I'm trying to make an app that automatically prints a PDF after it has been generated for the client. (by his request) I got a cloud printer up and running which works perfectly fine if I try to use it with something like chrome.
All libaries for PHP are extremely outdated (up to 4 years old) and most of them are completely broken or provide little to no documentation on how to use them, and trying to use google's own documentation is even more of a nightmare
The best I could come up with was using this libary: yasirsiddiqui/php-google-cloud-print, mostly because it was the only one I could actually figure out how to use it.
However when I use this to submit a print job the owner of the account (me) gets a warning email that someone suspicious is trying to log into their account and it has been blocked.
Does anyone know if there is a (working) library to do this with, or if there is a command line alternative (preferred) that I could use system() or exec() with?
Note: I have 0% knowledge of python, and using JavaScript to submit these jobs is NOT an option because end users are not allowed to alter the document.
Update [2015/09/08]: For some reason Google doesn't allow printing via some accounts even when using OAuth2, a quick hack to fix this was by simply creating an entirely new account and printing with that.
I have updated code to use Google OAuth2 and now there will not be any issues related to account blocked or security risk etc. Here is url of updated code
https://github.com/yasirsiddiqui/php-google-cloud-print
I've never heard of Google Cloud printing but it appears to just be a simple REST API, in which case you do not need a library to interact with it, just use something like CURL. Here is a page which lets you test out the various interfaces they offer:
https://www.google.com/cloudprint/simulate.html
A dry parameter list is available here for submitting jobs:
https://developers.google.com/cloud-print/docs/appInterfaces#submit
I would just use CURL to post my requests and not worry about over engineering some huge class especially when you don't need every available option in the API. You should look at the Python examples- I know that you do not have much experience with Python but the HTTP headers you set to login, etc, will be the same as in PHP:
login.putheader('content-type', 'application/x-www-form-urlencoded')
Is the same as:
$request_headers[] = 'content-type: application/x-www-form-urlencoded';
curl_setopt($ch, CURLOPT_HTTPHEADER, $request_headers);`
I did find an API here, but it is behind a paywall so I cannot attest to it's quality- if you're doing this for a client though it may be worth the money and effort saved to check it out:
http://www.phpgang.com/how-to-configure-google-cloud-api-in-php_288.html
Related
I want to sell a copy of my script to another person, my script is basically HTML AND CSS, but being a Checker, it needs a JS that passes the data to a PHP API and then it returns it to a of the index.
I know that the CSS and the JS are practically impossible to protect because they are on the client side, but I want to protect the Checker system.
How can I protect all my script? Can I put the PHP API on another server and from there transfer it to the of the shopper?
Or will there be a way to add code to the buyer's PHP API and have it check some data on my server, and if it is not there the Checker will not work?
In short, I want to AVOID leaving the PHP file in the buyer's script, because it is what makes my Checker work nd I want to prevent it from being stolen, since it is a personal checker.
Thank you very much in advance, I only know the basics of PHP and JS, currently I only master 100% HTML and all about CSS.
You could let the customer use your version of the software ( that you host yourself ) and restrict their access with something like an API key. You would need to check before each request if the api key is present and if it's still valid.
This would allow you to control who has access to your script, without having to "give" away your code.
API authentication, in itself, is a whole subject and can get very complicated. I would suggest you start with a simple API key and see how it works out for you.
The youtube channel fireship.io has a great video on the subject. I highly suggest you check it out.
You cannot really protect your JS because it executes on the user/customer computer. You can obfuscate it but it's a bad practice because it makes it had for your customer to debug and maintain their site and they will not buy your program.
In fact the customers are usually testing your service and integrate it before actually paying it.
You don't have to protect all your work, since copying the JS is pretty useless without the PHP. Only keep the PHP for yourself on another server.
I can't figure out what exactly to use for interaction between my site and the Telegram service (first of all - how to get the authentication process done using PHP and other stuff like chat among users).
On this page: https://core.telegram.org/api I haven't got an idea how to use those functions in PHP.
According to this page: https://telegram.org/apps
I have two choices:
1) The CLI-interface (unofficial, by the way): https://github.com/vysheng/tg
and it doesn't have an autentification function among others. In order to authenticate yourself, you need to run:
bin/telegram-cli -k tg-server.pub
and inside of the application you have to enter your cell phone and the secret code sent by SMS - after that you're authorized. Then you install https://github.com/zyberspace/php-telegram-cli-client and run telegram-cli as a daemon:
./bin/telegram-cli -dWS /tmp/tg.sck -k tg-server.pub &
Does it mean that I have to create tg-server.pub manually using PHP for each user which is trying to login?
