
$('#progressbar .bar').css({width: nProgress+'%'});
} else {
var pb = $('<div/>')
.attr('id', 'progressbar')
.appendTo('#cmd');
$('<div/>')
.addClass('bar')
.appendTo(pb);
}
});
},
PHP:
function mailVersand() {
// ... Prepare Mail Data ...
require_once 'phpmailer.class.php';
require_once('class.smtp.php');
require_once('class.verifyEmail.php');
$oVerify = new verifyEmail();
$oVerify->setEmailFrom($cMailFrom);
$oMail = new PHPMailer();
$oMail->SMTPDebug = 0;
$oMail->IsSMTP(); // telling the class to use SMTP
//
// ... and so on ...
$oMail->Host = ...
$aErrors = [];
$nSent = 0;
$nError = 0;
$nProcessed = 0;
$nMails = count($aMitglied);
session_start(); // <-- Session starts
$_SESSION['nProgress'] = '0'; // progress is zero
// loop through mailing list
foreach ($aMitglied as $r) {
$aEmail = explode(';', $r->email);
$email = $aEmail[0];
if ($oVerify->check($email)) {
$oMail->AddAddress($email,"$r->vorname $r->name");
// mail verificatio is ok, try to send
if ($oMail->send() === TRUE) {
$nSent++;
} else {
// no, report error
$e = new stdClass();
$e->email = $email;
$e->name = $r->name;
$e->vorname = $r->vorname;
$e->error = $oMail->ErrorInfo;
$aErrors[] = $e;
$nError++;
}*/
$oMail->ClearAddresses();
} else {
// Mail verification failed, report error
$e = new stdClass();
$e->email = $r->email;
$e->name = $r->name;
$e->vorname = $r->vorname;
$e->error = $oVerify->getAllErrors();
$aErrors[] = $e;
$nError++;
}
$nProcessed++; // <-- Next processed record
// v-- Calulate percentage of progress
$_SESSION['nProgress'] = strval(round($nProcessed *100 /$nMails));
}
// create error report
$oBericht = new stdClass();
$oBericht->sent = $nSent;
$oBericht->error = $nError;
$oBericht->fails = $aErrors;
// now procedure finished, reply final report
// ....
$s = $this->listVersand();
echo ($s); // send reply
session_write_close(); // session ends
exit;
}
function getProgress() {
session_start();
//$n = isset($_SESSION['nProgress']) ? "$_SESSION[nProgress]" : "5";
$n="20";
echo ($n);
exit();
}
I found the problem. Sessions can store values between successive calls to a webpage. What I was intended to do is passing a value between active PHP processes.
One way to do this is using APC calls. However this is not available anymore in php versions newer than 5.3, so I have chosen a way to store the progress information in a database.
It's not very effective, it uses a lot of recources. If someone knows a better way to share variables between active php processes it would be nice to tell it here.
So I am making a script where I want to learn how to limit use on one domain, but I need to modify the script before the download. My question is, I want to take a $_GET variable filled out by the user of their website. Customize a script with file_put_contents or something, and then download the modified script.. How would I go about this? Does it require Javascript and PHP, or just Javascript? I'm not sure how to go about it. An example of modifying a download can be found here
So, if I understood correctly, a user fill some form with a var (lets call it $var) and clicks the form's submit button to download a file (lets call it 'myscript.php').
You want to edit 'myscript.php' and put the $var inside that script before the user downloads it. Is this assumption correct?
For that you need to prepare your script beforehand by placing a placeholder somewhere and then, before the user downloads the file, you change the placeholder for the intended block of code. Alternatively you can replace the first <?php tag for your code, if that's relevant.
Mini Example:
myscript1.php
<?php
$varb = 'a string with DEFAULT VAR inside just to test';
//Block of code goes here
//{%%DEFAULT VAR%%}
print $var;
Code called by form:
<?php
$path = 'myscript1.php';
$file = file_get_contents($path);
$var = $_GET['var'];
$block = '
// valid php code that you put inside script (without <?php)
// Alternatively you can grab the block of code
// from a file with file_get_contents
$var = ' . $var . ';';
$file = str_replace('//{%%DEFAULT VAR%%}', $var, $file);
Here's a more complete (and complex) example...
myscript2.php
<?php
$var = '{%%DEFAULT VAR%%}';
$varb = 'another string with DEFAULT VAR inside just to test';
print $var;
Download script (called by the form)
<?php
$form =
'<html>
<head></head>
<body>
<form action="">
<span>myVar</span><input type="text" id="var" name="var"/><br/>
<input type="submit" value="download file"/>
</form>
</body>
</html>';
if (isset($_GET['var'])) {
$var = $_GET['var'];
$path = 'myscript2.php';
$file = file_get_contents($path);
// PART 1
/*
* Tokenizer Approach (read http://php.net/manual/en/book.tokenizer.php)
* Splits a php file into an Array with tokens (like the ZEND Engine Parser does)
* Usefull for parsing and validating the PHP file
* In this case we're just cheking if the script has
* $var = {%%DEFAULT VAR%%}; somewhere but you can implement a more complex code to check
* complete statements or instructions!!! This is just for example's sake!
