Search Results

Search found 1701 results on 69 pages for 'cookie'.

Page 38/69 | < Previous Page | 34 35 36 37 38 39 40 41 42 43 44 45  | Next Page >

  • Twitter-OAuth update_profile_*_image methods problem [EpiTwitter]

    - by KPL
    People, I have been struggling over the two methods - Update Profile Image and Update Background Image I am using EpiTwitter library. I am uploading GIFs, Twitter returns the expected result for update_profile_background_image but returns 401 for update_profile_image , but the image is not changed. Here are the headers catched from $apiObj-headers in my case while using the update_profile_background_image Array ( [Date] = Sat, 24 Apr 2010 17:51:36 GMT [Server] = hi [Status] = 200 OK [X-Transaction] = 1272131495-55190-23911 [ETag] = b6a421c01936f3547802ae6b59ee7ef3" [Last-Modified] = Sat, 24 Apr 2010 17:51:36 GMT [X-Runtime] = 0.13990 [Content-Type] = application/json; charset=utf-8 [Content-Length] = 1272 [Pragma] = no-cache [X-Revision] = DEV [Expires] = Tue, 31 Mar 1981 05:00:00 GMT [Cache-Control] = no-cache, no-store, must-revalidate, pre- check=0, post-check=0 [Set-Cookie] = *REMOVED* [Vary] = Accept-Encoding [Connection] = close ) and for update_profile_image - Array ( [Date] => Sat, 24 Apr 2010 17:57:58 GMT [Server] => hi [Status] => 401 Unauthorized [WWW-Authenticate] => Basic realm="Twitter API" [X-Runtime] => 0.02263 [Content-Type] => text/html; charset=utf-8 [Content-Length] => 152 [Cache-Control] => no-cache, max-age=300 [Set-Cookie] => *REMOVED* [Expires] => Sat, 24 Apr 2010 18:02:58 GMT [Vary] => Accept-Encoding [Connection] => close ) Can somebody help me out?

    Read the article

  • Uploadify and rails 3 authenticity tokens

    - by Ceilingfish
    Hi chaps, I'm trying to get a file upload progress bar working in a rails 3 app using uploadify (http://www.uploadify.com) and I'm stuck at authenticity tokens. My current uploadify config looks like <script type="text/javascript" charset="utf-8"> $(document).ready(function() { $("#zip_input").uploadify({ 'uploader': '/flash/uploadify.swf', 'script': $("#upload").attr('action'), 'scriptData': { 'format': 'json', 'authenticity_token': encodeURIComponent('<%= form_authenticity_token if protect_against_forgery? %>') }, 'fileDataName': "world[zip]", //'scriptAccess': 'always', // Incomment this, if for some reason it doesn't work 'auto': true, 'fileDesc': 'Zip files only', 'fileExt': '*.zip', 'width': 120, 'height': 24, 'cancelImg': '/images/cancel.png', 'onComplete': function(event, data) { $.getScript(location.href) }, // We assume that we can refresh the list by doing a js get on the current page 'displayData': 'speed' }); }); </script> But I am getting this response from rails: Started POST "/worlds" for 127.0.0.1 at 2010-04-22 12:39:44 ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken): Rendered /opt/local/lib/ruby/gems/1.8/gems/actionpack-3.0.0.beta3/lib/action_dispatch/middleware/templates/rescues/_trace.erb (1.0ms) Rendered /opt/local/lib/ruby/gems/1.8/gems/actionpack-3.0.0.beta3/lib/action_dispatch/middleware/templates/rescues/_request_and_response.erb (6.6ms) Rendered /opt/local/lib/ruby/gems/1.8/gems/actionpack-3.0.0.beta3/lib/action_dispatch/middleware/templates/rescues/diagnostics.erb within rescues/layout (12.2ms) This appears to be because I'm not sending the authentication cookie along with the request. Does anyone know how I can get the values I should be sending there, and how I can make rails read it from HTTP POST rather than trying to find it as a cookie?

