-
Posts
483 -
Joined
-
Last visited
-
Days Won
1
Posts posted by sagnik
-
-
@wolstech Okay, I got your point. But I have a centralized login system for all the services/platforms which uses a database called "members" and the tables (specifically, "accounts") in it and a specific column of that table namely "uid" as a foreign key relation, i.e. if a row of that table is deleted this would delete all the information located throughout all other databases related to the "uid".
Please let me know if there are any other ways to achieve this.
-
Hi, is there any way to create a foreign key linked to another database? I can't see all the databases in PMA.
-
On 7/1/2024 at 6:48 PM, badrihippo said:
I didn't understand how exactly the $_SESSION variables are getting overwritten. I thought if a new user joins, they would have their own set of $_SESSION variables which doesn't interfere with the first user's $_SESSION?
Maybe you can try sharing the part of the code that updates the $_SESSION variables so I can see how it's working?
@badrihippo Here is the code of SSO SignOn.php:
<?php /* * Copyright (c) 2022-2023 SGNetworks. All rights reserved. * * The software is an exclusive copyright of "SGNetworks" and is provided as is exclusively with only "USAGE" access. "Modification", "Alteration", "Re-distribution" is completely prohibited. * VIOLATING THE ABOVE TERMS IS A PUNISHABLE OFFENSE WHICH MAY LEAD TO LEGAL CONSEQUENCES. */ session_start(); $SGNSSO = ['accounts.sgnetworks.net', 'accounts.sgnetworks.eu.org']; function is_base64(string $data): bool { $base64 = base64_encode(base64_decode($data, true)); return ($base64 === $data); } function is_base64URL(string $data): bool { $base64 = strtr($data, '-_', '+/'); $base64 = base64_encode(base64_decode($base64)); $base64 = strtr(rtrim($base64, '='), '+/', '-_'); return ($base64 === $data); } function Base64UrlEncode(string $data, bool $force = false): string { if($force) { return strtr(rtrim(base64_encode($data), '='), '+/', '-_'); } $base64 = (!is_base64($data)) ? base64_encode($data) : $data; return (!is_base64URL($base64)) ? strtr(rtrim($base64, '='), '+/', '-_') : $base64; } function Base64UrlDecode(string $base64, bool $strict = false): string|false { $data = (is_base64URL($base64)) ? strtr($base64, '-_', '+/') : $base64; return (is_base64($data)) ? base64_decode($data, $strict) : base64_decode($data); } function server(string $key, string|int|bool|array $default = null): array|bool|int|string|null { $server = $_SERVER; $null = ($default === null && !is_bool($default) && !is_array($default) && !is_integer($default) && !is_string($default)) ? null : $default; return (array_key_exists($key, $server)) ? $server[$key] : $null; } function session(string $key, string|int|bool|array $default = null): array|bool|int|string|null { $session = $_SESSION; $null = ($default === null && !is_bool($default) && !is_array($default) && !is_integer($default) && !is_string($default)) ? null : $default; return (array_key_exists($key, $session)) ? $session[$key] : $null; } function post(string $key, string|int|bool|array $default = null): array|bool|int|string|null { $post = $_POST; $null = ($default === null && !is_bool($default) && !is_array($default) && !is_integer($default) && !is_string($default)) ? null : $default; return ((array_key_exists($key, $post)) ? $post[$key] : $null); } function get(string $key, string|int|bool|array $default = null): array|bool|int|string|null { $get = $_GET; $null = ($default === null && !is_bool($default) && !is_array($default) && !is_integer($default) && !is_string($default)) ? null : $default; return (array_key_exists($key, $get)) ? $get[$key] : $null; } function buildURL(string $uri, ?string $params = null, ?string $args = null): string { $params = (!empty($params)) ? ltrim($params, '?' . '&') : ''; $args = (!empty($args)) ? ltrim($args, '?' . '&') : ''; if(!empty($params) && !empty($args)) { $url = (str_contains($uri, '?') || str_contains($params, '?') || str_contains($args, '?')) ? "$uri&$params&$args" : "$uri?