Jump to content

cURL script wont work for some reason

Russia

By Russia
in PHP Coding Help

Recommended Posts

Russia Regular Member

Russia

Posted
Posted

Hey guys, I have this curl script I am working on, for some reason it wont work and keeps returning Invalid GUID.

 

Here is the code to the install script with curl in it:

<?php
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
    function realEscape($string)
    {
      if(get_magic_quotes_gpc())
      {
        return mysql_real_escape_string(stripslashes($string));
      }
      else
      {
        return mysql_real_escape_string($string);
      }
    }
    function encrypt($value)
    {
      return md5(md5(base64_encode($value)));
    }
        if(isset($_GET['guid']))
        {
            $my_guid = $_GET['guid'];
        }
        elseif(isset($_POST['guid1']))
        {
            $my_guid = $_POST['guid1'] .'-'. $_POST['guid2'] .'-'. $_POST['guid3'] .'-'. $_POST['guid4'];
        }
            if(function_exists('curl_open'))
            {
             $ch = curl_init();
              
              curl_setopt($ch, CURLOPT_URL, 'http://www.example.info/guid/4/guid4.php');
              curl_setopt($ch, CURLOPT_HEADER, 0);
              curl_setopt($ch, CURLOPT_USERAGENT, 'MRSW');
              curl_setopt($ch, CURLOPT_POST, 1);
              curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
              curl_setopt($ch, CURLOPT_POSTFIELDS, 'guid='.urlencode($my_guid) . '&webaddress=' . urlencode($_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME'])) .'&version='. urlencode($version);
              
              $output = curl_exec($ch);
              
            
              if(preg_match('/valid=([A-Z0-9\-]+)/', $output, $matches))
              {
                $valid = $matches[1];
              }
                
              curl_close($ch);
            }
            elseif($sock = @fsockopen('208.89.214.34', 80))
            {
            $request = "POST /guid/4/guid4_3.php HTTP/1.1\r\n".
                       "Host: example.info\r\n".
                       "Connection: Close\r\n".
                       "User-Agent: MRSW\r\n".
                       "Content-Type: application/x-www-form-urlencoded\r\n".
                       "Content-Length: ". strlen('guid='.urlencode($my_guid) . '&webaddress=' . urlencode($_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME']) ."&version". urlencode($version)) ."\r\n\r\n".
                       'guid='.urlencode($my_guid) . '&webaddress=' . urlencode($_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME']) .'&version='. urlencode($version);
            fwrite($sock, $request);
            while($buf = fgets($sock))
            {
            