    Read the article

  • Setting up a "cookieless domain" to improve site performance

    - by Django Reinhardt
    I was reading in Google's documentation about improving site speed. One of their recommendations is serving static content (images, css, js, etc.) from a "cookieless domain": Static content, such as images, JS and CSS files, don't need to be accompanied by cookies, as there is no user interaction with these resources. You can decrease request latency by serving static resources from a domain that doesn't serve cookies. Google then says that the best way to do this is to buy a new domain and set it to point to your current one: To reserve a cookieless domain for serving static content, register a new domain name and configure your DNS database with a CNAME record that points the new domain to your existing domain A record. Configure your web server to serve static resources from the new domain, and do not allow any cookies to be set anywhere on this domain. In your web pages, reference the domain name in the URLs for the static resources. This is pretty straight forward stuff, except for the bit where it says to "configure your web server to serve static resources from the new domain, and do not allow any cookies to be set anywhere on this domain". From what I've read, there's no setting in IIS that allows you to say "serve static resources", so how do I prevent ASP.NET from setting cookies on this new domain? At present, even if I'm just requesting a .jpg from the new domain, it sets a cookie on my browser, even though our application's cookies are set to our old domain. For example, ASP.NET sets an ".ASPXANONYMOUS" cookie that (as far as I'm aware) we're not telling it to do. Apologies if this is a real newb question, I'm new at this! Thanks.

    Read the article

  • Login to website using PHP and get text from page

    - by Anthony Garand
    I am trying to login to a website and grab content from a page you must be authenticated to see. I have done some research and have seen some examples using both cURL and stream_context_create but I cannot get either way to work. I have the url for the page to login to, and the page that contains the data I need to get. Your help is much appreciated! Here's what I'm working with: <?php $pages = array('home' => 'https://www.53.com/wps/portal/personal', 'login' => 'https://www.53.com/wps/portal/personal', 'data' => 'https://www.53.com/servlet/efsonline/index.html?Messages.SortedBy=DATE,REVERSE'); $ch = curl_init(); //Set options for curl session $options = array(CURLOPT_USERAGENT => 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)', CURLOPT_SSL_VERIFYPEER => FALSE, CURLOPT_SSL_VERIFYHOST => 2, CURLOPT_HEADER => TRUE, //CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_COOKIEFILE => 'cookie.txt', CURLOPT_COOKIEJAR => 'cookies.txt'); //Hit home page for session cookie $options[CURLOPT_URL] = $pages['home']; curl_setopt_array($ch, $options); curl_exec($ch); //Login $options[CURLOPT_URL] = $pages['login']; $options[CURLOPT_POST] = TRUE; $options[CURLOPT_POSTFIELDS] = 'uid-input=xxx&pw=xxx'; $options[CURLOPT_FOLLOWLOCATION] = FALSE; curl_setopt_array($ch, $options); curl_exec($ch); //Hit data page $options[CURLOPT_URL] = $pages['data']; curl_setopt_array($ch, $options); $data = curl_exec($ch); //Output data echo $data; //Close curl session curl_close($ch); ?> Cheers, Anthony

    Read the article

  • setcookie, Cannot modify header information - headers already sent

    - by Nano HE
    Hi,I am new to PHP, I practised PHP setcookie() just now and failed. http://localhost/test/index.php <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title></title> </head> <body> <?php $value = 'something from somewhere'; setcookie("TestCookie", $value); ?> </body> </html> http://localhost/test/view.php <?php // I plan to view the cookie value via view.php echo $_COOKIE["TestCookie"]; ?> But I failed to run index.php, IE warning like this. Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\test\index.php:9) in C:\xampp\htdocs\test\index.php on line 12 I enabled my IE 6 cookie no doubt. Is there anything wrong on my procedure above? Thank you. WinXP OS and XAMPP 1.7.3 used.

