Os authentication in php

Hi,
I am trying to connect to Oracle 11g database via php. The code that I got from wiki.oracle.com is not working:
$conn = oci_connect("/", "", $db, null, OCI_CRED_EXT);
I did not get any error but it did not connect to the database either. Any help is appreciated!
Mark

Mark, the connection credentials used will only work then that php process is executed as the same owner of the existing local Oracle database instance.
It may also work if the Oracle schema has been configured to use o/s authentication (schema created with appropriate o/s prefix string and specified as being identified externally).
In both cases, a quick and easy test would be to see if you can use sqlplus to get a valid connection (using the same credentials) - this will tell you whether the problem is a php one (should sqlplus connection work), or the Oracle instance refusing the credentials offered by the client.

Similar Messages

SMTP Authentication for PHP Mail

Can anyone help me in figuring out the correct way to incorporate the SMTP authentication into a form? I am having a lot of trouble in getting my forms to send with this format. My code for my php action page is below. I have my correct information where i included *******. Please let me know what i have wrong.
CODE STARTS HERE
<?php
//new function
$to = "*******";
$nameto = "LTL Freight Shop";
$from = "*******";
$namefrom = "LTL Freight Shop";
$subject = "Account Request";
authSendEmail($from, $namefrom, $to, $nameto, $subject, $message);
?>
<?php
$recipient = "*******";
//$subject = "Account Request";
$companyname = check_input($_POST['CompanyName'], "Enter your company name");
$firstname = check_input($_POST['FirstName'], "Enter your first name");
$lastname = check_input($_POST['LastName'], "Enter your last name");
$phone = check_input($_POST['PhoneNumber'], "Enter your phone number");
$fax = check_input($_POST['FaxNumber']);
$email = check_input($_POST['Email'], "Enter your email");
$address = check_input($_POST['StreetAddress'], "Enter your address");
$city = check_input($_POST['City'], "Enter your city");
$state = check_input($_POST['State'], "Enter your state");
$zipcode = check_input($_POST['ZipCode'], "Enter your zip code");
$country = check_input($_POST['Country'], "Enter your country");
$yearsinbusiness = check_input($_POST['YearsinBusiness'], "Enter your years in business");
$typeofindustry = check_input($_POST['TypeofIndustry'], "Enter your type of industry");
$multiplelocations    = check_input($_POST['MultipleLocations']);
$numberoflocations = check_input($_POST['LocationsCount']);
$ltl = check_input($_POST['ServicesLTL']);
$ftl = check_input($_POST['ServicesFTL']);
$domesticparcel = check_input($_POST['ServicesDomesticParcel']);
$intlparcel = check_input($_POST['ServicesInternationalParcel']);
$airfreight = check_input($_POST['ServicesAirFreight']);
$oceanfreight = check_input($_POST['ServicesOceanFreight']);
$other = check_input($_POST['ServicesOther']);
$none = check_input($_POST['ServicesNone']);
$volume = check_input($_POST['TypicalVolume'], "Enter your typical volume");
$carrier = check_input($_POST['CurrentCarrier'], "Enter your current carrier");
$class = check_input($_POST['AverageClass'], "Enter your average class");
$weight = check_input($_POST['AverageWeight'], "Enter your average weight");
$process   = check_input($_POST['Process']);
$hearabout = check_input($_POST['HearAbout']);
$comments = check_input($_POST['Comments']);
if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/", $email))
    show_error("E-mail address not valid");
$message = "You have received an account request from:
Company Name: $companyname
First Name: $firstname
Last Name: $lastname
Phone Number: $phone
Fax Number: $fax
E-mail: $email
Street Address: $address
City: $city
State: $state
Zip Code: $zipcode
Country: $country
Years in Business: $yearsinbusiness
Type of Industry: $typeofindustry
Multiple Locations: $multiplelocations
Number of Locations: $numberoflocations
Services they use: $ltl, $ftl, $domesticparcel, $intlparcel, $airfreight, $oceanfreight, $other, $none
Typical Volume: $volume
Current Carrier: $carrier
Average Class: $class
Average Weight: $weight
How they currently process: $process
How they heard about us: $hearabout
Comments: $comments
End of message
//ini_set("SMTP","smtp.emailsrvr.com");
//ini_set("SMTP_PORT", 25);
//ini_set("sendmail_from","*******");
//mail($recipient, $subject, $message);
function check_input($data, $problem='')
    $data = trim($data);
    $data = stripslashes($data);
    $data = htmlspecialchars($data);
    if ($problem && strlen($data) == 0)
        show_error($problem);
    return $data;
function authSendEmail($from, $namefrom, $to, $nameto, $subject, $message)
$smtpServer = "smtp.emailsrvr.com";
$port = "25";
$timeout = "30";
$username = "********";
$password = "********";
$localhost = "smtp.emailsrvr.com";
$newLine = "\r\n";
$smtpConnect = fsockopen($smtpServer, $port, $errno, $errstr, $timeout);
$smtpResponse = fgets($smtpConnect, 515);
if(empty($smtpConnect))
$output = "Failed to connect: $smtpResponse";
return $output;
else
$logArray['connection'] = "Connected: $smtpResponse";
fputs($smtpConnect,"AUTH LOGIN" . $newLine);
$smtpResponse = fgets($smtpConnect, 515);
$logArray['authrequest'] = "$smtpResponse";
fputs($smtpConnect, base64_encode($username) . $newLine);
$smtpResponse = fgets($smtpConnect, 515);
$logArray['authusername'] = "$smtpResponse";
fputs($smtpConnect, base64_encode($password) . $newLine);
$smtpResponse = fgets($smtpConnect, 515);
$logArray['authpassword'] = "$smtpResponse";
fputs($smtpConnect, "HELO $localhost" . $newLine);
$smtpResponse = fgets($smtpConnect, 515);
$logArray['heloresponse'] = "$smtpResponse";
fputs($smtpConnect, "MAIL FROM: $from" . $newLine);
$smtpResponse = fgets($smtpConnect, 515);
$logArray['mailfromresponse'] = "$smtpResponse";
fputs($smtpConnect, "RCPT TO: $to" . $newLine);
$smtpResponse = fgets($smtpConnect, 515);
$logArray['mailtoresponse'] = "$smtpResponse";
fputs($smtpConnect, "DATA" . $newLine);
$smtpResponse = fgets($smtpConnect, 515);
$logArray['data1response'] = "$smtpResponse";
$headers = "MIME-Version: 1.0" . $newLine;
$headers .= "Content-type: text/html; charset=iso-8859-1" . $newLine;
$headers .= "To: $nameto <$to>" . $newLine;
$headers .= "From: $namefrom <$from>" . $newLine;
fputs($smtpConnect, "To: $to\nFrom: $from\nSubject: $subject\n$headers\n\n$message\n.\n");
$smtpResponse = fgets($smtpConnect, 515);
$logArray['data2response'] = "$smtpResponse";
fputs($smtpConnect,"QUIT" . $newLine);
$smtpResponse = fgets($smtpConnect, 515);
$logArray['quitresponse'] = "$smtpResponse";
function show_error($myError)
?>
    <html>
    <body>
    <b>Please correct the following error:</b><br />
    <?php echo $myError; ?>
    </body>
    </html>
<?php
exit();
?>

