2012-05-23, 09:01 AM
Hi guys an Thank you for help!
i see the topic lick that but its different with my quastion.
so:
Guys I have a CURL(in C++) to send my user and pass to remauth.php file so i think i do something wrong on remuth.php ( because i am basic in php and my program can not run because the auth not passed.) so can some one help me to resolve that ?!
Thank
my CURL:
and my remauth.php:
///////////////////////////////////
i see the topic lick that but its different with my quastion.
so:
Guys I have a CURL(in C++) to send my user and pass to remauth.php file so i think i do something wrong on remuth.php ( because i am basic in php and my program can not run because the auth not passed.) so can some one help me to resolve that ?!
Thank
my CURL:
bool Auth_PerformSessionLogin(const char* username, const char* password)
{
curl_global_init(CURL_GLOBAL_ALL);
CURL* curl = curl_easy_init();
if (curl)
{
char url[255];
_snprintf(url, sizeof(url), "http://%s/remauth.php", "SITEADDRESS.com");
char buf[8192] = {0};
char postBuf[8192];
_snprintf(postBuf, sizeof(postBuf), "%s&&%s", username, password);
curl_easy_setopt(curl, CURLOPT_URL, url);
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, AuthDataReceived);
curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void*)&buf);
curl_easy_setopt(curl, CURLOPT_USERAGENT, "IW4M");
curl_easy_setopt(curl, CURLOPT_FAILONERROR, true);
curl_easy_setopt(curl, CURLOPT_POST, 1);
curl_easy_setopt(curl, CURLOPT_POSTFIELDS, postBuf);
curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, -1);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, false);
CURLcode code = curl_easy_perform(curl);
curl_easy_cleanup(curl);
curl_global_cleanup();
if (code == CURLE_OK)
{
return Auth_ParseResultBuffer(buf);
}
else
{
Auth_Error(va("Could not reach the SITEADDRESS.comt server. Error code from CURL: %x.", code));
}
return false;
}
curl_global_cleanup();
return false;
}
and my remauth.php:
<?php
ob_start();
$host=""; // Host name
$dbusername=""; // Mysql username
$dbpassword=""; // Mysql password
$db_name=""; // Database name
$tbl_name=""; // Table name
// Connect to server and select databse.
//mysql_connect("$host", "$username", "$password")or die("cannot connect");
//mysql_select_db("$db_name")or die("cannot select DB");
// Connect to server and select databse.
mysql_connect("$host", "$dbusername", "$dbpassword") or die(mysql_error());
//echo "Connected to MySQL<br />";
mysql_select_db("$db_name") or die(mysql_error());
//echo "Connected to Database<br />";
// Check $username and $password
/*
if(empty($_POST['username']))
{
echo "UserName/Password is empty!";
return false;
}
if(empty($_POST['password']))
{
echo "Password is empty!";
return false;
}
*/
// Define $username and $password
//$username=$username;
//$password=md5($_POST['password']);
//$password=$password;
$username=$_POST['username'];
$password=$_POST['password'];
//$post_item[]='action='.$_POST['submit'];
// To protect MySQL injection (more detail about MySQL injection)
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$sql="SELECT * FROM $tbl_name WHERE username='$username'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $username and $password, table row must be 1 row
if($count==1){
$row = mysql_fetch_assoc($result);
if (md5(md5($row['salt']).md5($password)) == $row['password']){
session_register("username");
session_register("password");
echo "#";
return true;
}
else {
echo "o";
return false;
}
}
else{
echo "o";
return false;
}
ob_end_flush();
?>
///////////////////////////////////