* Skip this part if you don't need to validate the script
*/
$tokens = token_get_all($file);
if (!validatePHPScript($tokens)) {
throw new Exception("script didn't pass validation");
}
//END PART 1
// PART 2
/*
* The actual string replacement via str_replace
* It actually just replaces a placeholder for anything
* you want, in this case the $_GET['var'] value
* You can actually replace a placeholder for a complete
* block of code: just put the placeholder in the part you want
* to insert and then comment it. #{‰‰PLACEHOLDER_NAME%%}
* Then replace the placeholder with the comment tag
*
*/
$file = str_replace('{%%DEFAULT VAR%%}', $var, $file);
// END PART 2
//PART 3
/*
* Serve the file to download through headers
*/
header('Content-type: text/plain');
header('Content-disposition: attachment; filename=myscript.php');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . strlen($file));
ob_clean();
flush();
print $file;
// END PART 3
} else {
print $form;
}
validation function example:
//Validation example
function validatePHPScript(array $tokens)
{
$max = count($tokens);
$var_check = false;
$operator_check = false;
$string_check = false;
$semicolon_check = false;
// loop through all $tokens
for ($i = 0; $i < $max; ++$i) {
// only look for variables (tokens with type T_VARIABLE)
if (is_array($tokens[$i]) && $tokens[$i][0] === T_VARIABLE) {
// LOOK for a variable named $var
if ($tokens[$i][1] === '$var') {
// Found $var
$var_check = true;
// let's check if its an assignment statement
// by looping through the remaining code until we find a colon
for ($ii = $i +1; $ii < $max; ++$ii) {
// Look for the operator =
if ($tokens[$ii] === '=') {
$operator_check = true;
// Look for the string and check if it corresponds to the value
// we're going to replace
} else if ($operator_check && is_array($tokens[$ii]) && $tokens[$ii][0] === T_CONSTANT_ENCAPSED_STRING && $tokens[$ii][1] === "'{%%DEFAULT VAR%%}'") {
$string_check = true;
// Look for the statement end token (semicolon)
} else if($string_check && $tokens[$ii] === ';') {
$semicolon_check = true;
break;
}
}
// All checks passed so we don't need to loop anymore
if ($var_check && $operator_check && $string_check && $semicolon_check) {
return true;
} else {
// reset checks
$var_check = false;
$operator_check = false;
$string_check = false;
$colon_check = false;
}
}
}
}
return false;
}
I start saying that I HATE OpenID, because it's poorly implemented/documented.
I'm trying to use "openid-php-openid-2.2.2-24". Here the source code: https://github.com/openid/php-openid
When I try to use the authentication example, it returns to me:
"You have successfully verified https://www.google.com/accounts/o8/id?id=[...] as your identity.
No PAPE response was sent by the provider."
but there's no shadow of email, nickname or fullname of google openid login data.
While reading the file ("/openid/examples/consumer/finish_auth.php"), I note that SREG variables have to be printed between the "You have successfully verified" and "No PAPE response" messages, but they don't:
$success = sprintf('You have successfully verified ' .
'%s as your identity.',
$esc_identity, $esc_identity);
if ($response->endpoint->canonicalID) {
$escaped_canonicalID = escape($response->endpoint->canonicalID);
$success .= ' (XRI CanonicalID: '.$escaped_canonicalID.') ';
}
$sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response);
$sreg = $sreg_resp->contents();
if (#$sreg['email']) {
$success .= " You also returned '".escape($sreg['email']).
"' as your email.";
}
if (#$sreg['nickname']) {
$success .= " Your nickname is '".escape($sreg['nickname']).
"'.";
$_SESSION['nickname'] = escape($sreg['nickname']);
}
if (#$sreg['fullname']) {
$success .= " Your fullname is '".escape($sreg['fullname']).
"'.";
}
$pape_resp = Auth_OpenID_PAPE_Response::fromSuccessResponse($response);
if ($pape_resp) {
[...]
} else {
$success .= "<p>No PAPE response was sent by the provider.</p>";
}
I've tried to print the content of $sreg['email'], $sreg['nickname'] and $sreg['fullname'], but they return all blank contents (null/empty values).
I need to retrieve the email address of the account which users use to login in..