I have the same problem - user has Outlook 2010 on Exchange 2007. Mail goes directly into the deleted items folder. After browsing around the net I found 2 different site with the same potential fix. It seems that when migrating a user from Exch 2003 to
2007 (which we did) some of the configs get set incorrectly. The weird thing is we migrated over 2 years ago, and some others are experiencing the same after a long period after the migration. The fix that was suggested is:
Go to your Exch server, open up Exchange Management Shell and type the following:
get-mailboxcalendarsettings "domain/ou/user" | fl
set-mailboxcalendarsettings "doman/ou/user" -automateprocessing: Autoupdate
My user already had Autoupdate set, but this seems to have fixed it for me...

Performing User authentication with php server

How to perform user authentication and keep track of logged
in users ? I have the login form saved in one AIR page. I could do
an ajax request to authenticate the user. However, how to keep
track of the user after being logged in, so that when moving to
other pages, he doesn't need to login again ?

Hi,
Cookies work in an Adobe AIR HTML application. You can use
cookies to track your session.

PHP external authentication issue

Trying to login to AFCS connection using external authentication.
PHP file generates a key correctly and everything seems to fine up until i get to using the key inside flex.
at the login stage i get the following error in the console trace from the library login call
As far as i can tell everything is right... how can i tell what is wrong with the authentication key?
AFCS Beta Build # : 1.1
requestInfo https://connectnow.acrobat.com/{roomname}?exx=eDp7dXRmOF9lbmNvZGUoZGFyaXVzKX06OmRtOmFnZW50ZG06aHR0cHM6Ly9jb25uZWN0bm93LmF jcm9iYXQuY29tL2hpaW50ZXJmYWNlL2RtOjEwMDo4N2NmNWUwMjIzZTVhMmFkYzI2MmY4MDVlNWJmMWVlM2Y4OTJlY 2Qx&mode=xml&x=0.2519759591668844
#THROWING ERROR# bad authentication key

There are a few mistakes in the key. There is some PHP 'code' in it (wrong string expansion ?) and you are using a full URL instead of the room name.
If you want more details send me a private message, but you should check the way you call the get authentication token method.

External Authentication Half Working

I'm having a strange issue with external authentication and PHP. I've got the PHP code set up correctly (I believe) and I pass the authentication token to the Flex application via flashvars and when the application loads the roster pod shows everyone logged into the room including the user just added. But I can't interact with any other components like the whiteboard and the simplechat.
Has anyone ever seen that? Any idea what might be going on? The AuthenticationSuccess event seems to fire correctly but I still can't interact with anything.
=Ryan
[email protected]

I am having a very similar problem, although I am not authenticating externally first. I am able to authenticate inside a flex 4 b2 app and get a list of people in the chat room, but whenever I post anything, I get null exceptions all over the place in the AFCS rtc package.
On another note, does anyone know if there is an open repo I can pull recent updates from for AFCS?

Trouble With External Authentication!