    Read the article

  • How to log in to a vbulletin forum with C#?

    - by Yustme
    Hi, I'm trying to log into a vbulletin forum. I got this far: private string login(string url, string username, string password) { string values = "vb_login_username={0}&vb_login_password={1}" values += "&securitytoken=guest&cookieuser=checked&do=login"; values = string.Format(values, username, password); HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url); CookieContainer a = new CookieContainer(); req.CookieContainer = a; System.Net.ServicePointManager.Expect100Continue = false; // prevents 417 error using (StreamWriter writer = new StreamWriter(req.GetRequestStream(), System.Text.Encoding.ASCII)) { writer.Write(values); } this.response = (HttpWebResponse)req.GetResponse(); StringBuilder output = new StringBuilder(); foreach (var cookie in response.Cookies) { output.Append(cookie.ToString()); output.Append(";"); } return output.ToString(); } It looks like i am getting logged in, but when i download the page, i can't find my username in it. Do you guys see anything that i might be doing wrong? Thanks in advance!

    Read the article

  • PHP, We have sessions, and cookies....I love cookies, but they are blowing my mind right now.

    - by Matt
    I am not sure how to go about accessing the variable I need to set on a cookie... I was thinking about using the $_POST global but I dont know how based on my design if it will work. I am using a master page type design seperating index.php from my function includes and database information and individual pages (that will be returned to an include in index.php based on a $_GET) Okay so back to my question. What is the most efficient way to set a cookie on a design that has a main page that everything will branch from. How would I pull the value. Is $_POST a good enough way to go about it? Also...by saying it must be the first thing sent...does that mean I cannot run any serverside scripts before that? I could definately utilize a login query I think but I dont want to write code just to be dissapointed based on my lack of time and knowledge. I did search for answers...I know this most likely feels like a generic question that could be answered in a difference place...but I know I will get an accurate and professional answer here...so I dont want to bet on the half answers I found otherwise. Of course I will sanitize everything and not store any sensitive information (passwords,address,phone,or anything really for that matter besides some kind of session ID and the username) If this is confusing I am sorry but I am on a gov computer...and they lock these tighter than ft knox...so getting my code on here will be a chore until I get back to my room. Thanks, Matt

    Read the article

  • Creating cookieless application on development machine with asp.net

    - by zaladane
    I tried posting this on ServerFault with no luck so i am trying here. I am thinking about setting up a new domain to host static content on my website and have it cookieless just like Stackoverflow with their static domain. So before going ahead and buying the domain and setting it up I wanted to test it on my developement machine first under localhost (I have to mention that i am planning on having IIS running on my new domain for the static files). I therefore created a new application under IIS and disabled session state and forms authentication. When my main application needs resources like css, images and js , I use the path to the "static" application where they are hosted. The problem is that when I look at the request and the response for the requested files, they still have the session_id cookie defined as well as the asp.net authentication cookie. Is it at all possible to accomplish what i am trying to do on a development machine or do i have to just go ahead and purchase the new domain which hopefully with make things right? I tried to read about cookieless domain but can't figure out what i might be missing.

    Read the article

  • IIS 6 forces AppRoot/Starting Point to upper case when Virtual Directory is imported from a file

    - by user276464
    I have searched the web for this and couldn't find anything (well one remotely relevant post), so here I am. We have multiple ASP.NET apps in IIS 6 using Forms Authentication with dedicated path for each app. Since path is case sensitive it must match URL's path section exactly. However, because of an incorrect casing in IIS 6 Metabase for AppRoot (or Starting Point in IIS UI) bowser doesn't send Form cookie to the server whenever URL is previously resolved on the server and sent to client in incorrect case. Example: App URL = "https://Test.net/Application1" Cookie path = /Application1 Metabase AppRoot = /LM/W3SVC/1393818691/ROOT/APPLICATIONPATH1 Resolved URL = "https://Test.net/APPLICATIONPATH1" Now to the root cause... We create virtual directories on test server manually in a specific case (matches Path for each application). We then export virtual directory using UI to an XML file, which is then imported to another server (let's say production), at which point IIS decides to uppercase AppRoot element of the metabase. Can anyone shed some light on this? Is there a setting on IIS I am not aware of? I am trying to avoid manual edit of metabase after the import. Is that a bug?