Dante
To get the question off the unanswered list, I post dante's answer here as answer:
I solved my problem.
Example usage of AX in PHP OpenID: Example usage of AX in PHP OpenID
After 2 days of research, I've just now found the answer ("but Google uses AX (attribute exchange) instead of SReg for additional data"). Why Google must always be so different?
However, the code in that stackoverflow answer page doesn't work for me (my hosting server returns 500 internal server error code).
So, I post here "my code" (it's so rough):
oid_ax_common.php
<?php
// Circumnavigate bugs in the GMP math library that can be result in signature
// validation errors
define('Auth_OpenID_BUGGY_GMP', true);
$path_extra = dirname(dirname(dirname(__FILE__)));
$path = ini_get('include_path');
$path = $path_extra . PATH_SEPARATOR . $path;
ini_set('include_path', $path);
function displayError($message) {
$error = $message;
include './index.php';
exit(0);
}
function doIncludes() {
/**
* Require the OpenID consumer code.
*/
require_once "Auth/OpenID/Consumer.php";
/**
* Require the "file store" module, which we'll need to store
* OpenID information.
*/
require_once "Auth/OpenID/FileStore.php";
/**
* Require the Simple Registration extension API.
*/
//require_once "Auth/OpenID/SReg.php";
require_once "Auth/OpenID/AX.php";
/**
* Require the PAPE extension module.
*/
require_once "Auth/OpenID/PAPE.php";
}
doIncludes();
global $pape_policy_uris;
$pape_policy_uris = array(
PAPE_AUTH_MULTI_FACTOR_PHYSICAL,
PAPE_AUTH_MULTI_FACTOR,
PAPE_AUTH_PHISHING_RESISTANT
);
function &getStore() {
/**
* This is where the example will store its OpenID information.
* You should change this path if you want the example store to be
* created elsewhere. After you're done playing with the example
* script, you'll have to remove this directory manually.
*/
$store_path = null;
if (function_exists('sys_get_temp_dir')) {
$store_path = sys_get_temp_dir();
}
else {
if (strpos(PHP_OS, 'WIN') === 0) {
$store_path = $_ENV['TMP'];
if (!isset($store_path)) {
$dir = 'C:\Windows\Temp';
}
}
else {
$store_path = #$_ENV['TMPDIR'];
if (!isset($store_path)) {
$store_path = '/tmp';
}
}
}
$store_path = './tmp/';
$store_path .= DIRECTORY_SEPARATOR . '_php_consumer_test';
if (!file_exists($store_path) &&
!mkdir($store_path)) {
print "Could not create the FileStore directory '$store_path'. ".
" Please check the effective permissions.";
exit(0);
}
$r = new Auth_OpenID_FileStore($store_path);
return $r;
}
function &getConsumer() {
/**
* Create a consumer object using the store object created
* earlier.
*/
$store = getStore();
$r = new Auth_OpenID_Consumer($store);
return $r;
}
function getScheme() {
$scheme = 'http';
if (isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') {
$scheme .= 's';
}
return $scheme;
}
function getReturnTo() {
return sprintf("%s://%s:%s%s/oid_ax_receive.php",
getScheme(), $_SERVER['SERVER_NAME'],
$_SERVER['SERVER_PORT'],
dirname($_SERVER['PHP_SELF']));
}
function getTrustRoot() {
return sprintf("%s://%s:%s%s/",
getScheme(), $_SERVER['SERVER_NAME'],
$_SERVER['SERVER_PORT'],
dirname($_SERVER['PHP_SELF']));
}
?>
oid_ax_send.php
<?php
require_once "oid_ax_common.php";
// Starts session (needed for YADIS)
session_start();
function getOpenIDURL() {
// Render a default page if we got a submission without an openid
// value.
if (empty($_GET['openid_identifier'])) {
$error = "Expected an OpenID URL.";
include './index.php';
exit(0);
}
return $_GET['openid_identifier'];
}
function run() {
// https://www.google.com/accounts/o8/id
// $openid = 'http://openid-provider.appspot.com/';
$openid = 'https://www.google.com/accounts/o8/id';
// $openid .= getOpenIDURL();
$consumer = getConsumer();
// Begin the OpenID authentication process.