Hello all!
I have been trying to experiment with external authentication with PHP using the samples provided with the LCCS SDK Navigator.
I have changed the "index.php" page to include all my account info. and have double checked it! However, when I upload it to my server, I keep getting the following error(s) whenever I click the submit button on the form:
Warning: fopen() [function.fopen]: URL file-access is disabled in the server configuration in /home/tueslcom/public_html/LoginTest2/lccs.php on line 690
Warning: fopen(https://collaboration.adobelivecycle.com/myusername?mode=xml&accountonly=true&) [function.fopen]: failed to open stream: no suitable wrapper could be found in/home/tueslcom/public_html/LoginTest2/lccs.php on line 690
Fatal error: Uncaught exception 'RTCError' with message 'connection-failed' in /home/tueslcom/public_html/LoginTest2/lccs.php:695 Stack trace: #0 /home/tueslcom/public_html/LoginTest2/lccs.php(587): RTC::http_get('https://collabo...', Array) #1 /home/tueslcom/public_html/LoginTest2/lccs.php(254): RTCAccount->do_initialize() #2 /home/tueslcom/public_html/LoginTest2/index.php(33): RTCAccount->__construct('https://collabo...') #3 {main} thrown in /home/tueslcom/public_html/LoginTest2/lccs.php on line 695
I have a bit of experience with PHP, however, going through lccs.php and trying to reverse engineer everything to find out what`s going on is a little beyond my skill level! Any idea what might be happening/missing here? This seems like it should be a no-brainer!
Thanks in advance for any help anyone can give.
Matt

Raff,
Thanks for your quick reply!
I called phpinfo() and it appears that OpenSSL is working:
OpenSSL Support - enabled
OpenSSL Support - OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
Is SSL needed for encrypted communications between the browser and the LCCS server? When it comes to ports, security, and all the headaches that go with it, I am pretty much a NOOB (by choice)!
Also, the forum search doesn`t seem to be working (at least it`s not returning anything for me). Any hints as to what other modules are needed?
btw - Is it "http://connectnow.acrobat.com" or "https://collaboration.adobelivecycle.com"?
And it seems that "lccs.php" had been renamed from "afcs.php" along with "RTCAccount", which used to be "AFCSAccount". The code examples have not been updated to reflect this, and although I fixed this in some of the code, could there still be problems inside "lccs.php"?
Thanks again,
Matt

Flash builder and php session management/login

I've secured pages with cflogin using coldfusion but is there a comparible function in PHP? I'm able to connect to a php/mysql DB but how do I lock those functions down with a login/password style security?
Thanks

Hi,
I think this article contains what you are looking for.
http://sudhirmanjunath.blogspot.com/2009/10/how-to-set-basic-authentication-for-php.html
Please write back if you need any further clarifications.
Thanks,
Sudhir

Help with SMTP class function with authentication

My server is no longer supporting the php mail() functionality. I need to use SMTP class function with authentication in my php code and they suggested this to replace it: http://www.yrhostsupport.com/index.php?/Knowledgebase/Article/View/101/2/smtp-class-functi on-with-authentication-in-php-code
So I tried it, but can't get it to work. This is my test form:
<form method="post" action="forms/sendmail-test2.php" onsubmit="return checkEmail(this);">
<script type="text/javascript" language="JavaScript">
</script>
<fieldset><legend>Info</legend>
<label> Name </label>
<input type="text"
name="name" size="30" maxlength="40"/><br />
<label> <span class="redText">*</span> Email </label>
    <input name="email" type="text" size="30" maxlength="40"/>
    <br />
<label><span class="redText">*</span> Message </label>
<textarea cols="40" rows="5" name="message" type="text" /></textarea><br />
    </fieldset>
<input type="reset" value="Reset" />
<input type=submit value="Submit Form" />
</fieldset>
</form>
This is sendmail-test2.php where the form goes. It won't send unless I comment out the first 10 lines.
<?php
include('Mail.php');
//$to = "[email protected]";
//$name = $_REQUEST['name'] ;
//$email = $_REQUEST['email'] ;
//$message = $_REQUEST['name'] ;
//$headers = "From: $email";
//$subject = " price quote";
//$fields = array();
//$fields{"name"} = "Name";
//$fields{"email"} = "Email";
//$fields{"message"} = "Message";
$recipients = '[email protected]'; //CHANGE
$headers['From']    = '[email protected]'; //CHANGE
$headers['To']      = '[email protected]'; //CHANGE
$headers['Subject'] = 'Test message';
$body = 'Test message';
// Define SMTP Parameters
$params['host'] = 'levy.dnsbox25.com';
$params['port'] = '25';
$params['auth'] = 'PLAIN';
$params['username'] = '[email protected]'; //CHANGE
$params['password'] = 'xxxxxx'; //CHANGE
/* The following option enables SMTP debugging and will print the SMTP
conversation to the page, it will only help with authentication issues. */
$params['debug'] = 'true';
// Create the mail object using the Mail::factory method
$mail_object =& Mail::factory('smtp', $params);
// Print the parameters you are using to the page
foreach ($params as $p){
      echo "$p<br />";
// Send the message
$mail_object->send($recipients, $headers, $body);
?>
It used to work fine when I used
$send = mail($to, $subject, $body, $headers);
$send2 = mail($from, $subject2, $autoreply, $headers2);
But they said I can't use it any more. I'm good with HTML and CSS but I don't know much about php. Thanks for any help integrating a from into this new code!