    Read the article

  • Codeigniter: Base_url doesn't seem to be working

    - by Dwayne
    I have developed a simple site that fetches tweets from the Twitter public timeline, caches them for 60 seconds and so on. I have recently moved hosts from Hostgator to Mediatemple and my site was previously working fine on Hostgator. My application doesn't use a database connection, nor does it use any form of flat-file database either. Tweets are cached in an XML file stored in the root directory, not that most of that is important. The url helper is being included as can be seen below (this is my helpers line from autoload.php): $autoload['helper'] = array('url'); I have also removed my index.php file from the URL using .htaccess directives and once again this was previously working on Hostgator (see my .htaccess code below): RewriteEngine On RewriteRule ^(application) - [F,L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule .* index.php/$0 [PT,L] In my home.php view file which is in the views folder inside of application, I am using the function base_url() which was previously working on Hostgator inside of my view files and appending it a base href value in my header: <base href="<?php echo base_url(); ?>" /> Here is what my base_url value looks like in the config.php file: $config['base_url'] = "http://threetune.com/"; Although what appears to be happening is that the base_url is not to be seen at all. It doesn't appear to be echoing out the value of base_url as it appears to be empty for some reason. What makes things weirder is that I have a link in another view file called 'fetch.php' and for some reason it appears to be stripping out the value (XSS filtering is off): <a href="threetune/show"><img src="assets/images/cookie.jpg" /></a> The threetune/show part is not to be seen and I only see an empty href value like this <a href=""><img src="assets/images/cookie.jpg" /></a> Can anyone possibly see anything wrong that I may have done, some kind of Mediatemple server limitation or PHP.ini flag that needs to be set? Thank you and I hope I was descriptive enough.

    Read the article

  • Making HTTP POST request

    - by infrared
    I'm trying to make a POST request to retrieve information about a book. Here is the code that returns HTTP code: 302, Moved import httplib, urllib params = urllib.urlencode({ 'isbn' : '9780131185838', 'catalogId' : '10001', 'schoolStoreId' : '15828', 'search' : 'Search' }) headers = {"Content-type": "application/x-www-form-urlencoded", "Accept": "text/plain"} conn = httplib.HTTPConnection("bkstr.com:80") conn.request("POST", "/webapp/wcs/stores/servlet/BuybackSearch", params, headers) response = conn.getresponse() print response.status, response.reason data = response.read() conn.close() When I try from a browser, from this page: http://www.bkstr.com/webapp/wcs/stores/servlet/BuybackMaterialsView?langId=-1&catalogId=10001&storeId=10051&schoolStoreId=15828 , it works. What am I missing in my code? Thanks EDIT: Here's what I get when I call print response.msg 302 Moved Date: Tue, 07 Sep 2010 16:54:29 GMT Vary: Host,Accept-Encoding,User-Agent Location: http://www.bkstr.com/webapp/wcs/stores/servlet/BuybackSearch X-UA-Compatible: IE=EmulateIE7 Content-Length: 0 Content-Type: text/plain; charset=utf-8 Seems that the location points to the same url I'm trying to access in the first place? EDIT2: I've tried using urllib2 as suggested here. Here is the code: import urllib, urllib2 url = 'http://www.bkstr.com/webapp/wcs/stores/servlet/BuybackSearch' values = {'isbn' : '9780131185838', 'catalogId' : '10001', 'schoolStoreId' : '15828', 'search' : 'Search' } data = urllib.urlencode(values) req = urllib2.Request(url, data) response = urllib2.urlopen(req) print response.geturl() print response.info() the_page = response.read() print the_page And here is the output: http://www.bkstr.com/webapp/wcs/stores/servlet/BuybackSearch Date: Tue, 07 Sep 2010 16:58:35 GMT Pragma: No-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: JSESSIONID=0001REjqgX2axkzlR6SvIJlgJkt:1311s25dm; Path=/ Vary: Accept-Encoding,User-Agent X-UA-Compatible: IE=EmulateIE7 Content-Length: 0 Connection: close Content-Type: text/html; charset=utf-8 Content-Language: en-US Set-Cookie: TSde3575=225ec58bcb0fdddfad7332c2816f1f152224db2f71e1b0474c866f3b; Path=/

