I just want to write a php code to check if password protected website is online or offline. I know the code to check whether if website is online or offline but it is not working if the website is password protected through .htaccess. llike if you open then website then an alert box comes and ask about the user name and password.
If i use this code then it is just saying that the website is offline because it cannot by pass the user name and password.
$host = 'http://gforms.orbnexus.com';
if($socket =# fsockopen($host, 80, $errno, $errstr, 30)) {
echo 'online!';
fclose($socket);
} else {
echo 'offline.';
}
Can any one please help me? Is there any way to by-pass user name and password?
the fact that it asks for a username and password means its online. I'm also sure you can make sure when you send your request that you get back a header, if nothing comes back the website is down.
Reference page
Use cURL to get your target, then check the http status code. If you get a 401 then it there's an authentication issue
Related
I am working on how can I know my client change their device when they login to my app, I am using Laravel framework so I was used $ip = $request->ip(); to get an IP address, it's not working as I need, it's become when user login from the different IP address as you know when I connect/disconnect IP address change, so my question how can I detect user device I know there is no way to get a mac address of my client device.
login.php
public function login()
{
//..
auth()->user()->update(['trusted_device' => request()->ip()]);
//..
}
You can check USER-AGENT, try:
echo $_SERVER['HTTP_USER_AGENT'];
To see some more info try:
var_dump($_SERVER);
Hello i want to create ftp for particular users.. I have searched on google but nothing found. So i have decided to put question on stackoverflow. I have tried below code but not working at all :-
$cpaneluser = "xxxxx"; // i have entered my cpanel user
$cpanelpass = "xxx"; //pwd
$domain = "testing.domain.com"; //here i have entered the domain
$fuser = "testing#domain.com";
$fpass = "mypwd";
$homedir = "/direcctorypath";
$url = "http://$cpaneluser:$cpanelpass#$domain:2082/json-api/cpanel?";
$url .= "cpanel_jsonapi_version=2&cpanel_jsonapi_module=Ftp&cpanel_jsonapi_func=addftp&";
$url .= "user=$fuser&pass=$fpass&homedir=$homedir"a=0";
var_dump($url);
$result = file_get_contents($url);
var_dump($http_response_header);
if ($result === FALSE)
die("ERROR: FTP Account not created. Please make sure you passed correct parameters.");
echo $result;
SEE OUTPUT
Every time its output coming FTP Account not created. Please make sure you passed correct parameters..
But i have entered the correct details. i Don't know why its not working.
So later on i have decide lets do with exec command but that also not working
Ref Url :- Creating FTP user accounts using FTP on server
exec("adduser -c 'testing#domain.com' -m testing123"); // this is not working at all
After checking above url i have added the username and password of ftp account. But i have one doubt where i passed the cpanel useranme and password in exec function. Can anyone tell me how to create ftp account of a user. Thanks in advance
I am creating a web application where I will be adding 10-20 IP addresses and setting a cron job for every 1 hour, that can be done easily. The problem is that I want to check whether an IP is currently working or not. If the IP is not working then I will get a message by email or some other mode. I have found the below code on the Internet:
$ip= '103.117.231.160';
$port = 80;
$fp = #fsockopen($ip, $port, $errno, $errstr, 2);
if (!$fp) {
echo 'offline';
} else{
echo 'online';
}
I have added many random IPs, but it's giving me online for the status. Is the above script fine or do I need to change the script? How can I test that an IP is working or not? Can anyone provide sample test IPs so I can make sure the script is working fine?
I just need correct output via email that my server is down.
I am working on a site that currently uses a basic authentication dialog box login system, that is the type of dialog that you get if you go here: http://www.dur.ac.uk/vm.boatclub/password/index.php
I did not set this system up and am not in a position to easily/quickly work around it, but it DOES work. The issue however is that the dialog box is not very helpful in telling you what login information you have to use (that is which username and password combination), and so I would like to replace it with a form. I had been thinking that this wasn't possible but I wanted to ask in order to find out.
Is it possible to set up an HTML form that sends the data to the server such that it accepts it in the same way that it would using this dialog box? Alternatively is it possible to set up a PHP script that would take normal form data and process it somehow passing it to the server such that it logs in?
Edit: After being told that this is basic authentication I went around and have managed to find a way that works and keeps the user persistently logged in. However, this does not work in internet explorer. The solution was simply to redirect the user to:
http://username:password#www.dur.ac.uk/vm.boatclub/password/index.php
But Internet Explorer removed it due to phishing uses about 3 years ago. Is there a way to use javascript to get the browser to access the site in this way? Or will I have to simply change my UI?