$auth_request = $consumer->begin($openid);
// Create attribute request object
// See http://code.google.com/apis/accounts/docs/OpenID.html#Parameters for parameters
// Usage: make($type_uri, $count=1, $required=false, $alias=null)
$attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/contact/email',2,1, 'email');
$attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/first',1,1, 'firstname');
$attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/last',1,1, 'lastname');
// Create AX fetch request
$ax = new Auth_OpenID_AX_FetchRequest;
// Add attributes to AX fetch request
foreach($attribute as $attr){
$ax->add($attr);
}
// Add AX fetch request to authentication request
$auth_request->addExtension($ax);
// No auth request means we can't begin OpenID.
if (!$auth_request) {
displayError("Authentication error; not a valid OpenID.");
}
/* $sreg_request = Auth_OpenID_SRegRequest::build(
// Required
array('nickname'),
// Optional
array('fullname', 'email'));
if ($sreg_request) {
$auth_request->addExtension($sreg_request);
} */
$policy_uris = null;
if (isset($_GET['policies'])) {
$policy_uris = $_GET['policies'];
}
$pape_request = new Auth_OpenID_PAPE_Request($policy_uris);
if ($pape_request) {
$auth_request->addExtension($pape_request);
}
// Redirect the user to the OpenID server for authentication.
// Store the token for this authentication so we can verify the
// response.
// For OpenID 1, send a redirect. For OpenID 2, use a Javascript
// form to send a POST request to the server.
if ($auth_request->shouldSendRedirect()) {
$redirect_url = $auth_request->redirectURL(getTrustRoot(),
getReturnTo());
// If the redirect URL can't be built, display an error
// message.
if (Auth_OpenID::isFailure($redirect_url)) {
displayError("Could not redirect to server: " . $redirect_url->message);
} else {
// Send redirect.
header("Location: ".$redirect_url);
}
} else {
// Generate form markup and render it.
$form_id = 'openid_message';
$form_html = $auth_request->htmlMarkup(getTrustRoot(), getReturnTo(),
false, array('id' => $form_id));
// Display an error if the form markup couldn't be generated;
// otherwise, render the HTML.
if (Auth_OpenID::isFailure($form_html)) {
displayError("Could not redirect to server: " . $form_html->message);
} else {
print $form_html;
}
}
}
run();
?>
oid_ax_receive.php
<?php
require_once "oid_ax_common.php";
// Starts session (needed for YADIS)
session_start();
function escape($thing) {
return htmlentities($thing);
}
function run() {
$consumer = getConsumer();
// Complete the authentication process using the server's
// response.
$return_to = getReturnTo();
$response = $consumer->complete($return_to);
// Check the response status.
if ($response->status == Auth_OpenID_CANCEL) {
// This means the authentication was cancelled.
$msg = 'Verification cancelled.';
} else if ($response->status == Auth_OpenID_FAILURE) {
// Authentication failed; display the error message.
$msg = "OpenID authentication failed: " . $response->message;
} else if ($response->status == Auth_OpenID_SUCCESS) {
// Get registration informations
$ax = new Auth_OpenID_AX_FetchResponse();
$obj = $ax->fromSuccessResponse($response);
// Print me raw
echo '<pre>';
print_r($obj->data);
echo '</pre>';
exit;
$pape_resp = Auth_OpenID_PAPE_Response::fromSuccessResponse($response);
if ($pape_resp) {
if ($pape_resp->auth_policies) {
$success .= "<p>The following PAPE policies affected the authentication:</p><ul>";
foreach ($pape_resp->auth_policies as $uri) {
$escaped_uri = escape($uri);
$success .= "<li><tt>$escaped_uri</tt></li>";
}
$success .= "</ul>";
} else {
$success .= "<p>No PAPE policies affected the authentication.</p>";
}
if ($pape_resp->auth_age) {
$age = escape($pape_resp->auth_age);
$success .= "<p>The authentication age returned by the " .
"server is: <tt>".$age."</tt></p>";
}
if ($pape_resp->nist_auth_level) {
$auth_level = escape($pape_resp->nist_auth_level);
$success .= "<p>The NIST auth level returned by the " .
"server is: <tt>".$auth_level."</tt></p>";
}
} else {
$success .= "<p>No PAPE response was sent by the provider.</p>";
}
}
include './index.php';
}
run();
?>
Enjoy.
Dante
P.S.: to complete the opera of OpenID, although I solved my problem with user info / login data with Google, I still have one problem with Light OpenID (https://stackoverflow.com/questions/10735708/lightopenid-openid-authurl-does-not-return-any-value).
If you want to help me, we will completely work out and conclude with the OpenID story.
does anyone know if it is possible to display google page rank of a particular website using php script?
if it is possible, how do i do it?
Okay, i re-wrote my Answer and extracted only the relevant part of my SEO Helper (my previous version had other stuff like Alexa Rank, Google Index, Yahoo Links etc in it. If you are looking for that, just see check an older revision of this answer!)
Please be aware that there are pages that have NO PAGERANK and by no I DON'T MEAN ZERO. There is just none. This may be because the page is so very unimportant (even less im portant than PR 0) or just so new but might very well be important.