    Read the article

  • Java HttpURLConnection bekommt keine cookies

    - by TeNNoX
    ich versuche über eine HttpURLConnection einen Login auf einer Webseite durchzuführen, und davon dann die cookies zu erhalten... Bei meinen Testseiten auf einem eigenen Server geht es problemlos, ich sende "a=3&b=5" und als cookie erhalte ich "8", also die Summe. Wenn ich dies allerdings auf der gewollten Seite anwende, kommt einfach nur die Seite, als ob ich gar nichts per POST gesendet hätte... :( Generelle Verbesserungsvorschläge sind auch erwünscht! :) Mein Code: HttpURLConnection conn = (HttpURLConnection) new URL(url).openConnection(); conn.setDoInput(true); conn.setDoOutput(true); conn.setRequestMethod("POST"); conn.setRequestProperty("useragent", "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0"); conn.setRequestProperty("Connection", "keep-alive"); DataOutputStream out = new DataOutputStream(conn.getOutputStream()); out.writeBytes("USER=tennox&PASS=*****"); out.close(); BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream())); String line; String response = new String(); while ((line = in.readLine()) != null) { response = response + line + "\n"; } in.close(); System.out.println("headers:"); int i = 0; String header; while ((header = conn.getHeaderField(i)) != null) { String key = conn.getHeaderFieldKey(i); System.out.println(((key == null) ? "" : key + ": ") + header); i++; } String cookies = conn.getHeaderField("Set-Cookie"); System.out.println("\nCookies: \"" + cookies + "\"");

    Read the article

  • My Website was hacked using Statcounter! Does Statcounter keep a record of cookies?

    - by Cyril Gupta
    I had a rather interesting case of hacking on my ASP.Net MVC website. For this website I had implemented a rather uncomplicated authentication system for my admin area -- an encrypted cookie which had an identifying signature for the member. Whenever the admin visits the website the cookie would be decrypted and signature verified. If matching he wouldn't have to sign in. Couple of days ago a visitor on my site told me that he was able to sign into my website simply by clicking no a referral link on his Statcounter console which pointed to my admin area (I had visited his site from a link inside my admin view). He just clicked on a link in statcounter and he was signed in as the admin! The only way this could have happened was if statcounter somehow recorded my cookies and used those when he clicked on the link pointing to my admin! Is that logical or fathomable? I don't understand what's going on. Do you have any suggestions as to how I can protect my website against things like this?

    Read the article

  • How to log in to craigslist using c#

    - by kosikiza
    i m using the following code to log in to craigslist, but haven't succeeded yet. string formParams = string.Format("inputEmailHandle={0}&inputPassword={1}", "[email protected]", "removed"); //string postData = "[email protected]&inputPassword=removed"; string uri = "https://accounts.craigslist.org/"; HttpWebRequest request = (HttpWebRequest)WebRequest.Create(uri); request.KeepAlive = true; request.ProtocolVersion = HttpVersion.Version10; request.Method = "POST"; byte[] postBytes = Encoding.ASCII.GetBytes(formParams); request.ContentType = "application/x-www-form-urlencoded"; request.ContentLength = postBytes.Length; Stream requestStream = request.GetRequestStream(); requestStream.Write(postBytes, 0, postBytes.Length); requestStream.Close(); HttpWebResponse response = (HttpWebResponse)request.GetResponse(); cookyHeader = response.Headers["Set-cookie"]; string pageSource; string getUrl = "https://post.craigslist.org/del"; WebRequest getRequest = WebRequest.Create(getUrl); getRequest.Headers.Add("Cookie", cookyHeader); WebResponse getResponse = getRequest.GetResponse(); using (StreamReader sr = new StreamReader(getResponse.GetResponseStream())) { pageSource = sr.ReadToEnd(); }