Thanks, bregent. I changed it to this and it sends, but nothing shows up in the body except "Test message". How would I "insert the form fields' 'email' and 'name' and 'message' in the body"?
<?php
include('Mail.php');
$to = "[email protected]";
$name = $_REQUEST['name'] ;
$email = $_REQUEST['email'] ;
$message = $_REQUEST['name'] ;
//$headers = "From: $email";
$subject = " price quote";
$fields = array();
$fields{"name"} = "Name";
$fields{"email"} = "Email";
$fields{"message"} = "Message";
$recipients = '[email protected]'; //CHANGE
$headers['From']    = '[email protected]'; //CHANGE
$headers['To']      = '[email protected]'; //CHANGE
$headers['Subject'] = 'Test message';
$body = 'Test message';
$fields = array();
$fields{"name"} = "Name";
$fields{"email"} = "Email";
$fields{"message"} = "Message";
// Define SMTP Parameters
$params['host'] = 'levy.dnsbox25.com';
$params['port'] = '25';
$params['auth'] = 'PLAIN';
$params['username'] = '[email protected]'; //CHANGE
$params['password'] = xxx'; //CHANGE
/* The following option enables SMTP debugging and will print the SMTP
conversation to the page, it will only help with authentication issues. */
$params['debug'] = 'true';
// Create the mail object using the Mail::factory method
$mail_object =& Mail::factory('smtp', $params);
// Print the parameters you are using to the page
foreach ($params as $p){
      echo "$p<br />";
// Send the message
$mail_object->send($recipients, $headers, $body);
?>

Userid prefix when connected to LCCS via PHP

I'm using the PHP service class packaged in the SDK and each user connects to the LCCS with the getAuthenticationToken function.
But when I get updates within a running flash app from the UserManager, the userid got a prefix of "EXT-{lccs account name}-{userid}" where
I expect it only to be "{userid}".
How can I fix that? Or is it just the way LCCS handles authentications through PHP?
Thanks in advance,
Florus

this is how external user ids are generated on our server. In order to have globally unique identifier the format is :
EXT-<youraccountname>-<youruserid>
With the latest SDK I have added a Session.getUserID method that given your id returns the service id, so that you don't have to know the magic.

MySQL can't connect through socket error

I have been mucking around with MySQL and have broken something.
Running 10.4.3 server, I get a "Can't connect to local MySQL server through socket '/var/mysql/mysql.sock' (2)" error
Was working fine before I decided to mess with things - I think I altered the hostname from localhost to 192.168.x.x etc.
Now I cannot connect, and MySQL manager won't start it. I would like to make it work again rather than have to install a different version.
When MySQL manager installs the requisite files for the first time, where does it store these, and how can I do this again?
Thanks
Hamish

There's an issue with authentication between PHP 5 and MySQL 4.1
This thread should contain a resolution for you.
http://discussions.apple.com/thread.jspa?messageID=665175&#665175
FYI- A search here for "MySQL PHP socket" reveals the above thread and other threads with the same issue.
Jeff

OT: Login Form Advice

I found a really cool registration form plugin @ http://jqueryvalidation.org/files/demo/milk/ and figured out how to connect it to a database. Then I started searching for a login form tutorial. It was kind of tricky because most tutorials are pre-PDO; in other words, they only work with MySQL queries that have been upgraded to PDO.
But I finally found a good example at Basic Login Authentication with PHP and MySQL
I got it up and running, but there's a catch - it won't work with my registration form. If I type in my_username, my_password in my registration form, those two values are published to the database. But the login form apparently works only with values that have been added via an attached add_user page. If you type in those same values, my_username is published to the database table, but my_password is replaced by some insanely long code, like this: 5c4ed510fef54a63a2211ca47d5c82736de69418
You can then login by typing in my_username and my_password, even though my_password isn't stored in the database table. I think this code at the head of one of my files explains it all:
session_start();
/*** set a form token ***/
$form_token = md5( uniqid('auth', true) );
/*** set the session form token ***/
$_SESSION['form_token'] = $form_token;
So here's my question: Should I try to figure out how to delete all this $form_token/md5 stuff so it will work with my jQuery registration form, or should I try to modify my cool registration form so it replaces passwords with form_token's? To put it another way, is this a standard security feature I should hang on to?
One problem is that, if a user loses their username, I won't be able to send them a reminder if no usernames are stored in the database table. All I do is send them some insanely long code and tell them to figure it out.
Thanks.

I haven't gone through the whole article, but enough to know that a human readable password gets coded using md5 coding as in
$form_token = md5( uniqid('auth', true) );
This provides extra security in case someone manages to get into the database to retrieve the usernames and related passwords.
The idea is that a user enters his/her credentials and the coded version of the password is compared to the database entry. If they match, then bingo! There is no way of deciphering the code to extract the human version; if the coded version is entered, it will not match the database entry.
It is up to you if you want to delete the md5 coding.