2) Webogram: https://github.com/zhukov/webogram - but it's written on JavaScript and has very complicated code.
Dear Stackoverflow gurus, maybe you're more attentive than I am and could help me to recognize the right solution (or example, I don't know, the PHP snippet or anything else) for the user's chat based on the Telegram and PHP?
I would greatly appreciate it!
Thank you!
I have posted a step by step guide on getting your AuthKey (VB.net) here
The main challenge with Telegram API is the documentation... but if you can work through the first part - getting an AuthKey then i believe the rest should fall in place ... with some more effort.
Working through some GitHub src might be time consuming, it might be best to get a handle on the documentation and then work your way to building your own code for TelegramAPI from scratch
Most likely, PHP wrapper for Telegram API doesn't exist. I'd wager it's because communicating with Telegram servers from your server-side PHP code defeats both of the core features of Telegram: speed and security.
no speed - a message has to hop through one additional loop (your server) before it reaches the recipient.
no security - browser page will communicate with your server via AJAX or forms, I assume. This means sending data as plain text (unless you're on https), open to the whole world to see (if you were to sit on a public wifi, or something like that).
You can implement the Telegram API, it's a bit involved, but doable. But it's totally pointless, in my opinion.
As an alternative, just embed the webogram in an <iframe> or something :)
Now, you can use MadelineProto https://github.com/danog/MadelineProto - enought powerful PHP client for MTProto Telegram!
I'm currently writing an Android app at the moment, that accesses a PHP file on my server and displays JSON data provided by my MYSQL database.
Everything works great and I love the simplicity of it, but I'm not too comfortable with the fact that someone could just type in the URL of this PHP file and be presented with a page full of potentially sensitive data.
What advice would you give me to prevent access to this PHP file from anyone except those using my android app?
Thanks very much for any information.
The keyword is authentication. HTTP-Authentication is designed just for that purpose!
There are 2 forms of HTTP-auth:
Basic: easy to setup, less secure
Digest: harder to setup, more
secure
Here is the php manual.
And this is what you can do in your android app.
There isn't really a fool-proof way to do this. However you can require the user agent to match that of your application. You can also hide a private key in your application that is passed as POST data to your PHP file. Now, neither of these will stop someone who is determined to get at the raw output, but it will slow down the people who are just screwing around killing a little time seeing what they can accomplish.
Why not only enable a valid response if the request is sent with the following header:
Content-Type=application/json
If the request doesn't pass it as the Content-Type, then you just terminate the script (as regular browsers usually want to get text/html or similar things). It's not really worth locking everything tight shut, as if your app can get the data from your server, any user would have the opportunity too.
I am new to the world of PHP and coding as those have helped me answer a number of questions I have posted know. I have the opportunity to jump into the deep end however seeing I have no clue about PHP and web services, I am seeking your help. I would appreciate it if you could point me in the right direction as I have not been able to find any examples nor detailed information regarding it.
Effectively there is a PHP page that needs to pass certain values to a .NET web service i.e. name, email, mobile number and upon the receipt of such information the web service sends out a text message. This is information I have so far
The Allocation service uses a basic HTTP binding and TransportWithMessageCredential security.
Sample C# code using a reference generated with Visual Studio tooling
Allocation.AllocationServiceV3Client Client = new Allocation.AllocationServiceV3Client();
Allocation.AllocateResult Result;
string VoucherCode;
DateTime ExpiryDate;
string DisplayMessageText;
Client.ClientCredentials.UserName.UserName = ? ;
Client.ClientCredentials.UserName.Password = ? ;
Result = Client.AllocateToConsumerMobileAndSendSMS(out VoucherCode,
out ExpiryDate,
out DisplayMessageText,
ClientID,
ClientReference,
CampaignID,
ActivityID,
MobileNumber);
if (Result != Allocation.AllocateResult.Success)
{
}
I have no clue about PHP and web services
First things first, pick your brain up out of the C# soup and sit it out to dry off for a few hours. PHP is a simple language for simple things. If you're new to it, you don't want to try and make it do complex things, and you certainly don't want to try writing C# style code in PHP.