    Read the article

  • Understanding CSRF - Simple Question

    - by byronh
    I know this might make me seem like an idiot, I've read everything there is to read about CSRF and I still don't understand how using a 'challenge token' would add any sort of prevention. Please help me clarify the basic concept, none of the articles and posts here on SO I read seemed to really explicitly state what value you're comparing with what. From OWASP: In general, developers need only generate this token once for the current session. After initial generation of this token, the value is stored in the session and is utilized for each subsequent request until the session expires. If I understand the process correctly, this is what happens. I log in at http://example.com and a session/cookie is created containing this random token. Then, every form includes a hidden input also containing this random value from the session which is compared with the session/cookie upon form submission. But what does that accomplish? Aren't you just taking session data, putting it in the page, and then comparing it with the exact same session data? Seems like circular reasoning. These articles keep talking about following the "same-origin policy" but that makes no sense, because all CSRF attacks ARE of the same origin as the user, just tricking the user into doing actions he/she didn't intend. Is there any alternative other than appending the token to every single URL as a query string? Seems very ugly and impractical, and makes bookmarking harder for the user.

    Read the article

  • a facebook app question

    - by Robert
    I have written a small app and put it on facebook. I got an application ID and secret. Then I wrote the following script to access my app (just as told on the facebook page). <?php require './src/facebook.php'; $facebook = new Facebook(array( 'appId' => 'xxxx', 'secret' => 'xxxx', 'cookie' => true, // enable optional cookie support )); try { $me = $facebook->api('/me'); } catch (FacebookApiException $e) { error_log($e); } if ($facebook->getSession()) { echo '<a href="' . $facebook->getLogoutUrl() . '">Logout</a>'; } else { echo '<a href="' . $facebook->getLoginUrl() . '">Login</a>'; } ?> Then I started running this script. It prompted me with the login link, then took me to the facebook login page. However, after I enter my facebook login details, I get this error page: Error. API Error Code: 100 API Error Description: Invalid parameter Error Message: next is not owned by the application. Could anyone help me a little bit please, I am really confused here about what's going on.

    Read the article

  • Enable cross app redirects

    - by Gogster
    Hi all, We have load balancing set up on out two web server, however, a few users are being asked to login when they are being re-directed to a particular server to upload a document (we are trying to keep all uploaded documents on one server only), here is the code from web.config: <authentication mode="Forms"> <forms name="EAAAuthCookie" loginUrl="/login" defaultUrl="/members/home" protection="All" path="/" timeout="60000" slidingExpiration="true" enableCrossAppRedirects="true" /> </authentication> <machineKey decryption="AES" validation="SHA1" decryptionKey="7B4EC5B0C83631DF25D5B179EDDBF91B1C175B81C6F52102267D3D097FBF272A" validationKey="7D1F50788629CC342EE4985D85DE3D14F10654695912C0FFD439F54BED64F76A57A2D5E8180BC6FF052E0385C30558F5527D6C197C577A7F32DD8FF1CAC9F794" /> Here is the transfer code to the upload form: $('#addReport').click(function() { if ($.cookie('TransferURL') != '') { $("#iframeUploadReport").attr('src', $.cookie('TransferURL')); }; $('#overlay').fadeIn('slow'); }); <script type="text/C#" runat="server"> void Page_Load() { string cookieName = FormsAuthentication.FormsCookieName; string userName = Request.Cookies["HiddenUsername"].ToString(); string cookieValue = FormsAuthentication.GetAuthCookie(userName, false).Value; Response.Cookies["TransferURL"].Value = "http://eaa.cms.necinteractive.net/members/media-upload" + String.Format("?{0}={1}", cookieName, cookieValue); } </script> <iframe id="iframeUploadReport" src="http://eaa.cms.necinteractive.net/members/media-upload" width="500px" height="336px" frameborder="0" scrolling="no"></iframe> Can you see any obvious step we are missing? Thanks