$params&$args"; } elseif(!empty($params) && empty($args)) { $url = (str_contains($uri, '?') || str_contains($params, '?')) ? "$uri&$params" : "$uri?$params"; } elseif(empty($params) && !empty($args)) { $url = (str_contains($uri, '?') || str_contains($args, '?')) ? "$uri&$args" : "$uri?$args"; } else { $url = $uri; } $url_parts = parse_url($url); $qs = ''; if(array_key_exists('query', $url_parts)) { $qs = $url_parts['query']; parse_str($qs, $qo); $qs = (count($qo) > 0) ? http_build_query($qo) : ''; } $constructed_url = $url_parts['scheme'] . '://' . $url_parts['host'] . ($url_parts['path'] ?? ''); return (!empty($qs)) ? "$constructed_url?$qs" : $constructed_url; } function redirect(string $uri, string $vars = ''): void { $qm = (str_contains($uri, '?') || str_contains($vars, '?')) ? '&' : '?'; $url = buildURL($uri); if(!headers_sent()) { header("Location: $url"); exit(); } else { echo '<script>'; echo "window.location.href=('$url');"; echo '</script>'; echo "You will be redirected shortly. If you are not redirected automatically, please <a href='$url'>click here</a> to redirect"; } } function get_domain(string $url): string|false { $urlobj = parse_url($url); $domain = $urlobj['host']; if(preg_match('/(?P<domain>[a-z0-9][a-z0-9\-]{1,63}\.[a-z.]{2,6})$/i', $domain, $regs)) { return $regs['domain']; } return false; } if(server('REQUEST_METHOD') == 'POST') { $redirectTo = (!post('continue')) ? post('redirect') : post('continue'); $params = post('params', ''); $args = post('args', ''); $session = post('session'); $origin = post('origin'); } else { $redirectTo = (!get('continue')) ? get('redirect') : get('continue'); $params = get('params', ''); $args = get('args', ''); $session = get('session'); $origin = get('origin'); } $sc = explode('-', $session); $sessid = Base64UrlDecode($sc[0]); $uid = Base64UrlDecode($sc[1]); $uid_hashed = Base64UrlDecode($sc[2]); $ssoProcessed = false; $continueHost = $continue = ''; if(in_array($origin, $SGNSSO)) { $args = Base64UrlDecode($args); $redirectTo = Base64UrlDecode($redirectTo); $redirectTo = buildURL($redirectTo, $args); if(empty(session('sgn-login-sid'))) { if(empty($session)) { $continue = (!$redirectTo) ? $origin . server('REQUEST_URI') : $redirectTo; } else { $_SESSION['sgn-login-sid'] = $sessid; $_SESSION['sgn-login-uid'] = $uid; $_SESSION['sgn-login-uid_hashed'] = $uid_hashed; $_SESSION['sgn-login-expires'] = time() + 3600; $_SESSION['sgn-login-timestamp'] = time(); $_SESSION['sgn-login-ip'] = server('REMOTE_ADDR'); $ssoProcessed = true; $url = parse_url($redirectTo); $p = (array_key_exists('path', $url)) ? $url['path'] : ''; $q = (array_key_exists('query', $url)) ? '?' . $url['query'] : ''; $s = (!$q) ? "?sessid=$sessid" : "&sessid=$sessid"; unset($redirectTo); unset($_GET['session']); $continueUrl = $url['scheme'] . '://' . $url['host'] . $p . $q; $continue = "$continueUrl$s"; $continue = (!$continue) ? $_SERVER['HTTP_REFERER'] : $continue; $continueHost = $url['host']; $continueLocation = "{$url['scheme']}://$continueHost"; } } elseif(!empty($session)) { $_SESSION['sgn-login-sid'] = $sessid; $_SESSION['sgn-login-uid'] = $uid; $_SESSION['sgn-login-uid_hashed'] = $uid_hashed; $_SESSION['sgn-login-expires'] = time() + 3600; $_SESSION['sgn-login-timestamp'] = time(); $_SESSION['sgn-login-ip'] = server('REMOTE_ADDR'); $ssoProcessed = true; if(!empty($redirectTo)) { $url = parse_url($redirectTo); $p = (array_key_exists('path', $url)) ? $url['path'] : ''; $q = (array_key_exists('query', $url)) ? '?' . $url['query'] : ''; $s = (!$q) ? "?sessid=$sessid" : "&sessid=$sessid"; unset($redirectTo); unset($_GET['session']); $continueUrl = $url['scheme'] . '://' . $url['host'] . $p . $q; $continue = "$continueUrl$s"; $continue = (!