              if(preg_match('/valid=([A-Z0-9\-]+)/', $buf, $matches))
              {
                $valid = $matches[1];
              }
            }
            fclose($sock);
            }
            if($valid == 1)
            {
                if($_GET['step'] == 1)
                {
                    echo 'GUID is valid.';
                    echo '<form action="install2.php?step=2&guid='. $my_guid .'" method="post">';
                    echo '<input type="submit" value="Continue">';
                    echo '</form>';
                }
if($_GET['step'] == 2)
{
    if (is_writable('../includes/config.php')) {
        echo '<font color="green">File config.php is writable.</font><br />';
        echo '<form action="install2.php?step=3&guid='. $my_guid .'" method="post">';
        echo '<input type="submit" value="Continue">';
        echo '</form>';
    } else {
        echo '<font color="red">Can not write to config.php, If you have not done so, please CHMOD config.php to 777.</font>';
    }
}
if($_GET['step'] == 3)
{
    if($_GET['check'] == 1)
    {
        /*
        *****************************************
        * Database Connection check
        *****************************************
        */
        $con = @mysql_connect($_POST['host'], $_POST['user'], $_POST['pass']);  
        @mysql_select_db($_POST['db'], $con);
        if(!$con)
        {
            echo "<br /><br /><b>Could not connect to:<br>Host: ". $_POST['host'] ."<br>User: ". $_POST['user'] ."<br>Database: ". $_POST['db'] ."<br>Using password: ";
        if(empty($_POST['pass']))
        {
            echo "No";
        }
         else
         {
               echo "yes";
          }
            echo "<br /></b>";
            echo '<form action="install2.php?step=6" method="post">';
            echo '<input type="submit" value="Try Again">';
            echo '</form>';
        }
        else
        {
            /*
            *****************************************
            * Config.php Creation
            *****************************************
            */
            $extra = '../includes/config.php';
            $filename = "../includes/config.php";
            $somecontent = "<?php \$guid = '". $my_guid ."';\$host = '". $_POST['host'] ."';\$dbuser = '". $_POST['user'] ."';\$dbpass = '". $_POST['pass'] ."';\$db = '". $_POST['db'] ."';\$prefix = '". $_POST['prefix'] ."'; ";
            if (!$handle = fopen($filename, 'a')) {
                 echo "Cannot open file ($filename)";
                 exit;
            }
            if (fwrite($handle, $somecontent) === FALSE) {
                echo "Cannot write to file ($filename)";
                exit;
            }
            fclose($handle);
            echo "MySQL Successfully connected.";
            echo '<form action="install2.php?step=4&guid='. $my_guid .'" method="post">';
            echo '<input type="submit" value="Continue">';
            echo '</form>';
        }
    }
    else
    {
        echo '<table width="325" border="0" align="center">';
        echo '<form action="install2.php?step=3&check=1&guid='. $my_guid .'" method="post">';
        echo '<tr><td>MySQL Host:</td><td><input type="text" name="host"></td></tr>';
        echo '<tr><td>MySQL Username:</td><td><input type="text" name="user"></td></tr>';
        echo '<tr><td>MySQL Password:</td><td><input type="password" name="pass"></td></tr>';
        echo '<tr><td>MySQL Database:</td><td><input type="text" name="db"></td></tr>';
        echo '<tr><td>Database Prefix:</td><td><input type="text" name="prefix"></td></tr>';
        echo '<tr><td><input type="submit" value="Continue"></td></tr>';
        echo '</form>';
        echo '</table>';
    }
}
if($_GET['step'] == 4)
{
    include '../includes/config.php';
    $con = @mysql_connect($host, $dbuser, $dbpass);  
    mysql_select_db($db ,$con);
//tables    
    echo 'Successfully created Tables';
    echo '<form action="install2.php?step=5&guid='. $my_guid .'" method="post">';
    echo '<input type="submit" value="Continue">';
    echo '</form>';
}
if($_GET['step'] == 5)
{
    if($_GET['check'] == 1)
    {
            include '../includes/config.php';
            $con = @mysql_connect($host, $dbuser, $dbpass);  
            mysql_select_db($db ,$con);
            if($_POST['forum'] == 1) {
//options
            echo 'Options successfully inserted.';
            echo '<form action="install2.php?step=6&guid='. $my_guid .'" method="post">';
            echo '<input type="submit" value="Continue">';
            echo '</form>';
    }
    else
    {
        echo '<table width="325" border="0" align="center">';
        echo '<form action="install2.php?step=5&check=1&guid='. $my_guid .'" method="post">';
        echo '<tr><td>Website Title:</td><td><input type="text" name="title"></td></tr>';
        echo '<tr><td>Forums Type:</td><td><select name="forum" onchange="displayforum();"><option value="0">MikeRSWeb Forums</option><option value="1">Other Forums</option></select></td></tr>';
        echo '<tr><td>Forums Link:</td><td id="forum" style="display: none"><input class="input" name="forums" type="text" id="forums"></td></tr>';
        echo '<tr><td>Client Type:</td><td><select name="client" id="ctype" onchange="displayclient();"><option value="0">MikeRSWeb Webclient</option><option value="1">Custom Client</option></select></td></tr>';
        echo '<tr><td>Client Link:</td><td id="client" style="display: none"><input type="text" name="client" id="client"></td></tr>';
        echo '<tr><td>Website Theme:</td><td><select name="theme"><option value="0">Normal</option><option value="1">Metal</option><option value="2">Halloween</option><option value="3">Christmas</option><option value="4">Castle</option></select></td></tr>';
        echo '<tr><td>Server IP:</td><td><input type="text" name="ip"></td></tr>';
        echo '<tr><td>Server Port:</td><td><input type="text" name="port"></td></tr>';
        echo '<tr><td><input type="submit" value="Continue"></td></tr>';
        echo '</form>';
        echo '</table>';
        ?>
        <script>
document.getElementById('client').style.display = 'none';
function displayclient()
{
  e = document.forms[0].ctype.value;
  if(e == 0)
  {
    document.getElementById('client').style.display = 'none';
  }
  else
  {
    document.getElementById('client').style.display = 'block';
  }
}
document.getElementById('forum').style.display = 'none';
function displayforum()
{
  e = document.forms[0].forum.value;
  if(e == 0)
  {
    document.getElementById('forum').style.display = 'none';
  }
  else
  {
    document.getElementById('forum').style.display = 'block';
  }
}
</script>
        <?php 
    }
}
if($_GET['step'] == 6)
{
    if($_GET['check'] == 1)
    {
        if(!is_numeric($_POST['day']) || !is_numeric($_POST['month']) || !is_numeric($_POST['year'])) {
            echo 'Every field from your birthdate has to be numeric.<br />';
            echo '<form action="install2.php?step=6&guid='. $my_guid .'" method="post">';
            echo '<input type="submit" value="Try Again">';
            echo '</form>';
        }
        
