simpjd

So in my HTML input tag I have: onkeyup="testFunction(event);" And I want to dynamically recreate this and this is where i'm up to: var input = document.createElement("input"); input.onkeyup = testFunction(event); But this doesn't seem to work!? Can any one help?

Unfortunately I have still not been able to find a solution for this problem!! I would really appreciate any help...the amazon website has no such help for this problem. My best guess is the fact that the response comes back with a line break at the start..? Either this or when I try to access via soapUI, the response contains a soap "attachment" Anyone? Please?

I'm making a web page that has restricted access via a login script. If the user is not logged in I use "header("Location: http://www.example.com");" to redirect the user to another "safe" page. My question is, is this safe? Can the user somehow stop or bypass the header and view the page without logging in for the client side? I would appreciate any help. Jack

The name needs to be as it is for later reasons when this data is processed via php.

So I have the following HTML code: <form name="form"> <input type="text" name="txt[0][0]" value="TEST MESSAGE1" /> <input type="text" name="txt[0][1]" value="TEST MESSAGE2" /> <input type="text" name="txt[0][2]" value="TEST MESSAGE3" /> <input type="text" name="txt[1][0]" value="TEST MESSAGE4" /> <input type="text" name="txt[1][1]" value="TEST MESSAGE5" /> <input type="text" name="txt[1][2]" value="TEST MESSAGE6" /> </form> The array “txt” can contatin any number of arrays but each nested array is always 0,1,2. I need to write a bit of code to extract all the values. I have so far: var txt = document.form["txt[][]"].length; for (var c=0; c < txt; c++){ document.write(document.form["txt[“+c+”][0]"].value); document.write(document.form["txt[“+c+”][1]"].value); document.write(document.form["txt[“+c+”][2]"].value); } I would really appreciate any help!

Is there maybe some kind of setting that means the SOAP return doesn't have to be XML???

No, its actually very limited. I'm sure this kind of thing crops up in other SOAP apps. There must be some way of bypassing the error or something....?

Ok so i've been integrating my website with a SOAP service that Amazon provide. When I call: $req = array('merchant' => array('merchantIdentifier' => $token, 'merchantName' => $name), 'documentIdentifier' => '591872944'); print_r($client -> __soapCall('getDocument', $req)); It is supposed to return an XML file of the document 591872944. Which it does, kind off.... The response starts as follows: --xxx-WASP-CPP-MIME-Boundary-xxx-0xb04e270-0b04e270-xxx-END-xxx Content-Type: text/xml; charset="UTF-8" <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:SE="http://schemas.xmlsoap.org/soap/encoding/"><SOAP-ENV:Body><ns0:string_Response xsi:type="xsd:string" xmlns:ns0="http://systinet.com/xsd/SchemaTypes/">591872944 </ns0:string_Response><ns1:doc href="cid:0xaf6bc18-0xb41b9f8-0xafe85a0-0xb879518-0xb4b1820" xmlns:ns1="http://systinet.com/xsd/SchemaTypes/"/></SOAP-ENV:Body></SOAP-ENV:Envelope> --xxx-WASP-CPP-MIME-Boundary-xxx-0xb04e270-0b04e270-xxx-END-xxx Content-ID: <0xaf6bc18-0xb41b9f8-0xafe85a0-0xb879518-0xb4b1820> Content-Type: application/binary <?xml version="1.0" encoding="UTF-8"?> <AmazonEnvelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="amzn-envelope.xsd"> <Header> This is displaying the following error: SoapFault exception: [Client] looks like we got no XML document in /var/www/1visual_bms/client.php:19 Stack trace: #0 /var/www/1visual_bms/client.php(19): SoapClient->__soapCall('getDocument', Array) #1 {main} I believe it is because of the comment thing at the top...but I cannot remove this before the response is processed by PHP SOAP.... PLEASE HELP!!!

Ok but my courier doesn't offer this. Think of it another way, I want a link that logs me into a site automatically....

