Can I programmatically upload a file to the server (without client's interference) ? I know this is not possible in normal (.html) files. Is there anyway I can do it from .hta file? or any server side or plug-gin solution?
from an HTA, you can use the shell object to run commands just as if you were running from the command line - including FTP - but of course you'll need FTP credentials. since you said you'll be able to hardcode the files to be uploaded, i assume you have full access...
var shell = new ActiveXObject('wscript.shell');
var params = // this should be a string of ftp commands, like OPEN ftp.example.com USER PASS CWD somedir PUT c:\whatever.txt BYE
shell.run("%comspec% /c ftp.exe -i -s:" + params, 1, true);
Short answer is no.
It may be possible on some machines using a signed java applet - but from the wording of the question, that's going to be a very long juorney for you.
Based on your last comment, you might atleast need the user to load a web page. So based on an onload function, you can use an ajax hidden form to submit whatever files that you'd want to.
But getting information from your user without their knowledge might put you in a legal situation.
Good luck!!
Related
My problem is I need to fetch FOOBAR2000's title because that including information of playing file, so I create a execute file via Win32 API(GetWindowText(), EnumWindows()) and it's working good.
TCHAR SearchText[MAX_LOADSTRING] = _T("foobar2000");
BOOL CALLBACK WorkerProc(HWND hwnd, LPARAM lParam)
{
TCHAR buffer[MAX_TITLESTRING];
GetWindowText(hwnd, buffer, MAX_TITLESTRING);
if(_tcsstr(buffer, SearchText))
{
// find it output something
}
return TRUE;
}
EnumWindows(WorkerProc, NULL);
Output would look like "album artis title .... [foobar2000 v1.1.5]"
I created a php file like test.php, and use exec() to execute it.
exec("foobar.exe");
then in console(cmd) I use command to execute it
php test.php
It's working good too, same output like before.
Now I use browser(firefox) to call this php file(test.php), strange things happened.
The output only foobar2000 v1.1.5, others information gone ...
I think maybe is exec() problem? priority or some limitation, so I use C# to create a COM Object and register it, and rewrite php code
$mydll = new COM("FOOBAR_COMObject.FOOBAR_Class");
echo $mydll->GetFooBarTitle();
still same result, command line OK, but browser Fail.
My question is
Why have 2 different output between command line and browser. I can't figure it out.
How can I get correct output via browser.
or there is a easy way to fetch FOOBAR2000's title?
Does anyone have experience on this problem?
== 2012/11/28 edited ==
follow Enno's opinion, I modify http_control plug-in to add filename info, original json info is "track title".
modify as following
state.cpp line 380 add 1 line
+pb_helper1 = pfc::string_filename(pb_item_ptr->get_path());
pb_helper1x = xml_friendly_string(pb_helper1);
# 1: when firefox opens the php and it gets executed, it the context depends on the user which runs the php-container (apache), this is quite different from the commandline call which gets executed in your context
# 2 and 3: there seems to be more than one way for getting the title: use the foobar-sdk and create a module which simply reads the current title per api, then write your result in an static-html-document inside your http-root-folder OR use the http-client inside the sdk, with it, you do not need a wabserver, even better use a already implemented module: for instance foo_upnp or foo-httpcontrol
Good luck!
If your webserver runs as a service, in windows you need to enable "allow desktop interaction" for the service. Your php script runs as a child of the webserver process when requested via browser.
I have a script that displays images based on certain conditions. When none of the conditions are met, I want to randomly display one of the standard (backup) images. Those other images are on a remote server. I have read that you can't read a directory on a remote server, which makes sense.
Is my best bet to place a file into the remote server's image directory that outputs all of the image file names so I can parse it with the other server? Is there an easier way?
I prefer not to use FTP (http://php.net/manual/en/book.ftp.php).
What are my options for basically just getting the names of the images in that folder?
Thanks,
Ryan
UPDATE:
#mario's answer is lightweight and works like a charm. It is exactly the solution I thought I wanted, but after thinking about it some more, and reading that even #mario would do it differently, I decided to go with #bensiu's answer, because to me, control and security are more important than convenience. With #mario's method, it's very hard to know if the data you're getting is any good (lack of control) and you're exposing your directory / some server information (security). #bensiu's suggestion involves a second file (inconvenience), but provides the control and security I'm ultimately deciding to go with!
Thank you both!
-Ryan
I would prefer an exact and dedicated handler script like #bensiu pointed out.
