DSP Robotics Support

Hey guys, does anyone here have any knowledge to share about using the HTTP POST module (not for sending mail) ???
I noticed that you can send data back from your server to the module and was wondering how to go about this.
Im not really good with PHP so its difficult for me to understand how it all fits together. I want to implement a "plugin checker" so that each time a plugin connects to the net it POSTS its serial which is checked in a DB on my website.

Can anyone give me a hand? or at least explain a bit ??


THANKS!!!

If you have for example a php script on any server - you need the php script link:

http://anyexample.com/php/any.php

then you need to get to the module:
domain: "anyexample.com"
site: "php/any.php"

Well and then you should have some knowlage of php ^^

ill put here a testcode that sends some data to host and then the host returns something:


Then you need to send any value with the variables yourname and yourage in the post module

Simple said:
$yourname = $_REQUEST['yourname']; -> Hase to Equal with the variable name in FlowStone
print - gives back a text that flowstone is showing as input. This is the html text that is usualy used to display websites.

Regards

Thanks Chackl!

It helped alot! I can understand things better

Will get back to you when i know more. . .

Your example has basically given me the knowledge (hack'esque) to start this going, I appreciate it Chackl!

My next question regarding this would be how do I keep this information encrypted. . .

for instance: say I want my plugin to send its serial number to my php script (on my server) which checks against the set of serials to see if its valid. All good but anyone can access my "serialcheck.php" script on my website and find the set of serials. . . would it be preferable to have the set of serials in a database?

Im just wondering because a simple php script could save my woes. . .

Ok, so ive set up a SQL db on my webserver which holds entries of valid serial keys.

This is secure (for the most part) as the serial list to check against is in a SQL db.

So the plugin sends a POST request to my script (serial.php) which takes the plugins entered serial number and then connects to the serial SQL db to check it against valid serial contained in the SQL db.

If not valid, lock the plugin.



So this sounds good but I have a issue with this idea:

The php script file (located on my webserver) has to connect to the serial SQL db. So (as far as I know, and id like to admit that I dont know much on PHP yet) the code within the script file looks as follows:



You see. . . ? THE LOGIN DETAILS TO THE SQL DB IS UN-ENCRYPTED!!!!!

No, no we cant have that!

I think its a doable thing but I need more help on this. Chackl, youve been great & I know you have done something similar. Is it possible to have an encrypted login in PHP?

Basicaly:

Sending data from your pc to the webhost via http is everytime not protected. only https will provide this.

What you need is to checksum the password if you store it to db - if you login you also have to checksum it again. - if the checksum matches it is ok if not - guess

Getting data direkt from SQL is diabled on most hosts so only php scripts that are executet on the server can get data from it - for this you may google "MD5 Password'
If you want to be save - checksum the password then checksumm the checksumm of it
Getting md5 revers is nearly not possible - try it if you want and google a checksumm of a checksumm ^^

Regards

Its normal for the data sent over a network to be unencrypted, that`s how you carry repeat somebody.
But if php.ini and various permissions are set correctly you will be script kiddy proof.
Thus if you host from a secure socket your script outta be secure.

But if php.ini and various permissions are set correctly you will be script kiddy proof.

Thanks Magnum Opus, would you be able to elaborate on this?