        elseif(!in_array($_POST['theme'], array(0, 1, 2, 3, 4))) {
            echo 'Invalid theme.<br />';
            echo '<form action="install2.php?step=6&guid='. $my_guid .'" method="post">';
            echo '<input type="submit" value="Try Again">';
            echo '</form>';
        }
        else
        {
        include '../includes/config.php';
        $con = @mysql_connect($host, $dbuser, $dbpass);  
        mysql_select_db($db ,$con);
//others
        if(function_exists('curl_open'))
            {
             $ch = curl_init();
              
              curl_setopt($ch, CURLOPT_URL, 'http://www.example.info/guid/4/guid4_end.php');
              curl_setopt($ch, CURLOPT_HEADER, 0);
              curl_setopt($ch, CURLOPT_USERAGENT, 'MRSW');
              curl_setopt($ch, CURLOPT_POST, 1);
              curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
              curl_setopt($ch, CURLOPT_POSTFIELDS, 'guid='.urlencode($my_guid) . '&webaddress=' . urlencode($_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME']) . '&version='. $version);
              
              $output = curl_exec($ch);
              
            
              if(preg_match('/valid=([A-Z0-9\-]+)/', $output, $matches))
              {
                $valid = $matches[1];
              }
                
              curl_close($ch);
            }
            elseif($sock = @fsockopen('208.89.214.34', 80))
            {
            $request = "POST /guid/4/guid4_3_end.php HTTP/1.1\r\n".
                       "Host: example.info\r\n".
                       "Connection: Close\r\n".
                       "User-Agent: MRSW\r\n".
                       "Content-Type: application/x-www-form-urlencoded\r\n".
                       "Content-Length: ". strlen('guid='.urlencode($my_guid) . '&webaddress=' . urlencode($_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME']) ."&version=". $version) ."\r\n\r\n".
                       'guid='.urlencode($my_guid) . '&webaddress=' . urlencode($_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME']) .'&version='. urlencode($version);
            fwrite($sock, $request);
            while($buf = fgets($sock))
            {
            
              if(preg_match('/valid=([A-Z0-9\-]+)/', $buf, $matches))
              {
                $valid = $matches[1];
              }
            }
            fclose($sock);
            }
            echo 'MikeRSWeb has been successfully installed. <br />Thank you for installing MikeRSWeb. <a href="../index.php">Click here to continue</a>.';
        }
    }
    else
    {
        echo '<table width="325" border="0" align="center">';
        echo '<form action="install2.php?step=6&check=1&guid='. $my_guid .'" method="post">';
        echo '<tr><td>Administrator Username:</td><td><input type="text" name="username"></td></tr>';
        echo '<tr><td>Administrator Password:</td><td><input type="password" name="password"></td></tr>';
        echo '<tr><td>Date Of Birth:</td><td><select id="day" name="day">
<option value="-1" selected="selected" disabled="disabled">Day</option>
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
<option value="4">4</option>
<option value="5">5</option>
<option value="6">6</option>
<option value="7">7</option>

<option value="8">8</option>
<option value="9">9</option>
<option value="10">10</option>
<option value="11">11</option>
<option value="12">12</option>
<option value="13">13</option>
<option value="14">14</option>
<option value="15">15</option>
<option value="16">16</option>

<option value="17">17</option>
<option value="18">18</option>
<option value="19">19</option>
<option value="20">20</option>
<option value="21">21</option>
<option value="22">22</option>
<option value="23">23</option>
<option value="24">24</option>
<option value="25">25</option>