SMTP EMAIL_FAILED

Hi all,
I have a new contact form setup which attaches a file. The
form seems to be working okay, but the server refuses to send the
message saying:
Error:
Error sending e-mail.
Developer Details:
E-mail couldn't be sent. Error returned: Failed to connect to
auth.smtp.myserver.co.uk:25 [SMTP: Failed to connect socket:
Connection refused (code: -1, response: )]. (EMAIL_FAILED)
tNG Execution Trace - VIEW
* tNG_update.executeTransaction
o STARTER.Trigger_Default_Starter
o tNG_update.doTransaction
+ BEFORE.Trigger_Default_saveData
# tNG_update.saveData
+ BEFORE.Trigger_Default_FormValidation
+ tNG_update.prepareSQL
+ tNG_update.executeTransaction - execute sql
+ AFTER.Trigger_FileUpload
# tNG_update.afterUpdateField - attachment, vacancies_2.txt
+ AFTER.Trigger_SendEmail*
* tNG_update.getRecordset
* tNG_update.getFakeRsArr
* tNG_update.getLocalRecordset
* tNG_update.getFakeRecordset
I've done a spot of reading and it seems that a lot of ISP's
block port 25, could this be the case? If so, how do I push the
emails through another port?
I'm lost :)
Thank you
N

NJFuller wrote:
> E-mail couldn't be sent. Error returned: Failed to
connect to
> auth.smtp.myserver.co.uk:25 [SMTP: Failed to connect
socket: Connection refused
> (code: -1, response: )]. (EMAIL_FAILED)
Judging from the code, you're using ADDT. There's a dedicated
forum for
ADDT, where you might be able to get better help, but here's
the
situation regarding SMTP and PHP.
The PHP mail() function is designed to hand email directly to
the mail
transport agent (MTA) on the local web server. Because the
mail is
coming from a local trusted source, there is no need for
authentication.
However, if you don't have a local MTA, it becomes necessary
to send the
mail through the Simple Mail Transfer Protocol (SMTP), which
normally
requires authentication. Unfortunately, mail() doesn't
support SMTP
authentication. That's why your mail is rejected.
I'm pretty sure that the ADDT email routine relies on mail(),
so it
won't work in any situation that requires SMTP
authentication. This is
normally not a problem, because when you upload the page to
your remote
server, mail() will simply hand the message to the local MTA.
The
problem arises only when you attempt to send email from your
local computer.
There are lots of resources for SMTP authentication in PHP
(just do a
Google search), but they won't work in conjunction with your
ADDT script.
David Powers
Adobe Community Expert, Dreamweaver
http://foundationphp.com