$continue) ? $_SERVER['HTTP_REFERER'] : $continue; $continueHost = $url['host']; $continueLocation = "{$url['scheme']}://$continueHost"; } else { $continue = $_SERVER['HTTP_REFERER']; } } $params = (!empty($params)) ? Base64UrlDecode($params) : ''; $continue = buildURL($continue, $params); } else { echo 'The Origin Host is not allowed to make SSO Requests'; } if($_SERVER['REQUEST_METHOD'] == 'GET'): ?> <script> function crossDomainLogin() { const url = "<?=$continueLocation;?>/SGNSSO/SignOn"; const xhr = new XMLHttpRequest(); xhr.onerror = function() { if(xhr.status === 0) { console.log("Cross-Domain Request Failed"); } else { console.log("Cross-Domain Request Failed with the following Status: ", xhr.status); } }; xhr.onreadystatechange = function() { if(this.readyState === 4 && this.status === 200) { if(xhr.responseText === "done") { window.location.replace("<?=$continue;?>"); } else { console.log("SGNSSO is available only for SGNetworks and its Subsidiaries"); } } else { //console.log("Cross-Domain Request is not ready or the request has failed with status: ",this.status); } }; xhr.open("POST", url); xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); xhr.crossDomain = true; xhr.withCredentials = true; xhr.send("session=<?=$session;?>&origin=<?=$origin;?>&redirect=<?=Base64UrlEncode($continueUrl);?>"); } const sso = <?=($ssoProcessed) ? 'true' : 'false';?>; if(window.location.host !== '<?=$continueHost;?>') { crossDomainLogin(); } else { if(sso === true || sso === "true") { window.location.replace("<?=$continue;?>"); } } </script> <?php elseif($ssoProcessed): echo 'done'; else: echo 'failed'; endif;
-
13 hours ago, Haradion said:
Are those variables changed on every request, or do they only change when the user submits login credentials? If normal requests after login only read those fields, the WebSocket connection can do the same thing, as it should receive the PHPSESSID cookie just like normal requests do.
Those variables are changed when a user submits their login credentials and are validated. So, I need to pass the PHPSESSID cookie as well to the WS server, right?
-
I use some keys namely "sgn-login-uid", "sgn-login-sessid", "sgn-login-ip", "sgn-login-timestamp" & "sgn-login-expires" to authenticate a user by setting $_SESSION variables for the aforementioned keys. So every time a new user is authenticated those values have to be changed.
-
I want to replicate the exact UI that WhatsApp has for its status screen to show the count of statuses along with active and inactive contexts.
See the image for reference:
-
Yes, as I cannot start a session within WebSocket because it will replace the previous session whenever a new client is authenticated.
-
The platform doesn't use any third-party service. The SSO is also its own which I've developed.
-
Thanks for the advice, but the service has its login service, which uses SSO but the problem is handling the sessions within the WebSocket server for multiple clients.
-
Hi, I'm creating a social media with a real-time chat application using PHP WebSocket, the basic functionalities are working properly but I need to implement some other features as well. So I need help with the following related to the chat application:
- Login to the WebSocket using the credentials users use to log into the social media.
- Allow users to chat with their friends only.
- Identify users from the database using their ID and fetch data from the database.
- Show online/offline status based on the WebSocket.
- Show if a message is pending/sent/delivered/seen status.
- Show typing notification to the other user.
I'm attaching a screenshot of the chat screen:
-
On 3/26/2024 at 6:36 PM, wolstech said:
The server still has nginx running even if apache is turned off. Nginx can support PHP without Apache.