This is consiedered the same as PR 0 in my class!
This has some pros and some cons. If possible you should handle it seperately in your logic, but this is not always possible, so 0 is the next best approach.
Furthermore:
This code is reverse engeneered and does not utilize some sort of API that has any form of SLA or whatever.
So it might stop working ANY TIME!
And PLEASE DONT FLOOD GOOGLE!
I made the test. If you have only a very short period of sleep, google blocks you after 1000 requests (for quite some time!). With a random sleep between 1.5 and 2 secs it looks fine.
I once crawled the pagerank for 70k pages. Only once, because I just needed it. I did only 5k a day from several IPs and now i have the data and It doesnt get outdated because the pages are there for decades.
IMO its totally OK to check a pagerank once in a while or even some at once, but dont miss-use this code or google may lock us out all together!
<?php
/*
* #author Joe Hopfgartner <joe#2x.to>
*/
class Helper_Seo
{
protected function _pageRankStrToNum($Str,$Check,$Magic) {
$Int32Unit=4294967296;
// 2^32
$length=strlen($Str);
for($i=0;$i<$length;$i++) {
$Check*=$Magic;
//If the float is beyond the boundaries of integer (usually +/- 2.15e+9 = 2^31),
// the result of converting to integer is undefined
if($Check>=$Int32Unit) {
$Check=($Check-$Int32Unit*(int)($Check/$Int32Unit));
//if the check less than -2^31
$Check=($Check<-2147483648)?($Check+$Int32Unit):$Check;
}
$Check+=ord($Str {
$i
});
}
return $Check;
}
/*
* Genearate a hash for a url
*/
protected function _pageRankHashURL($String) {
$Check1=self::_pageRankStrToNum($String,0x1505,0x21);
$Check2=self::_pageRankStrToNum($String,0,0x1003F);
$Check1>>=2;
$Check1=(($Check1>>4)&0x3FFFFC0)|($Check1&0x3F);
$Check1=(($Check1>>4)&0x3FFC00)|($Check1&0x3FF);
$Check1=(($Check1>>4)&0x3C000)|($Check1&0x3FFF);
$T1=(((($Check1&0x3C0)<<4)|($Check1&0x3C))<<2)|($Check2&0xF0F);
$T2=(((($Check1&0xFFFFC000)<<4)|($Check1&0x3C00))<<0xA)|($Check2&0xF0F0000);
return($T1|$T2);
}
/*
* genearate a checksum for the hash string
*/
protected function CheckHash($Hashnum) {
$CheckByte=0;
$Flag=0;
$HashStr=sprintf('%u',$Hashnum);
$length=strlen($HashStr);
for($i=$length-1;$i>=0;$i--) {
$Re=$HashStr {
$i
};
if(1===($Flag%2)) {
$Re+=$Re;
$Re=(int)($Re/10)+($Re%10);
}
$CheckByte+=$Re;
$Flag++;
}
$CheckByte%=10;
if(0!==$CheckByte) {
$CheckByte=10-$CheckByte;
if(1===($Flag%2)) {
if(1===($CheckByte%2)) {
$CheckByte+=9;
}
$CheckByte>>=1;
}
}
return '7'.$CheckByte.$HashStr;
}
public static function getPageRank($url) {
$fp=fsockopen("toolbarqueries.google.com",80,$errno,$errstr,30);
if(!$fp) {
trigger_error("$errstr ($errno)<br />\n");
return false;
}
else {
$out="GET /search?client=navclient-auto&ch=".self::CheckHash(self::_pageRankHashURL($url))."&features=Rank&q=info:".$url."&num=100&filter=0 HTTP/1.1\r\n";
$out.="Host: toolbarqueries.google.com\r\n";
$out.="User-Agent: Mozilla/4.0 (compatible; GoogleToolbar 2.0.114-big; Windows XP 5.1)\r\n";
$out.="Connection: Close\r\n\r\n";
fwrite($fp,$out);
#echo " U: http://toolbarqueries.google.com/search?client=navclient-auto&ch=".$this->CheckHash($this->_pageRankHashURL($url))."&features=Rank&q=info:".$url."&num=100&filter=0";
#echo "\n";
//$pagerank = substr(fgets($fp, 128), 4);
//echo $pagerank;
#echo "DATA:\n\n";
$responseOK = false;
$response = "";
$inhead = true;
$body = "";
while(!feof($fp)) {
$data=fgets($fp,128);
if($data == "\r\n" && $inhead) {
$inhead = false;
} else {
if(!$inhead) {
$body.= $data;
}
}
//if($data == '\r\n\r\n')
$response .= $data;
if(trim($data) == 'HTTP/1.1 200 OK') {
$responseOK = true;
}
#echo "D ".$data;
$pos=strpos($data,"Rank_");
if($pos===false) {
}
else {
$pagerank=trim(substr($data,$pos+9));
if($pagerank === '0') {
fclose($fp);
return 0;
} else if(intval($pagerank) === 0) {
throw new Exception('couldnt get pagerank from string: '.$pagerank);
//trigger_error('couldnt get pagerank from string: '.$pagerank);
fclose($fp);
return false;
} else {
fclose($fp);
return intval( $pagerank );
}
}
}
fclose($fp);
//var_dump($body);
if($responseOK && $body=='') {
return 0;
}
//return 0;
throw new Exception('couldnt get pagerank, unknown error. probably google flood block. my tests showed that 1req/sec is okay! i recommend a random sleep between 1.5 and 2 secs. no sleep breaks at ~1000 reqs.');
//trigger_error('couldnt get pagerank, unknown error. probably google flood block.');
return false;
}
}
}
$url = "http://www.2xfun.de/";
$pagerank = Helper_Seo::getPagerank($url);
var_dump($pagerank);
?>
I'm writing a command line tool to help my web app. It needs a password to connect to the service. I'd like the script to show a password prompt so I don't have to pass it as a command line argument.