PHP iTunes U authentication issue

I’ve been working with integrating iTunes U with Moodle. On the Moodle site there is an iTunes U block available for integrating the 2 systems. I’ve been trying to use this and I am able to get to the iTunes U site from Moodle, but I am not being signed into the site as an authenticated user. I can’t seem to figure out why. I was however able to authenticate with a Perl script.
The Moodle block has a Setting section where I fill in all my site specific information such as the Shared Secret. This is definitely working fine as I am able to get to my site without issue. But, the passing of the credentials and identity do not seem to be working because I am not being signed in as an authenticated user.
Right now my Credentials are very basic – formatted just like the sample ones – such as:
Adminstrator@urn:mace:itunesu.com:sites:example.edu (where example.edu is my school’s name).
Can anyone review the files below and shed some light on why I am not getting authenticated?
Thanks.
Itunes_redirect.php
<?php // $Id: itunesu_redirect.php,v 1.1 2008/06/06 19:08:49 mchurch Exp $
require_once('../../config.php');
global $USER, $CFG;
require_once($CFG->dirroot.'/lib/weblib.php');
require_once($CFG->dirroot.'/lib/moodlelib.php');
require_once($CFG->dirroot.'/blocks/itunesu/itunes.php');
if (!isloggedin()) {
print_error('sessionerroruser', '' , $CFG->wwwroot);
$destination = required_param('destination', SITEID, PARAM_INT); // iTunes U destination
$name = fullname($USER);
/* Create instance of the itunes class and initalized instance variables */
$itunes = new itunes();
$itunes->setUser($name, $USER->email, $USER->username, $USER->id);
/* more work needs to be done with determining credentials */
$itunes->setAdminCredential($CFG->blockitunesuadmincred);
$itunes->setInstructorCredential($CFG->blockitunesuinsturctcred);
$itunes->addAdminCredentials();
$itunes->setSiteURL($CFG->blockitunesuurl);
$itunes->setSharedSecret($CFG->blockitunesusharedsecret);
$itunes->setDestination($destination);
$itunes->invokeAction();
?>
Itunes.php file:
<?php
# iTunes Authentication Class
# Written by Aaron Axelsen - [email protected]
# University of Wisconsin - Whitewater
# Edited by Ryan Pharis, [email protected] - Texas Tech University
# Class based on the Apple provided ITunesU.pl
# example script.
# REQUIREMENTS:
# PHP:
# - tested with PHP 5.2
# - make sure hash_hmac() works - <a class="jive-link-external-small" href="http://us2.php.net/manual/en/function.hash-hmac.php">http://us2.php.net/m anual/en/function.hash-hmac.php</a>
# - php curl support
#Example Usage:
<?php
include('itunes.php');
$itunes = new itunes();
// show loading screen while processing request
//include(ROOTURL.'/includes/pages/itunesload.php');
// Set User
$itunes->setUser("Jane Doe", "[email protected]", "jdoe", "42");
// Set Admin Permissions
$itunes->addAdminCredentials();
// Set Instructor Permission
//$itunes->addInstructorCredential('uniquename_fromitunes');
// Set Student Credential
//$itunes->addStudentCredential('uniquename_fromitunes');
// Set Handle
// This will direct login to the specific page
#$itunes->setHandle('');
// iTunes U Auth Debugging
$itunes->setDebug(true);
$itunes->invokeAction();
?>
class itunes {
// Oktech - add
var $authtoken;
var $siteURL;
var $debugSuffix;
var $sharedSecret;
var $administratorCredential;
var $instructorCredential;
var $studentCredential;
var $urlonly;
var $urlcredentials;
var $destination;
// Oktech
* Create iTunes Object
public function __construct() {
$this->setDebug(false);
$this->siteURL = 'https://deimos.apple.com/WebObjects/Core.woa/Browse/example.edu';
$this->directSiteURL = 'https://www.example.edu/cgi-bin/itunesu';
$this->debugSuffix = '/abc1234';
$this->sharedSecret = 'STRINGOFTHIRTYTWOLETTERSORDIGITS';
$this->administratorCredential = 'Administrator@urn:mace:itunesu.com:sites:example.edu';
$this->studentCredential = 'Student@urn:mace:itunesu.com:sites:example.edu';
$this->instructorCredential = 'Instructor@urn:mace:itunesu.com:sites:example.edu';
$this->credentials = array();
// Set domain
$this->setDomain();
// Oktech add
public function getInstructorCredential() {
return $this->instructorCredential;
public function setInstructorCredential($credential) {
$this->instructorCredential = $credential;
public function getStudentCredential() {
return $this->studentCredential;
public function setStudentCredential($credential) {
$this->studentCredential = $credential;
public function getAdminCredential() {
return $this->administratorCredential;
public function setAdminCredential($credential) {
$this->administratorCredential = $credential;
public function getSharedSecret() {
return $this->sharedSecret;
public function setSharedSecret($sharedsecret) {
$this->sharedSecret = $sharedsecret;
public function getAuthToken() {
return $this->authtoken;
public function setAuthToken($authtoken) {
$this->authtoken = $authtoken;
public function getDebugSuffix() {
return $this->directSiteURL;
public function setDebugSuffix($debugsuffix) {
$this->directSiteURL = $debugsuffix;
public function getSiteURL() {
return $this->siteURL;
public function setSiteURL($siteurl) {
$this->siteURL = $siteurl;
* Extract the URL from the return html
* block from the iTunes U server. Replace
* Apple's itmss tag with https
private function extractURL($htmlblock) {
$remainder = '';
$pos = 0;
$result = '';
$remainder = strstr($htmlblock, "_open('i");
$remainder = substr_replace($remainder, '', 0, 7);
$remainder = substr_replace($remainder, 'https', 0, 5);
$pos = strpos($remainder, "');");
$result = substr_replace($remainder, '', $pos);
$this->urlonly = $result;
public function getExtractedURL() {
return $this->urlonly;
* Extract the credentials part from the returned URL from
* the iTunes U server
public function extractURLCredentials($url) {
$result = '';
$pos = 0;
$remainder = strstr($url, "gtcc.edu?");
$remainder = substr_replace($remainder, '', 0, 9);
$this->urlcredentials = $remainder;
public function getExtractedURLCredentials() {
return $this->urlcredentials;
public function setDestination($destination) {
$this->destination = $destination;
public function getDestination() {
return $this->destination;
// Oktech add
* Add's admin credentials for a given user
public function addAdminCredentials() {
$this->addCredentials($this->administratorCredential);
* Add Student Credential for a given course
public function addStudentCredential($unique) {
$this->addCredentials($this->studentCredential.":$unique");
* Add Instructor Credential for a given course
public function addInstructorCredential($unique) {
$this->addCredentials($this->instructorCredential.":$unique");
* Set User Information
public function setUser($name, $email, $netid, $userid) {
$this->name = $name;
$this->email = $email;
$this->netid = $netid;
$this->userid = $userid;
return true;
* Set the Domain
* Takes the siteURL and splits off the destination, hostname and action path.
private function setDomain() {
$tmpArray = split("/",$this->siteURL);
$this->siteDomain = $tmpArray[sizeof($tmpArray)-1];
$this->actionPath = preg_replace("/https:\/\/(.+?)\/.*/",'$1',$this->siteURL);
$pattern = "/https:\/\/".$this->actionPath."(.*)/";
$this->hostName = preg_replace($pattern,'$1',$this->siteURL);
$this->destination = $this->siteDomain;
return true;
* Set the Handle
* Takes the handle as input and forms the get upload url string
* This is needed for using the API to upload files directly to iTunes U
public function setHandle($handleIn) {
$this->handle = $handleIn;
$this->getUploadUrl = "http://deimos.apple.com/WebObjects/Core.woa/API/GetUploadURL/".$this->siteDoma in.'.'.$this->handle;
return true;
* Get Identity String
* Combine user identity information into an appropriately formatted string.
* take the arguments passed into the function copy them to variables
private function getIdentityString() {
# wrap the elements into the required delimiters.
return sprintf('"%s" <%s> (%s) [%s]', $this->name, $this->email, $this->netid, $this->userid);
* Add Credentials to Array
* Allows to push multiple credientials for a user onto the array
public function addCredentials($credentials) {
array_push($this->credentials,$credentials);
return true;
* Get Credentials String
* this is equivalent to join(';', @_); this function is present
* for consistency with the Java example.
* concatenates all the passed in credentials into a string
* with a semicolon delimiting the credentials in the string.
private function getCredentialsString() {
#make sure that at least one credential is passed in
if (sizeof($this->credentials) < 1)
return false;
return implode(";",$this->credentials);
private function getAuthorizationToken() {
# Create a buffer with which to generate the authorization token.
$buffer = "";
# create the POST Content and sign it
$buffer .= "credentials=" . urlencode($this->getCredentialsString());
$buffer .= "&identity=" . urlencode($this->identity);
$buffer .= "&time=" . urlencode(mktime());
# returns a signed message that is sent to the server
$signature = hash_hmac('SHA256', $buffer, $this->sharedSecret);
# append the signature to the POST content
return sprintf("%s&signature=%s", $buffer, $signature);
* Invoke Action
* Send a request to iTunes U and record the response.
* Net:HTTPS is used to get better control of the encoding of the POST data
* as HTTP::Request::Common does not encode parentheses and Java's URLEncoder
* does.
public function invokeAction() {
$this->identity = $this->getIdentityString();
$this->token = $this->getAuthorizationToken();
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this->generateURL() . '?' . $this->token);
//curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
// Oktech - change
$this->authtoken = curl_exec($ch);
curl_close($ch);
/* Start a new sesstion and send a request for specific content with the appropriate credentials */
$ch = curl_init();
$this->extractURL($this->authtoken);
$this->extractURLCredentials($this->urlonly);
curl_setopt($ch, CURLOPT_URL, $this->siteURL . '.' . $this->destination . '?' . $this->urlcredentials);
//curl_setopt($ch, CURLOPT_POST, 1);
curl_exec($ch);
curl_close($ch);
// Oktech
* Auth and Upload File to iTunes U
* This method is said to not be as heavily tested by apple, so you may have
* unexpected results.
* $fileIn - full system path to the file you desire to upload
public function uploadFile($fileIn) {
$this->identity = $this->getIdentityString();
$this->token = $this->getAuthorizationToken();
// Escape the filename
$f = escapeshellcmd($fileIn);
// Contact Apple and Get the Upload URL
$upUrl = curl_init($this->getUploadUrl.'?'.$this->token);
curl_setopt($upUrl, CURLOPT_RETURNTRANSFER, true);
$uploadURL = curl_exec($upUrl);
$error = curl_error($upUrl);
$http_code = curl_getinfo($upUrl ,CURLINFOHTTPCODE);
curl_close($upUrl);
print $http_code;
print "
$uploadURL";
if ($error) {
print "
$error";
# Currently not working using php/curl functions. For now, we are just going to echo a system command .. see below
#// Push out the designated file to iTunes U
#// Build Post Fields
#$postfields = array("file" => "@$fileIn");
#$pushUrl = curl_init($uploadURL);
#curl_setopt($pushUrl, CURLOPT_FAILONERROR, 1);
#curl_setopt($pushUrl, CURLOPT_FOLLOWLOCATION, 1);// allow redirects
#curl_setopt($pushUrl, CURLOPT_VERBOSE, 1);
#curl_setopt($pushUrl, CURLOPT_RETURNTRANSFER, true);
#curl_setopt($pushUrl, CURLOPT_POST, true);
#curl_setopt($pushUrl, CURLOPT_POSTFILEDS, $postfields);
#$output = curl_exec($pushUrl);
#$error = curl_error($pushUrl);
#$http_code = curl_getinfo($pushUrl, CURLINFOHTTPCODE);
#curl_close($pushUrl);
#print "
#print $http_code;
#print "
$output";
#if ($error) {
# print "
$error";
// Set the php time limit higher so it doesnt time out.
settimelimit(1200);
// System command to initiate curl and upload the file. (Temp until I figure out the php curl commands to do it)
$command = "curl -S -F file=@$f $uploadURL";
echo "
echo $command;
exec($command, $result, $error);
if ($error) {
echo "I'm busted";
} else {
print_r($result);
echo $command;
* Set Debugging
* Enable/Disable debugging of iTunes U Authentication
public function setDebug($bool) {
if ($bool) {
$this->debug = true;
} else {
$this->debug = false;
return true;
* Generate Site URL
* Append debug suffix to end of url if debugging is enabled
private function generateURL() {
if ($this->debug) {
return $this->siteURL.$this->debugSuffix;
} elseif ($this->isHandleSet()) {
return $this->directSiteURL.'.'.$this->handle;
} else {
return $this->siteURL;
* Check to see if the handle is set
private function isHandleSet() {
if (isset($this->handle))
return true;
else
return false;
?>