    Read the article

  • What are the security implications of making a clientaccesspolicy proxy workaround?

    - by Edward Tanguay
    I wanted to use a published GoogleDocs document as the datasource of a Silverlight application but ran into clientaccesspolicy issues. I read many articles like this and this about how difficult it is to get around the clientaccesspolicy issue. So I wrote this 15-line CURL script and put it on my PHP site and now I can get the text of any GoogleDocs document and any text from any URL into my Silverlight application: <?php $url = filter_input(INPUT_GET, 'url',FILTER_SANITIZE_STRING); $user_agent = 'Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)'; $ch = curl_init(); curl_setopt($ch, CURLOPT_COOKIEJAR, "/tmp/cookie"); curl_setopt($ch, CURLOPT_COOKIEFILE, "/tmp/cookie"); curl_setopt($ch, CURLOPT_URL, $url ); // set url to post to curl_setopt($ch, CURLOPT_FAILONERROR, 1); // Fail on errors curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0); // allow redirects curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); // return into a variable curl_setopt($ch, CURLOPT_TIMEOUT, 15); curl_setopt($ch, CURLOPT_USERAGENT, $user_agent); curl_setopt($ch, CURLOPT_VERBOSE, 0); echo curl_exec($ch); ?> So it makes me wonder: Why is there so much discussion about whether or not URLs support clientaccesspolicy or not, since you just have to write a simple proxy script and get the information through it? Why aren't there services, e.g. like the URL shortening services, which supply this functionality? What are the security implications of having a script like this?

    Read the article

  • parameter error in my Facebook app

    - by Robert
    I have written a small app and put it on facebook. I got an application ID and secret. Then I wrote the following script to access my app (just as told on the facebook page). <?php require './src/facebook.php'; $facebook = new Facebook(array( 'appId' => 'xxxx', 'secret' => 'xxxx', 'cookie' => true, // enable optional cookie support )); try { $me = $facebook->api('/me'); } catch (FacebookApiException $e) { error_log($e); } if ($facebook->getSession()) { echo '<a href="' . $facebook->getLogoutUrl() . '">Logout</a>'; } else { echo '<a href="' . $facebook->getLoginUrl() . '">Login</a>'; } ?> Then I started running this script. It prompted me with the login link, then took me to the facebook login page. However, after I enter my facebook login details, I get this error page: Error. API Error Code: 100 API Error Description: Invalid parameter Error Message: next is not owned by the application. Could anyone help me a little bit please, I am really confused here about what's going on.

    Read the article

  • Facebook SDK Comment Deleting

    - by mwoodworth
    Working with the Facebook php SDK's, I am having a lot of trouble figuring out how to delete comments, given its id and xid. At first I was using the REST API, where you can call 'comments_remove($xid, $id);' to delete a comment. The problem with this method came when the xid parameter only accepts alphanumeric characters and underscores. Based on the documentation (http://developers.facebook.com/docs/reference/fbml/comments ) a valid XID can be the result of any url_encode. Now I am testing my luck with the new GRAPH api. Looking at http://developers.facebook.com/docs/api under 'Deleting Objects', It seems that comment deleting is definitely supported. However, I have tried sending a DELETE request, and I have also tried sending POST and GET to the object url with the argument 'method=delete'. No matter how I try it, I always get the same error: {"error":{"type":"GraphMethodException","message":"Unsupported delete request."}} I am sending the access token as a parameter as well. The access token that I am sending is the access token saved in the facebook cookie from the single sign on javascript cookie. These are all comments made on my application. Does this happen to anyone else, or am I simply not doing this right? Any help or guidance is GREATLY appreciated.