That's easy enough, but I'd like it to not echo the password to the screen as it's typed. How can I do this with PHP?
Bonus points for doing it in pure PHP (no system('stty')) and replacing the characters with *.
EDIT:
The script will run on a unix like system (linux or mac). The script is written in PHP, and will most likely stay like that.
Also, for the record, the stty way of doing it is:
echo "Password: ";
system('stty -echo');
$password = trim(fgets(STDIN));
system('stty echo');
// add a new line since the users CR didn't echo
echo "\n";
I'd prefer to not have the system() calls in there.
Found on sitepoint.
function prompt_silent($prompt = "Enter Password:") {
if (preg_match('/^win/i', PHP_OS)) {
$vbscript = sys_get_temp_dir() . 'prompt_password.vbs';
file_put_contents(
$vbscript, 'wscript.echo(InputBox("'
. addslashes($prompt)
. '", "", "password here"))');
$command = "cscript //nologo " . escapeshellarg($vbscript);
$password = rtrim(shell_exec($command));
unlink($vbscript);
return $password;
} else {
$command = "/usr/bin/env bash -c 'echo OK'";
if (rtrim(shell_exec($command)) !== 'OK') {
trigger_error("Can't invoke bash");
return;
}
$command = "/usr/bin/env bash -c 'read -s -p \""
. addslashes($prompt)
. "\" mypassword && echo \$mypassword'";
$password = rtrim(shell_exec($command));
echo "\n";
return $password;
}
}
Depending on your environment (i.e., not on Windows), you can use the ncurses library (specifically, the ncurses_noecho() function to stop keyboard echo and ncurses_getch() to read the input) to get the password without displaying it on screen.
You can use my hiddeninput.exe file to get real hidden input without leaking the information anywhere on screen.
<?php
echo 'Enter password: ';
$password = exec('hiddeninput.exe');
echo PHP_EOL;
echo 'Password was: ' . $password . PHP_EOL;
If you remove the last echo, the password should never show up, but you can use that for validation obvoiusly.
The below method works under Linux CLI but not under Windows CLI or Apache. It also only works with chars in the standard Ascii table (It would not take much to make it compatible with extended char sets though).
I have put a bit of code in to protect against copy and paste passwords. If the bit between the two comments is removed then a password can be injected/pasted in.
I hope this helps someone.