<option value="26">26</option>
<option value="27">27</option>
<option value="28">28</option>
<option value="29">29</option>
<option value="30">30</option>
<option value="31">31</option>
</select>
<select id="month" name="month">
<option value="-1" selected="selected" disabled="disabled">Month</option>
<option value="0">January</option>

<option value="1">February</option>
<option value="2">March</option>
<option value="3">April</option>
<option value="4">May</option>
<option value="5">June</option>
<option value="6">July</option>
<option value="7">August</option>
<option value="8">September</option>
<option value="9">October</option>

<option value="10">November</option>
<option value="11">December</option>
</select>
<input type="text" id="year" name="year" maxlength="4" value="Year"></td></tr>';
        echo '<tr><td>Administrator E-Mail:</td><td><input type="text" name="email"></td></tr>';
        echo '<tr><td><input type="submit" value="Continue"></td></tr>';
        echo '</form>';
        echo '</table>';
    }
}
}
else
{
    echo 'This GUID is not Valid. Register on www.example.info for a valid GUID.';    
}
}
else
{
?>







<div id="body">
<center>

  <h3>Install</h3>

  <em>Welcome to the MikeRSWeb Installation page. We will work in steps to get to your final destination of getting MikeRSWeb working</em></P>
<p><strong>________________________________________________</strong></p>
</center>
<form action="install2.php?step=1" method="post" name="install">
  <table width="325" align="center" border="0">
      <tbody><tr>

          <td>Register at www.example.info for a GUID Code</td>
      </tr>
      <tr>
          <td>Your GUID Code: <input style="width: 35px;" name="guid1" maxlength="4" type="text"> - <input style="width: 35px;" name="guid2" maxlength="4" type="text"> - <input style="width: 35px;" name="guid3" maxlength="4" type="text"> - <input style="width: 35px;" name="guid4" maxlength="4" type="text"></td>
      </tr>

    <tr>
        <td><input class="button-bg" value="Continue" type="submit"></td>
    </tr>
  </tbody></table>
</form>

</div>
<?php
}
?>

 

You can see it connects to example.info/guid/4/guid.php

 

This is where it checks if the guid is valid from a database.

 

Here is the info from the guid.php page:

<?php
$con = @mysql_connect('localhost','brian_brian','******');  
mysql_select_db('brian_brian' ,$con);
function realEscape($string)
{
  if(get_magic_quotes_gpc())
  {
    return mysql_real_escape_string(stripslashes($string));
  }
  else
  {
    return mysql_real_escape_string($string);
  }
}

if($_SERVER['HTTP_USER_AGENT'] == 'MRSW' && !empty($_POST['guid']))
{
    $check_guid_exist = mysql_query('SELECT guid FROM guids2 WHERE guid="'. realEscape($_POST['guid']) .'" AND `used`=0');
    if(mysql_num_rows($check_guid_exist) > 0)
    {
      $result = mysql_query('SELECT banned FROM guids2 WHERE guid = \''.$_POST['guid'] .'\'');
      $row = mysql_fetch_assoc($result);
      if(!(int)$row['banned']) {
        echo 'valid=1';
      }
    }
    else {
        echo 'valid=0';
    }
         }
?>

 

 

For some reason it wont work, also, see this line:

elseif($sock = @fsockopen('208.89.214.34', 80))

 

For the IP Address what do I put there? My IP address or the website's IP Address?

 

Thanks ahead of time for the help.

 

Also, if someone needs a picture of how the database looks just post here.

Link to comment
https://forums.phpfreaks.com/topic/203693-curl-script-wont-work-for-some-reason/
Share on other sites
mrMarcus Member

mrMarcus

Posted
Posted

dude, if you want "urgent" help, consider narrowing down your code and give some specific examples or errors that you are encountering.  Only people who tell me something needs urgent attention (and i actually listen) are people who pay me and the wifey.

 

This is what I have to go on:

 

For some reason it wont work

 

And about 100+ lines of your code.

 

read up on fsockopen.

 

NOTE:

 

this function is no good:

 

function encrypt($value)
    {
      return md5(md5(base64_encode($value)));
    }

 

hashing a value twice is no more potent than just doing it once.  In fact, hashing a value more than once can lead to collisions.  Instead of double hashing, use a combination of hashing and salt.  On top of that, disguise your passwords to like something they are not  ;)

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.