Hi, I'm maintaining a script, and want to add a CallBack home function, to know which domains are using the script!
Can someone help me on this one!
All i need is the script to show me the domain where the call is comming from!
Thanks in Advance!
smartness
-3
Junior Poster
Recommended Answers
Jump to PostDo you mean
$_SERVER['HTTP_REFERER']? you could get the domain which the user came to this page from from this variable, however this is not perfect, it can be spoofed and hidden quite easily.
Jump to Postunless the files are first encoded, then anyone with an understanding of the language would be able to audit the code and remove the function if they didn't want it occurring, or in some case were using your code without paying for it etc.
All 5 Replies
Will Gresham
81
Master Poster
Do you mean $_SERVER['HTTP_REFERER'] ? you could get the domain which the user came to this page from from this variable, however this is not perfect, it can be spoofed and hidden quite easily.
smartness
-3
Junior Poster
I think i was not clear enough!
The Call Back function will be in the Script (Users Website) and when someone visits it, the script "calls" my server, and then a script in my server logs down the domain from which it was called!
mschroeder
251
Bestower of Knowledge
Team Colleague
unless the files are first encoded, then anyone with an understanding of the language would be able to audit the code and remove the function if they didn't want it occurring, or in some case were using your code without paying for it etc.
smartness
-3
Junior Poster
Don't worry, I know it has to be coded... i just need the function, then i BASE64 it...
Can someone find me that function or not?
mschroeder
251
Bestower of Knowledge
Team Colleague
I wasn't referencing base64 encoding as that can be quickly decoded by anyone familiar enough to pick out what base64 looks like and I don't believe you can base64 encode a chunk of the source code inside a php file without doing something obscure to it like passing it through an eval statement or such.
I was referencing something like Zend Guard or ionCube PHP encoder.
As far as your function:
<?php
function call()
{
if( ini_get( 'allow_url_fopen' ) == '1' )
{
$response = file_get_contents( 'http://yourdomain.com/answer.php' );
if( $response != 'TRUE' )
{
//Cause some catastrophic death?
exit();
}
}
else
{
//Maybe implement a curl fail over if the curl extension is installed.
//But allow_url_fopen *SHOULD* be enabled by default;
}
}answer.php
<?php
//Something to log $_SERVER variables as necessary.
//maybe referrer or maybe we are validating a key passed as a GET variable?
//if we're happy return true
echo 'TRUE';Now if you were to use curl, you could actually have curl post an almost infinite amount of information to your server and then verify or log it etc.
This is very basic and untested but you should be able to grasp the general concept. If you wanted to get more advanced you could post xml and return xml or JSON etc.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.