<?php
echo("Password: ");
$strPassword=getObscuredText();
echo("\n");
echo("You entered: ".$strPassword."\n");
function getObscuredText($strMaskChar='*')
{
if(!is_string($strMaskChar) || $strMaskChar=='')
{
$strMaskChar='*';
}
$strMaskChar=substr($strMaskChar,0,1);
readline_callback_handler_install('', function(){});
$strObscured='';
while(true)
{
$strChar = stream_get_contents(STDIN, 1);
$intCount=0;
// Protect against copy and paste passwords
// Comment \/\/\/ to remove password injection protection
$arrRead = array(STDIN);
$arrWrite = NULL;
$arrExcept = NULL;
while (stream_select($arrRead, $arrWrite, $arrExcept, 0,0) && in_array(STDIN, $arrRead))
{
stream_get_contents(STDIN, 1);
$intCount++;
}
// /\/\/\
// End of protection against copy and paste passwords
if($strChar===chr(10))
{
break;
}
if ($intCount===0)
{
if(ord($strChar)===127)
{
if(strlen($strObscured)>0)
{
$strObscured=substr($strObscured,0,strlen($strObscured)-1);
echo(chr(27).chr(91)."D"." ".chr(27).chr(91)."D");
}
}
elseif ($strChar>=' ')
{
$strObscured.=$strChar;
echo($strMaskChar);
//echo(ord($strChar));
}
}
}
readline_callback_handler_remove();
return($strObscured);
}
?>
This is the easiest solution for all platforms:
function prompt($message = 'prompt: ', $hidden = false) {
if (PHP_SAPI !== 'cli') {
return false;
}
echo $message;
$ret =
$hidden
? exec(
PHP_OS === 'WINNT' || PHP_OS === 'WIN32'
? __DIR__ . '\prompt_win.bat'
: 'read -s PW; echo $PW'
)
: rtrim(fgets(STDIN), PHP_EOL)
;
if ($hidden) {
echo PHP_EOL;
}
return $ret;
}
Then create prompt_win.bat in the same directory:
SetLocal DisableDelayedExpansion
Set "Line="
For /F %%# In ('"Prompt;$H & For %%# in (1) Do Rem"') Do (
Set "BS=%%#"
)
:loop_start
Set "Key="
For /F "delims=" %%# In ('Xcopy /L /W "%~f0" "%~f0" 2^>Nul') Do (
If Not Defined Key (
Set "Key=%%#"
)
)
Set "Key=%Key:~-1%"
SetLocal EnableDelayedExpansion
If Not Defined Key (
Goto :loop_end
)
If %BS%==^%Key% (
Set "Key="
If Defined Line (
Set "Line=!Line:~0,-1!"
)
)
If Not Defined Line (
EndLocal
Set "Line=%Key%"
) Else (
For /F "delims=" %%# In ("!Line!") Do (
EndLocal
Set "Line=%%#%Key%"
)
)
Goto :loop_start
:loop_end
Echo;!Line!
I guess that there is no simple way of doing it (actually I can't think of any way) without using stty -echo.
If you intent running it on windows, you could create a batch script that would provide the unechoed typed info to your php script.
#echo off
cls
SET /P uname=Enter Username:
echo hP1X500P[PZBBBfh#b##fXf-V#`$fPf]f3/f1/5++u5>in.com
set /p password=Enter password :<nul
for /f “tokens=*” %%i in (’in.com’) do set password=%%i
del in.com
echo.
c:\php\php.exe d:\php\test.php %uname% “%password%”
Pause
example taken from http://www.indiangnu.org/2008/php-hide-user-input-using-batch-script-windows/
Works on every windows system, that has powershell support. (source from: http://www.qxs.ch/2013/02/08/php-cli-password-prompts-on-windows-7/ )
<?php
// please set the path to your powershell, here it is: C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe
$pwd=shell_exec('C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -Command "$Password=Read-Host -assecurestring \"Please enter your password\" ; $PlainPassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($Password)) ; echo $PlainPassword;"');
$pwd=explode("\n", $pwd); $pwd=$pwd[0];
echo "You have entered the following password: $pwd\n";
system('stty -echo');
to disable the current terminal echo, and:
system('stty echo');
to reenable it. Set it before and after fgets.
The accepted answer is not good enough. First of all, the Windows solution doesn't work on Windows 7 and above. The solution for other OSs depends on Bash and bash built-in 'read'. However, there are systems which does not use Bash (eg. OpenBSD) and where this obviously won't work.
In this blog I've discussed solution which works on almost any Unix based OS and Windows from 95 to 8. The Windows solution uses external program written in C on top Win32 API. The solution for other OSs uses external command 'stty'. I have yet to see a Unix based system which does not have 'stty'
Why not use an SSH connection? You can abstract the commands away, redirect input/output and have full control.
You can provide someone with a pure clean shell with as little rights as neccesary, and let the password just be POST'ed along with to SSH2::Connect() to open the shell.