Let's take "web services" as an example of a "complex" thing. In some circles, this means horribly designed monstrosities like SOAP. VS makes it relatively easy to build SOAP bindings to your existing classes, so it's not a painful solution for you.
SOAP is a very painful solution for PHP.
Effectively there is a PHP page that needs to pass certain values to a .NET web service
It sounds like you have an existing web service set up then, correct?
You could try and use the built in SOAP client, but it's an undebuggable and unconfigurable binary blob of horrors that will make you want to kill someone if it doesn't work for you immediately.
Edit: The section below was written incorrectly assuming that both sides were under your control. As this is not the case, you can disregard the rest of the answer. I'm leaving it up because it may be valuable to others.
I would advise a different approach. Set up an endpoint (URL) in your .NET application that expects the data you've specified as POST values, and have PHP POST the data. This has the distinct advantage of being incredibly simple. Because you're new to PHP, simple is a big win.
(In other words, ditch the "web service" -- or make a parallel copy if other things consume that service already.)
PHP comes with a service called PEAR, a repository of helpful classes. You can use HTTP_Request2 to quickly build the HTTP POST request. Chances are that it's already installed. If it isn't, it's easy to install either at the system level using the pear command, or locally in your project.
Here's some quick example code copied straight out of the reference guide:
$request = new HTTP_Request2('http://www.example.com/your/endpoint/url.foo');
$request->setMethod(HTTP_Request2::METHOD_POST)
->addPostParameter('name', '...')
->addPostParameter('email', '...')
->addPostParameter('mobile', '...');
$response = $request->send();
You can then read the response as needed.
Now, this isn't a perfect solution. Your C# code mentions a username and password, which I suppose could be included in the POST data. You could also use HTTP authentication (supported by HTTP_Request2) instead.
Ok, now from what I understand, C# will make a request to the php page, wich then (in simple html) gives it back some data.
PHP Is made to do some calculation serverside and when it's done it will send the prints and echo's to the client side as html (simple explanation)
If you want to start using php you would be best off getting into the basics by following the tutorials at W3School (http://w3schools.com/php/default.asp)
Then you can use http://php.net as a reference for more functions you might need.
The way you'll want to set it up is for C# to make a request to a page like action.php
And then using a $_GET method to get the data so C# would send a request to
action.php?userid='456'
Looking around for a solution to this, I have found different methods. Some use regex, some use DOM scripting or something.
I want to go to a site, log in, fill out a form and then check if the form sent. The logging in part is the part I can't find anything on.
Anyone know of an easy way to do this?
I'd agree with Les. Curl + Charles (or Fiddler, Firefox's Tamper Data extension, wireshark, etc.) is the way I've always done this. The one trick I've found is that some sites require a three step process:
Hit the login page with a GET request first to get any session ids, cookies, and/or required fields (e.g. .net sites have __VIEWSTATE and __EVENTVALIDATION).
Once you have these values, then you post to the login page
Finally, request whatever resource you're after.
Don't plan on curl's cookie jar and cookie file being much help. You'll probably be best off parsing out the session id and cookies from the headers using a simple regex.
Hope this helps!
You might be better off with some sort of scriptable browser if you need to do a lot of GUI stuff. If you need to use PHP, check out curl: http://us2.php.net/curl
what I usually do is fire up charles go through the login process in a browser and record the raw requests. Copy+paste the requests and throw them through fopen or curl (with some small adjustments according to the responses).
You may want to take a look at Perl's LWP library (I know it isn't PHP, but it's very useful for screen scraping, web unit testing, and such):
Perl LWP at CPAN
LWP::Simple tutorial
I have fair bit of experience in this. I used to use Curl but it is no fun using it. In particular many times sites exchange XSRF tokens, or pass hidden variables, or set all kinds of cookies. Tracking all this with Curl becomes difficult. Atleast for me.
I then explored Selenium and I love it. There are 2 things- 1) install Selenium IDE (works only in Firefox). 2) Install Selenium RC Server
After starting Selenium IDE, go to the site that you are trying to automate and start recording events that you do on the site. Think it as recording a macro in the browser. Afterwards, you get the code output for the language you want.
Just so you know Browsermob uses Selenium for load testing and for automating tasks on browser.
I've uploaded a ppt that I made a while back. This should save you a good amount of time- http://www.4shared.com/get/tlwT3qb_/SeleniumInstructions.html
In the above link select the option of regular download.