Jump to content

ebolisa

Members
  • Posts

    24
  • Joined

  • Last visited

Profile Information

  • Location
    Madrid, Spain

ebolisa's Achievements

Member

Member (2/5)

0

Reputation

  1. I just want to read mqtt data when I'm refreshing the page. So, it's not a long term-process.
  2. Hi, The code below fails with error and I just cannot understand what's causing the issue. So, I really appreciate some help. TIA <?php require("phpMQTT.php"); $server = "server.com"; // change if necessary $port = 1883; // change if necessary $username = ""; // set your username $password = ""; // set your password $client_id = "MqttClient-client"; // make sure this is unique for connecting to sever - you could use uniqid() $mqtt = new phpMQTT($server, $port, $client_id); if(!$mqtt->connect(true,NULL,$username,$password)){ echo "Connection error!"; exit(1); } else { echo "Connected!"; echo "<br>"; } //currently subscribed topics $topics["casa/rp2/soil/moist"] = array("qos"=>1, "function"=>"procmsg"); $mqtt->subscribe($topics, 1); while($mqtt->proc()){ } $mqtt->close(); function procmsg($topic,$msg){ echo "Msg Recieved: $msg"; } and lib's line 289 is
  3. http://localhost loads fine as it's running on port 80 and using php 7.4 http://localhost:8080 fails (as mentioned above) as it is using php 8.1 Thank you.
  4. Hi I just installed 8.1 on my Raspberry Pi and when I run a test, the code is not processed in my browser. Where did I go wrong? BTW, 7.4 is still resident. I appreciate some guidance. TIA code added in apache's default.conf: <VirtualHost *:8080> <FilesMatch ".+\.ph(ar|p|tml)$"> SetHandler "proxy:unix:/run/php/php8.1-fpm.sock|fcgi://localhost" </FilesMatch> </VirtualHost> code in test file: <?php echo "Hello world"; echo '<br>'; echo '<br>'; echo 'Local datetime is: '; echo date('Y-m-d H:i:s'); phpinfo(); ?> test shown in browser: '; echo ' '; echo 'Local datetime is: '; echo date('Y-m-d H:i:s'); phpinfo(); ?>
  5. 😄Thanks!! I realized what happened to the code when I ran the URL.
  6. It deletes the file shown below which I call once the new firmware (https://www.mysite.net/ota/delete_ESP_data.php?file=program.py) is downloaded and stored on the microcontroller. <?php $file = $_GET['file']; $dir = getcwd(); $file = $dir.'/'.$file; unlink($file); ?>
  7. I see the content of the file: https://www.mysite.net/ota/get_ESP_data.php?file=program.py
  8. A new firmware is stored on my ISP. The microcontroller is using micropython to request and download, through the php code, the new firmware. My concern is if the php code is hacakble to a pont to modify my firmware code.
  9. The microcontroller code checks for updates, every so often. If a new firmware is available, it's downloaded. I was wondering if any risks can exist by someone hacking the firmware code which is in Python and stored on a public web site "https://mysite.net/iot/".
  10. Hi, I'm using the code below to retrieve a file into a microcontroller running micropython. I understand I'm open for easy attacks so, I appreciate some inputs. TIA <?php $file = $_GET['file']; $dir = getcwd(); $file = $dir.'/'.$file; $myfile = fopen($file, "r") or die("FAIL"); echo file_get_contents($file); fclose($myfile); ?>
  11. Could you give me a hint on how to do that, please.
  12. I understand, but I need to automate the process for my IOT projects 🤔
  13. Yes, I have phpMyAdmin access but only once logged in their system. Do not have access to it directly.
  14. <?php include 'db_conn.php'; // Keep this API Key value to be compatible with the ESP32 code provided in the project page. If you change this value, the ESP32 sketch needs to match $api_key_value = "myKey"; $api_key = $board = $ip = ""; //printf('<pre>Contents of $_POST %s</pre>', print_r($_POST, true)); if ($_SERVER["REQUEST_METHOD"] == "POST") { //printf('<pre>Contents of $_POST %s</pre>', print_r($_POST, true)); //var_dump($_POST)."<br>"; $api_key = test_input($_POST["api_key"]); //printf('<pre>Contents of $api_key: %s</pre>', print_r($api_key, true)); if($api_key == $api_key_value) { $ip = test_input($_POST["ip"]); $board = test_input($_POST["board"]); $uptime = test_input($_POST["uptime"]); $temp = test_input($_POST["temp"]); $conn = OpenCon(); // Check connection if ($conn->connect_error) { die("Connection failed: " . $conn->connect_error); } else { //echo "Connected!"."<br>"; } $sql = "INSERT INTO washupips (board, uptime, temp, ip) VALUES ( '" . $board . "', '" . $uptime. "', '" . $temp . "','" . $ip . "')" ; //printf('<pre>Contents of $sql %s</pre>', print_r($sql, true)); if ($conn->query($sql) === TRUE) { echo "New record created successfully"; } else { echo "Error: " . $sql . "<br>" . $conn->error; } $conn->close(); } else { echo "Wrong API Key provided."; } } else { echo "No data posted with HTTP POST."; } function test_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } ?> Ok, I see the confusion, perhaps bridge is not the right definition in English. Normally, to store data to a DB we access it via an IP, no matter where that location is. In my case and for security reasons, the IP is not accessible via the Internet, but it's accessible via a web server since both servers are in the same ISP's network. So, I'm using a "bridge" to hop from the ISP's web server to the DB server as shown in the above code.
  15. Hi, My ISP doesn't allow direct access to mysql Server so I created a bridge and stored the PHP code in the main web folder (https://www.mydomain.com/post.php). The bridge works fine and is used mainly for my IOT projects. In the same web folder, is located the conn.php code containing the server's credentials. The question is, how safe is the PHP code at that location? I can create a subfolder but not sure if it matters as far as security is concerned. TIA
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.