I created a nice class to work with the php SSH2 extension, maybe it helps you;
(and it also does secure file transfers)
<?php
/**
* SSH2
*
* #package Pork
* #author SchizoDuckie
* #version 1.0
* #access public
*/
class SSH2
{
private $host;
private $port;
private $connection;
private $timeout;
private $debugMode;
private $debugPointer;
public $connected;
public $error;
/**
* SSH2::__construct()
*
* #param mixed $host
* #param integer $port
* #param integer $timeout
* #return
*/
function __construct($host, $port=22, $timeout=10)
{
$this->host = $host;
$this->port = $port;
$this->timeout = 10;
$this->error = 'not connected';
$this->connection = false;
$this->debugMode = Settings::Load()->->get('Debug', 'Debugmode');
$this->debugPointer = ($this->debugMode) ? fopen('./logs/'.date('Y-m-d--H-i-s').'.log', 'w+') : false;
$this->connected = false;
}
/**
* SSH2::connect()
*
* #param mixed $username
* #param mixed $password
* #return
*/
function connect($username, $password)
{
$this->connection = ssh2_connect($this->host, $this->port);
if (!$this->connection) return $this->error("Could not connect to {$this->host}:{$this->port}");
$this->debug("Connected to {$this->host}:{$this->port}");
$authenticated = ssh2_auth_password($this->connection, $username, $password);
if(!$authenticated) return $this->error("Could not authenticate: {$username}, check your password");
$this->debug("Authenticated successfully as {$username}");
$this->connected = true;
return true;
}
/**
* SSH2::exec()
*
* #param mixed $command shell command to execute
* #param bool $onAvailableFunction a function to handle any available data.
* #param bool $blocking blocking or non-blocking mode. This 'hangs' php execution until the command has completed if you set it to true. If you just want to start an import and go on, use this icm onAvailableFunction and false
* #return
*/
function exec($command, $onAvailableFunction=false, $blocking=true)
{
$output = '';
$stream = ssh2_exec($this->connection, $command);
$this->debug("Exec: {$command}");
if($onAvailableFunction !== false)
{
$lastReceived = time();
$timeout =false;
while (!feof($stream) && !$timeout)
{
$input = fgets($stream, 1024);
if(strlen($input) >0)
{
call_user_func($onAvailableFunction, $input);
$this->debug($input);
$lastReceived = time();
}
else
{
if(time() - $lastReceived >= $this->timeout)
{
$timeout = true;
$this->error('Connection timed out');
return($this->error);
}
}
}
}
if($blocking === true && $onAvailableFunction === false)
{
stream_set_blocking($stream, true);
$output = stream_get_contents($stream);
$this->debug($output);
}
fclose($stream);
return($output);
}
/**
* SSH2::createDirectory()
*
* Creates a directory via sftp
*
* #param string $dirname
* #return boolean success
*
*/
function createDirectory($dirname)
{
$ftpconnection = ssh2_sftp ($this->connection);
$dircreated = ssh2_sftp_mkdir($ftpconnection, $dirname, true);
if(!$dircreated)
{
$this->debug("Directory not created: ".$dirname);
}
return $dircreated;
}
public function listFiles($dirname)
{
$input = $this->exec(escapeshellcmd("ls {$dirname}"));
return(explode("\n", trim($input)));
}
public function sendFile($filename, $remotename)
{
$this->debug("sending {$filename} to {$remotename} ");
if(file_exists($filename) && is_readable($filename))
{
$result = ssh2_scp_send($this->connection, $filename, $remotename, 0664);
}
else
{
$this->debug("Unable to read file : ".$filename);
return false;
}
if(!$result) $this->debug("Failure uploading {$filename} to {$remotename}");
return $result;
}
public function getFile($remotename, $localfile)
{
$this->debug("grabbing {$remotename} to {$localfile}");
$result = ssh2_scp_recv($this->connection, $remotename, $localfile);
if(!$result) $this->debug("Failure downloading {$remotename} to {$localfile}");
return $result;
}
/**
* SSH2::debug()
*
* #param mixed $message
* #return
*/
function debug($message)
{
if($this->debugMode)
{
fwrite($this->debugPointer, date('Y-m-d H:i:s')." : ".$message."\n");
}
}
/**
* SSH2::error()
*
* #param mixed $errorMsg
* #return
*/
function error($errorMsg)
{
$this->error = $errorMsg;
$this->debug($errorMsg);
return false;
}
/**
* SSH2::__destruct()
*
* #return
*/
function __destruct()
{
if($this->connection){
$this->connection = null;
}
if($this->debugMode && $this->debugPointer)
{
fclose($this->debugPointer);
}
}
}
Usage example:
$settings = Settings::Load()->Get("SecureServer");
$ssh = new SSH2($settings['host']);
if( $ssh->connect($settings['username'], $settings['password']))
{
echo $ssh->exec("ls -la ".$settings['path'], false, true);
flush();
}
Theorically you can do it using stream_set_blocking(), but looks like there are some PHP bugs managing STDIN.
Look:
http://bugs.php.net/bug.php?id=34972
http://bugs.php.net/bug.php?id=36030
Try yourself:
echo "Enter Password: ";
$stdin = fopen('php://stdin','r');
// Trying to disable stream blocking
stream_set_blocking($stdin, FALSE) or die ('Failed to disable stdin blocking');
// Trying to set stream timeout to 1sec
stream_set_timeout ($stdin, 1) or die ('Failed to enable stdin timeout');