No, see, I'm currently trying to setup the WS server on my localhost using Apache & PHP on Windows
-
On 3/27/2024 at 2:17 AM, wolstech said:
I spoke with Krydos on this, he confirmed this issue does not look to be on our end, but rather an issue with DNS propagation of the name server settings from in.eu.org. He was able to show that some servers around the world are reporting cloudns as the DNS provider, which is obviously incorrect.
You'll need to contact the admins who handle in.eu.org for assistance with this issue (note that in.eu.org has a different admin from eu.org).
-
-
-
@Krydos If I disable apache then how can I connect to the Websocket as a client?
-
And also I need to fix the errors with the WS server. I can't retrieve the headers needed to upgrade the request.
Check the headers printed:
I've found some errors in the Apache log file:
[Thu Mar 21 15:58:36.854208 2024] [proxy:error] [pid 521884:tid 10728] (20014)Internal error (specific information not available): [client 192.168.0.10:51010] AH01084: pass request body failed to 192.168.0.10:9443 (netmate.com) [Thu Mar 21 15:58:36.854208 2024] [proxy:error] [pid 521884:tid 10728] [client 192.168.0.10:51010] AH00898: Error during SSL Handshake with remote server returned by /ws/ [Thu Mar 21 15:58:49.946711 2024] [proxy_wstunnel:trace1] [pid 521884:tid 10720] mod_proxy_wstunnel.c(51): [client 192.168.0.10:51169] canonicalising URL //netmate.com:9443 [Thu Mar 21 15:58:49.947709 2024] [proxy_http:debug] [pid 521884:tid 10720] mod_proxy_http.c(1967): [client 192.168.0.10:51169] AH01113: HTTP: declining URL wss://netmate.com:9443/ [Thu Mar 21 15:58:49.947709 2024] [proxy_wstunnel:debug] [pid 521884:tid 10720] mod_proxy_wstunnel.c(321): [client 192.168.0.10:51169] AH02451: serving URL wss://netmate.com:9443/ [Thu Mar 21 15:58:49.947709 2024] [proxy_wstunnel:trace2] [pid 521884:tid 10720] mod_proxy_wstunnel.c(126): [client 192.168.0.10:51169] sending request [Thu Mar 21 16:08:49.948173 2024] [proxy:error] [pid 521884:tid 10720] (20014)Internal error (specific information not available): [client 192.168.0.10:51169] AH01084: pass request body failed to 192.168.0.10:9443 (netmate.com) [Thu Mar 21 16:08:49.948173 2024] [proxy:error] [pid 521884:tid 10720] [client 192.168.0.10:51169] AH00898: Error during SSL Handshake with remote server returned by /ws/
-
Is there any way to set up WebSocket servers in PHP without using third-party WebSocket services (i.e. socket.io)?
-
-
@wolstech Sorry, I don't get time to manage all these things, that's the reason for getting my account suspended/archived frequently.
Anyway, can you restore the DNS records?
-
Hi, I've updated my DNS records for my domain to point to ns1.heliohost.org & ns2.heliohost.org but still I'm unable to access my domain.
You can check the DNS audit at https://www.dns.computer/dns/sgnetworks.in.eu.org/1vcxnd
Screenshot of EU.ORG NIC portal:
Screenshot of ClouDNS portal:
-
I don't know what happened. Maybe it was a glitch in the account renewal script. Now I can log in to my account without any issues.
Thanks for your help @Unknown025
-
Hi, I've not logged into my account for a very long time but now I'm unable to restore access to my account.
My username is: sgn
-
Okay, I understand. First of all, let me try them if any of the websites aren't working properly as they should be then I'll let you know about it, till then let them be as it is.
-
Okay, but, if I couldn't change the document root, I will have to rewrite all the scripts relying on it.
Issue with FTP
in Customer Service
Posted
Hi, I'm trying to log in to the FTP server of my account located at the Johnny server. But I'm getting an error saying "Unable to connect to the server". Can you provide the details of the FTP server?
Username: sgn