But an alternative would be to read out a directory listing. A simple Apache generated mod_index listing would be sufficient for:
$html = file_get_contents("http://example.com/images/");
preg_match_all('/<a href="([-\w\d.]+\.(jpeg|png|gif))"/', $html, $uu);
$files = $uu[1];
I hope you at least have access to remote server...
You can place there script "A" that will do the job locally, return list of images in preffered format ( raw text, JSON, XML... ), and this script will be remotly called by curl form your server....
It also wise to make sure that when you call script "A" you at least passing some secret key to prevent unathorised access (not perfect solution but could be enought)
if you have PHP5 and the HTTP stream wrapper enabled on your server, it's very easy and simple to copy it to a local file:
copy('http://somedomain.com/file.jpeg', '/tmp/file.jpeg');
ome hosts disable copy() function then you can make your own -
<?php
function copyemz($file1,$file2){
$contentx =#file_get_contents($file1);
$openedfile = fopen($file2, "w");
fwrite($openedfile, $contentx);
fclose($openedfile);
if ($contentx === FALSE) {
$status=false;
}else $status=true;
return $status;
}
?>
Is it OK to give full authorization to any request coming from the command line?
My idea was to make this check:
if(isset($_SERVER['argc']) AND $_SERVER['argc']>=2) {
// it must be the admin, give him full authorization, no further checks needed.
} else {
// normal web request, authentication needed.
}
Does this make sense?
Anything else I should know before I start using the command line to execute my php scripts?
It's only safe if the server has only one user. Otherwise you need to either:
Check for the correct user ID in the script
Make the script only executable for that user
(This is assuming a Linux server)
The command line is not a very good place from which to control your web application: your app displays HTML output, which is not much good to a human looking at a console (not to mention the JavaScript that won't work etc).
You could arrange for different output to be generated when running from the command line, but as a practical matter: why bother with all this? Why not have the administrator be authenticated from the web just like any other user?
If you want to have a special backdoor built into your app anyway though, I would suggest something like this (which is web-based):
define('ADMIN_BACKDOOR', true); // comment out to disable
$is_admin = defined('ADMIN_BACKDOOR') && $_SERVER['REMOTE_ADDR'] == '127.0.0.1';
This is IMO next to impossible to exploit, and it allows you admin access from a natural environment (the browser).
I have a small problem, I want to load data from a PHP file and put them on a DIV.
Here's the Jquery code
// Store the username in a variable
var jq_username = $("#txt_checkuser").val();
// Prepare the link variable
var link = 'user.php?action=check&username=' + jq_username;
$('div #checkuser_hint').load(link);
So it works! but instead of loading the result (compiled PHP) it loads the PHP code.
If I write the long URL "http://localhost/project..." it doesn't load anything!
Any idea how to do that?
I think you might be accessing your javascript file as a file on your local filesystem, a request to the same directory would go through the filesystem and not through your webserver, processing the PHP into the desired output. This also explains why http://localhost/project for the AJAX call doesn't work: Javascript might be enforcing the same-origin policy on you.
Verify that you're actually accessing this javascript file through http://localhost/ (as opposed to something like file://C:/My PHP Files/ ).
Does the page return anything when you use your browser?
Are you sure it should not be 'div#checkuser_hint' instead of 'div #checkuser_hint' ?
And this looks like the correct way according to the documentation.
var link = 'user.php';
$('div#checkuser_hint').load(link, {'action':'check', 'username':jq_username});
Are you able to access the script manually on your own? (try accessing it via your browser: htp://localhost/...) It may be the case that you're missing your opening <?php and/or closing ?> in the script-file itself.
The following link outputs a different image every time you visit it:
http://www.biglickmedia.com/art/random/index.php
From a web browser, you can obviously right click it and save what you see. But if I were to visit this link from a command line (like through python+mechanize), how would I save the image that would output? So basically, I need a command-line method to imitate right clicking and saving the image after initially visiting the site from a web browser.
I can already use iMacro to do this, but I'd like a more elegant method. What can I use to accomplish this? Thanks!
you might need something that creates a socket to the server and then issues a http GET request for "art/random/index.php". save the payload from the HTTP response, and then you have your data
what you would be creating is a simple HTTP client
the unix command wget does this:
$ wget http://www.biglickmedia.com/art/random/index.php
<?php
file_put_contents('C:\\random.gif', file_get_contents('http://www.biglickmedia.com/art/random/index.php'));
?>
With Python and mechanize:
import mechanize
b = mechanize.Browser()
t = b.open(url)
image_type = t.info().typeheader # mime-type of image
data = t.read() #bytes of image
open(filename, 'wb').write(data)