Hi!
I'm currently developing a script for a community for WoW-fans.
The problem is that they only want people who currently have an active account OR an account at all.
So I have to make a script that runs a check from the real wow-site and tries to login with the values provided by the user that is trying to register on the community.
However, this script is not supposed to store any values, since that is very illegal(phishing), and it's only supposed to run in the background when the user register.
So, what's the problem?
Well, I get this error:
This is the code:
php Code:
/**
||||||||||||||||||||||||||||||||||||||||||
|||| @author Tanax
|||| @copyright 2008
||||||||||||||||||||||||||||||||||||||||||
**/ /** --------------------------------------->
** Configuration
**/ // Names of the fields on the remote website. $field1_name_remote =
'username';
$field2_name_remote =
'password';
$submit_remote =
'Login';
// Names of the fields on the local website. $field1_name_local =
'acc';
$field2_name_local =
'pass';
// String to search for on the logged remote page. $find =
'Account Type:';
// The url to the account login-page on the remote website. $url =
'https://www.wow-europe.com/login/login?service=https%3A%2F%2Fwww.wow-europe.com%2Faccount%2F';
/** --------------------------------------->
** Don't touch!
**/ // Get the values from the input on local website. $field1_value_local =
$_POST[
$field1_name_local];
$field2_value_local =
$_POST[
$field2_name_local];
// Set up the data. $data =
array( $field1_name_remote =>
$field1_value_local,
$field2_name_remote =>
$field2_value_local,
'submit' =>
$submit_remote );
// Take away htmlspecialchars and build a query from the data. $query = htmlspecialchars_decode
(http_build_query
($data));
// Create the stream and try to login with the query. $stream =
stream_context_create(array( 'http' =>
array( 'method' =>
'POST',
'header'=>
"Content-type: application/x-www-form-urlencoded\r\n" .
"Content-Length: " .
strlen($query) .
"\r\n",
'content' =>
$query ) ));
// Get the content from the page. $content =
file_get_contents($url,
false,
$stream);
// Search for the string. $search =
strpos($content,
$find);
if($search ===
false){ echo 'Invalid Account';
} else { echo 'Valid Account';
}
I'm only using the echo there to try the script, this will most likely to be converted to a function and then instead of echo 'valid account' it will return true, and return false on invalid account.
Also, if it's to any help, this is the form:
html Code:
<form action="script.php" method="POST">
Account name:<br />
<input type="text" name="acc" /><br /><br />
Password:<br />
<input type="text" name="pass" /><br /><br />
<input type="submit" name="submit" value="Login">
</form>
Join the friendly bunch on IRC...
Stream problem
Threaded Mode