Janet ... hmmm ... I suppose it could also be "Jane T. Smith" ... ah well, anywho,
One thing to understand when it comes to credentialling is that, even if your transfer CGI (Moodle block) doesn't work ... if you redirect someone to your iTunes U site, that person will -always- carry two credentials ... "Unauthenticated" and "All". You do not have to assign the credentials ... they are automatic.
Put it this way, if I direct you to my site:
https://deimos.apple.com/WebObjects/Core.woa/Browse/uic.edu
if you click on that link, authentication or no, Apple will give you the "Unauthenticated" and "All" credentials. Anywhere on my site where those creds are good, you'll have access.
Hmmm ... maybe I can rephrase it this way ... there are four credentials that are a part of every site ...
All ... everyone who accesses your site gets this cred ... everyone.
Authenticated ... if you pass a valid iTunes U URL request for a user, he/she will get this cred.
Unauthenticated ... this cred is given whenever someone gets to your site -without- a tokenized (credentials, identity, time, signature) URL request. For example, if someone uses your site base URL without any modification.
Administrator ... this cred has total access to a site.
So if you access your site using your admin cred, you'll actually carry three creds ... "Administrator" (of course), but also "All" and "Authenticated".
So why this long discussion of creds? Well, if you're getting in with the "Unauthenticated" credential, it's a sure sign your transfer CGI (Moodle thingy) isn't working ... at all. It's not that you can't pass the admin cred ... or identity info ... you're not passing any info. And because you're not passing any info, iTunes U does the default thing ... give you "All" and "Unauthenticated" access.