I'm trying to write some code that will authenticate a session. Let me explain: I'm developing the back end of an e commerce site. When an item is shipped, the tracking info is stored. If the user wants to track the item, they have to log into the couriers website and enter tracking details. I want to write some code that will make a valid session that someone could use to take them strait to the tracking info. I haven't written any code yet because I dont know where to start! Maybe curl??? I want the user to be able to use the session as well. This may require some javascript? Hope this makes sense and someone can help!

P.S. Server version: 5.0.67-0ubuntu6

In my sql database I have a list of dates stored as DD/MM/YY, I need a select statement that will order by date but this dosent work: "SELECT * FROM table ORDER BY date DESC" It orders them like this: 01/02/09 02/01/09 03/06/08 Please Help!

Wow, this site has some very useful resources! Yes the tutorials have some great information about making secure PHP sessions. But I cant find out why the two token are 1 digital different as I mentioned above.... Also, using LiveHTTPHeaders (a firefox added that can show POST info) I can see that quite a few of the login pages I use have two unknown POSTs on them...usual "X" and "Y", or in this case: &Logon.x=18 &Logon.y=13 Does anyone know what these are???

Fantastic! So I used: $ch=curl_init(); curl_setopt($ch,CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE); curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); $output = curl_exec($ch); $output = preg_split("/(<table[^>]*>|<\/table>)/", $output); $output = preg_split('/"/', $output[2]); echo $output[5]; curl_close($ch); $ch=curl_init(); curl_setopt($ch,CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); $output = curl_exec($ch); $output = preg_split("/(<table[^>]*>|<\/table>)/", $output); $output = preg_split('/"/', $output[2]); echo $output[5]; curl_close($ch); To generate the token twice for testing purposes. This code used to read to very different values, but after implementing the cookie the values are nearly identical... Here is an example: 040924885853-1894922651-01633669330 040924885853-1894922651-01633669331 The first token always ends in 0 and the second always in 1....why do you think this is? p.s. thank you for all your help so far!!! also, so in an attempt to make my site secure, I've heard of session jacking....although my site is now protected against basic links that CSRF, can people not "jack" the session in order to get the session id....or something? please excuse my ignorance!

Oh and also, On my website I currently store the session id in mysql when the user logs in and check it on every page, does this do the same as a token? Does the token not need to change?

HTTP is a stateless protocol. You need to use CURL_COOKIE, CURL_COOKIEFILE and CURL_COOKIEJAR using curl_setopt. Thanks for your help, I know how to start a cookie session in order to stay logged in, the problem is how to get the token and then send a login POST without GETTING the page twice.....I need to read the page in order to get the token and then submit the POST..... Hope this makes scene...

Ok, These tokens seem to be a useful tool for session authentication! Does anyone know of a good education resource about security tokens? I would like to implement them onto my site! Back to my original problem, so the risks seem to be the same, I'm quite new to curl, can someone help me??

Oh ok..... I dont really know about the security risks. Isn't using curl, really just the same as logging in normally? If people can sniff a curl connection using SSL, can't people "sniff" form data once it is sent?

What I am trying to do is to automatically log into my online banking, retrieve my balance and then logout. I find it a pain to login on on a daily basis to check my balance. I have my own website on which I have done this for a few other things with lesser security with curl and websites like paypal have great little API tools for getting such information. Unfortunately my bank does not. My overall aim is to have all the information I need on my website so I don't have to spend time surfing the internet in order to check things. Jack

I'm trying to login into a site using curl. The problem is that the site uses a token to login that changes every 10 seconds and every time the page loads. $ch=curl_init(); curl_setopt($ch,CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); $output = curl_exec($ch); $output = preg_split("/(<table[^>]*>|<\/table>)/", $output); $output = preg_split('/"/', $output[2]); $token = $output[5]; curl_close($ch); This script gets the token from the login page but when I write another script to login using that token, a new token is produced when the next curl session accesses the page and makes the login invaild! Can anyone help?

Hello, I need to do the opposite to an SQL LIKE. Let me explain. In an SQL LIKE, I can find "ABCDE" by querying "ABC%" I need to find "ABC" when querying "ABCDE". [find values in database that are contained in the search query (ABCDE)] Hope this makes sense and someone can help! Jack