Support

If you have a problem or need to report a bug please email : support@dsprobotics.com

There are 3 sections to this support area:

DOWNLOADS: access to product manuals, support files and drivers

HELP & INFORMATION: tutorials and example files for learning or finding pre-made modules for your projects

USER FORUMS: meet with other users and exchange ideas, you can also get help and assistance here

NEW REGISTRATIONS - please contact us if you wish to register on the forum

Users are reminded of the forum rules they sign up to which prohibits any activity that violates any laws including posting material covered by copyright

HTTP, POST & Flowstone

For general discussion related FlowStone

HTTP, POST & Flowstone

Postby Drnkhobo » Thu Aug 22, 2013 1:36 pm

Hey guys, does anyone here have any knowledge to share about using the HTTP POST module (not for sending mail) ???
I noticed that you can send data back from your server to the module and was wondering how to go about this.
Im not really good with PHP so its difficult for me to understand how it all fits together. I want to implement a "plugin checker" so that each time a plugin connects to the net it POSTS its serial which is checked in a DB on my website.

Can anyone give me a hand? or at least explain a bit ??


THANKS!!!
Drnkhobo
 
Posts: 312
Joined: Sun Aug 19, 2012 7:13 pm
Location: ZA

Re: HTTP, POST & Flowstone

Postby chackl » Thu Aug 22, 2013 2:37 pm

If you have for example a php script on any server - you need the php script link:

http://anyexample.com/php/any.php

then you need to get to the module:
domain: "anyexample.com"
site: "php/any.php"

Well and then you should have some knowlage of php ^^

ill put here a testcode that sends some data to host and then the host returns something:
Code: Select all
<?php
$yourname = $_REQUEST['yourname'];
$yourage = $_REQUEST['yourage'];
print "Hello! Time is: ".date('l jS \of F Y h:i:s A')." - Your name is ".$yourname." and you are ".$yourage." years old";
?>


Then you need to send any value with the variables yourname and yourage in the post module

Simple said:
$yourname = $_REQUEST['yourname']; -> Hase to Equal with the variable name in FlowStone
print - gives back a text that flowstone is showing as input. This is the html text that is usualy used to display websites.

Regards
100% accuracy is the guarantee to your success. The value alters if you combine it with musical creativity.
User avatar
chackl
 
Posts: 233
Joined: Tue Aug 17, 2010 8:46 pm
Location: Austria / Salzburg

Re: HTTP, POST & Flowstone

Postby Drnkhobo » Fri Aug 23, 2013 7:44 pm

Thanks Chackl!

It helped alot! I can understand things better :lol:

Will get back to you when i know more. . .
Drnkhobo
 
Posts: 312
Joined: Sun Aug 19, 2012 7:13 pm
Location: ZA

Re: HTTP, POST & Flowstone

Postby Drnkhobo » Sat Aug 24, 2013 2:22 pm

Your example has basically given me the knowledge (hack'esque) to start this going, I appreciate it Chackl!

My next question regarding this would be how do I keep this information encrypted. . .

for instance: say I want my plugin to send its serial number to my php script (on my server) which checks against the set of serials to see if its valid. All good but anyone can access my "serialcheck.php" script on my website and find the set of serials. . . would it be preferable to have the set of serials in a database?

Im just wondering because a simple php script could save my woes. . .
Drnkhobo
 
Posts: 312
Joined: Sun Aug 19, 2012 7:13 pm
Location: ZA

Re: HTTP, POST & Flowstone

Postby Drnkhobo » Sat Aug 24, 2013 6:36 pm

Ok, so ive set up a SQL db on my webserver which holds entries of valid serial keys.

This is secure (for the most part) as the serial list to check against is in a SQL db.

So the plugin sends a POST request to my script (serial.php) which takes the plugins entered serial number and then connects to the serial SQL db to check it against valid serial contained in the SQL db.

If not valid, lock the plugin.



So this sounds good but I have a issue with this idea:

The php script file (located on my webserver) has to connect to the serial SQL db. So (as far as I know, and id like to admit that I dont know much on PHP yet) the code within the script file looks as follows:

Code: Select all
$user_name = "John Doe";
$password = "qwerty";
$database = "serial_db";
$server= "127.0.0.1";

mysql_connect($server, $user_name, $password);


You see. . . ? THE LOGIN DETAILS TO THE SQL DB IS UN-ENCRYPTED!!!!!

No, no we cant have that!

I think its a doable thing but I need more help on this. Chackl, youve been great & I know you have done something similar. Is it possible to have an encrypted login in PHP?

:D
Drnkhobo
 
Posts: 312
Joined: Sun Aug 19, 2012 7:13 pm
Location: ZA

Re: HTTP, POST & Flowstone

Postby chackl » Sat Aug 24, 2013 8:05 pm

Basicaly:

Sending data from your pc to the webhost via http is everytime not protected. only https will provide this.

What you need is to checksum the password if you store it to db - if you login you also have to checksum it again. - if the checksum matches it is ok if not - guess :D

Getting data direkt from SQL is diabled on most hosts so only php scripts that are executet on the server can get data from it ;) - for this you may google "MD5 Password'
If you want to be save - checksum the password then checksumm the checksumm of it ;)
Getting md5 revers is nearly not possible - try it if you want and google a checksumm of a checksumm ^^ :D

Regards
100% accuracy is the guarantee to your success. The value alters if you combine it with musical creativity.
User avatar
chackl
 
Posts: 233
Joined: Tue Aug 17, 2010 8:46 pm
Location: Austria / Salzburg

Re: HTTP, POST & Flowstone

Postby Magnum Opus » Mon Aug 26, 2013 2:09 pm

Its normal for the data sent over a network to be unencrypted, that`s how you carry repeat somebody.
But if php.ini and various permissions are set correctly you will be script kiddy proof.
Thus if you host from a secure socket your script outta be secure.
In what way do we have to think about it so that we can understand it's simplicity.
User avatar
Magnum Opus
 
Posts: 6
Joined: Sat May 25, 2013 1:34 am

Re: HTTP, POST & Flowstone

Postby Drnkhobo » Tue Aug 27, 2013 7:33 pm

But if php.ini and various permissions are set correctly you will be script kiddy proof.

Thanks Magnum Opus, would you be able to elaborate on this? :D
Drnkhobo
 
Posts: 312
Joined: Sun Aug 19, 2012 7:13 pm
Location: ZA


Return to General

Who is online

Users browsing this forum: No registered users and 71 guests