PHP Authentication & Internet Explorer

I am using DW8.02 and PHP 5.0 to develop my website. My
service provider is using a Linux box and Apache. My PHP login
webpages work fine using Firefox, Opera, and Netscape but I get my
'access not allowed' webpage when using Internet Explorer 6.0 and
7.0. I am using Dreamweaver 8.02's built-in 'Authentication Server
Behavior' to create the log in page and to add a 'Restrict Access
to Page' PHP script to the restricted webpages. Here is my code:
Log in User:
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType,
$theDefinedValue = "", $theNotDefinedValue = "")
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue)
: $theValue;
$theValue = function_exists("mysql_real_escape_string") ?
mysql_real_escape_string($theValue) :
mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" :
"NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) .
"'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" :
"NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue :
$theNotDefinedValue;
break;
return $theValue;
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
if (isset($_POST['Username'])) {
$loginUsername=$_POST['Username'];
$password=$_POST['Password'];
$MM_fldUserAuthorization = "Status";
$MM_redirectLoginSuccess = "comm_t4tadmin_edit.php";
$MM_redirectLoginFailed = "access_error.html";
$MM_redirecttoReferrer = false;
mysql_select_db($database_leathernecks, $leathernecks);
$LoginRS__query=sprintf("SELECT Username, Password, Status
FROM tblaccess WHERE Username=%s AND Password=%s",
GetSQLValueString($loginUsername, "text"),
GetSQLValueString($password, "text"));
$LoginRS = mysql_query($LoginRS__query, $leathernecks) or
die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = mysql_result($LoginRS,0,'Status');
//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
header("Location: " . $MM_redirectLoginSuccess );
else {
header("Location: ". $MM_redirectLoginFailed );
?>
Restrict Access:
<?php
if (!isset($_SESSION)) {
session_start();
$MM_authorizedUsers = "edit";
$MM_donotCheckaccess = "false";
// *** Restrict Access To Page: Grant or deny access to this
page
function isAuthorized($strUsers, $strGroups, $UserName,
$UserGroup) {
// For security, start by assuming the visitor is NOT
authorized.
$isValid = False;
// When a visitor has logged into this site, the Session
variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that
Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only
certain users based on an ID established when they
login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
// Or, you may restrict access to only certain users based
on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
if (($strUsers == "") && false) {
$isValid = true;
return $isValid;
?>
Does anyone have any ideas why this is not working in only
Internet Explorer? Any suggestions or help to resolve this is
greatly appreciated.

holymackeral wrote:
> Another curious note... whether or not "Allow Cookies"
is tuned on in IE 7.0,
> localhost (running WindowsXP/IIS5.1) correctly processes
the logons and
> displays the restricted webpages locally. However with
"Allow Cookies" turned
> on, IE 7.0 still will not open restricted webpages on
the remote host site
> (running Linux/Apache).
>
> Does this narrow or broaden the issue? Help??
No idea, sorry. :(
David Powers
Adobe Community Expert
Author, "Foundation PHP for Dreamweaver 8" (friends of ED)
http://foundationphp.com/

External Authentication failed via PHP script

I'm not a PHP wiz - in fact I am not a backend coder so I am
somewhat struggeling with the sample scripts - I still hope for a
CF sample...
I'm trying to run and log in to AFCS via the commandline
(Terminal). I'm not sure what I'm doing wrong - here what I am
passing:
php -f /Applications/MAMP/htdocs/afcs.php args --debug
--host=http://connectnow.acrobat.com,fcguru,my_login,my_pass
The username and password I pass are correct. However I get
this response:
Error: exception 'AFCSError' with message '<response
status="error">
<error code="AUTH_FAILED">
<msg>Authorization Failed</msg>
</error>
</response>
' in /Applications/MAMP/htdocs/afcs.php:86
Really struggeling with this. Even once I get this working
from the commandline I do not know how to call this from a script
instead. I use CF on the backend, not PHP.
Regards,
Stefan

I would say that your command is syntactically correct, but
semantically incorrect :)
Two problems:
- there is no "args" parameter in afcs.php
- when you use php -f file.php you have to append a -- after
the php file to tell the interpreter to stop parsing parameters
because they belong to the script
So, try this:
php -f /Applications/MAMP/htdocs/afcs.php -- --debug
--host=http://connectnow.acrobat.com fcguru my_login my_pass
or this:
php /Applications/MAMP/htdocs/afcs.php --debug
--host=http://connectnow.acrobat.com fcguru my_login my_pass
Also, there is an example of a php web application that uses
external authentication in the examples folder
(ExternalAuthentication/php). Just drop the php folder somewhere in
your webserver and try it out.

Os authentication in php

Similar Messages

Maybe you are looking for