After a fair bit of research I found a way that works in both Chrome and IE, that is all that I've tested it in, but the logic of the code does not suggest it should break anywhere. It is based upon this article:
http://www.peej.co.uk/articles/http-auth-with-html-forms.html
Which is rather in depth but the crux of it is this - on the form submit you make an AJAX request into the basic authenticated folder. AJAX requests can accept username and password information for basic auth, and once the browser has authed once it's authorised in that realm, i.e. it will stay logged in. The previous article does it in pure javascript, so to add something other than simply explaining the link here's a (hopefully fairly transparent) implementation using jQuery:
$(document).ready(function()
{
$('#loginForm').submit(function()
{
var username = $('#usernameInput').val();
var password = $('#passwordInput').val();
$.ajax(
{
'password' : password,
'username' : username,
'url' : 'http://www.website.com/basic-auth-file.php',
'type' : 'GET',
'success' : function(){ window.location = 'http://www.website.com/basic-auth-file.php'; },
'error' : function(){ alert('Bad Login Details');},
}
);
return false;
});
});
This achieved what I wanted, and is relatively simple to understand, however I would implore anyone who wanted this to go out and didn't know about basic auth to go out and do the research!
You can replace it with a form. http://www.dur.ac.uk/vm.boatclub/password/index.php uses basic access authentication.
basic access authentication
What you could do is perform basic authentication via curl
<?php
// HTTP authentication
$url = "http://www.dur.ac.uk/vm.boatclub/password/index.php";
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_USERPWD, "myusername:mypassword");
$result = curl_exec($ch);
curl_close($ch);
//echo $result;
?>
Option 1
Proxy everything just echo'ing $result
Option 2
Read headers from $result and if status code != 200 then wrong login information has been entered. User should enter form again. If status code == 200 right credentials have been entered and you should do http basic authentication by sending headers.
header("Authorization: Basic " . base64_encode($username . ":" . $password);
You should not echo any data($result) before sending header else you will get an error
Some quick links:
http://phpsec.org/projects/guide/2.html
Let's say I have a website called (example.com) which will have a php file (example.com/call.php).
call.php will have a post method that will post to the website exampleOne.com/login.php with the right parameters. exampleOne.com will return a header with a cookie that will confirm the authentication of the user, how do I obtain the cookie or at least check if the header includes Set-Cookie in order to be informed that the user is authenticated?
If this is not clear enough please let me know in the comments and I will try my best to clear everything up.
(UPDATE 1: so the idea is that, how do I know that the other domain I am posting to has set up the cookie because the fact that the cookie has been set up (Set-cookie != null or "") means that the username and password are in fact correct)
(Update 2 so my issue is that I want to make sure that user is a member of some forum which does not have an API and I cannot authenticate to that forum because i don't have access to their records, however, that forum authenticate the user and sets a cookie if the information is right and I want to be able to see that cookie to make sure I understand that the user is authenticated - hope this helps)
You can use this code to do what you want. Pretty much you're just simulating a client when you do this by writing a HTTP request to a page and then processing the response headers that it sends back. This is also how you would build a proxy server, but that is sort of what you're doing.
Let me know if you need any help.
//
// OPEN SOCKET TO SERVER
//
$_socket = #fsockopen($host, $port, $err_no, $err_str, 30);
//
// SET REQUEST HEADERS
//
$_request_headers = '... CONSTRUCT FULL HEADERS HERE ...';
fwrite($_socket, $_request_headers);
//
// PROCESS RESPONSE HEADERS
//
$_response_headers = $_response_keys = array();
$line = fgets($_socket, 8192);
while (strspn($line, "\r\n") !== strlen($line))
{
#list($name, $value) = explode(':', $line, 2);
$name = trim($name);
$_response_headers[strtolower($name)][] = trim($value);
$_response_keys[strtolower($name)] = $name;
$line = fgets($_socket, 8192);
}
sscanf(current($_response_keys), '%s %s', $_http_version, $_response_code);
if (isset($_response_headers['set-cookie']))
{
// DO WHAT YOU WANT HERE
}
For reference, you can find similar code in PHProxy that goes into much more detail. It will create headers for you, process response headers, and more. If you find that this example doesn't do everything you need, you should reference that software.