    Read the article

  • how to login to criaglist through c#

    - by kosikiza
    i m using the following code to login to criaglist, but hav't successsed yet. string formParams = string.Format("inputEmailHandle={0}&inputPassword={1}", "[email protected]", "pakistan01"); //string postData = "[email protected]&inputPassword=pakistan01"; string uri = "https://accounts.craigslist.org/"; HttpWebRequest request = (HttpWebRequest)WebRequest.Create(uri); request.KeepAlive = true; request.ProtocolVersion = HttpVersion.Version10; request.Method = "POST"; byte[] postBytes = Encoding.ASCII.GetBytes(formParams); request.ContentType = "application/x-www-form-urlencoded"; request.ContentLength = postBytes.Length; Stream requestStream = request.GetRequestStream(); requestStream.Write(postBytes, 0, postBytes.Length); requestStream.Close(); HttpWebResponse response = (HttpWebResponse)request.GetResponse(); cookyHeader = response.Headers["Set-cookie"]; string pageSource; string getUrl = "https://post.craigslist.org/del"; WebRequest getRequest = WebRequest.Create(getUrl); getRequest.Headers.Add("Cookie", cookyHeader); WebResponse getResponse = getRequest.GetResponse(); using (StreamReader sr = new StreamReader(getResponse.GetResponseStream())) { pageSource = sr.ReadToEnd(); }

    Read the article

  • Facebook Application with PHP running loosing session

    - by ArneRie
    Iam trying to build an Facebook Application based on PHP. The Application is running under php on my own Webhost inside an Canvas as iFrame. I have included the newest Client Library for PHP from Facebook: facebook-php-sdk-94fcb13 To Authorize the user inside my application iam trying to use Facebook Connect, like the example shipped with the Client. Everything works fine the 1st Login, but when i hit the F5 Key to reload the page, the session is lost and i have to login again. When i call my application outside of the Facebook Canvas everything is fine. Iam not sure, but i think my Browser (Chrome/FireFox - Ubuntu) is not allowing to store an cookie inside an iFrame. Does someone knows an solution for this Problem? Here are some Parts of the Sourcecode: $facebook = new Facebook(array( 'appId' => 'x', 'secret' => 'x', 'cookie' => 'true', )); $session = $facebook->getSession(); $facebook->setSession($session); $me = null; // Session based API call. if ($session) { try { $uid = $facebook->getUser(); $me = $facebook->api('/me'); } catch (FacebookApiException $e) { error_log($e); } } // login or logout url will be needed depending on current user state. if ($me) { $logoutUrl = $facebook->getLogoutUrl(); } else { $loginUrl = $facebook->getLoginUrl(); }

    Read the article

  • Unable to render php files in browser

    - by p1
    Hello, I am very new to php, and I am trying to develop a facebook application using php. I am using Joyent as my hosting platform. Currently, I am trying to do some simple scripts in php and then build on them. However I am unable to see any php files being rendered properly in my application. For eg: I have a simple script called phpinfo.php: If I execute this on terminal like php phpinfo.php , I can see all the configurations. However if I try to access the same file as http://xxxxxx.facebook.joyent.us/phpinfo.php, I get : Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Even if I rename this file to index.php its still the same. However I am able to access other html files [index.html] on the same location . These are some of my php settings: These are some of the settings: [fbkusoni:~/web/public] aafhe7vh$ php phpinfo.php | grep On allow_url_fopen = On = On auto_globals_jit = On = On enable_dl = On = On file_uploads = On = On ignore_repeated_errors = On = On ignore_repeated_source = On = On implicit_flush = On = On log_errors = On = On register_argc_argv = On = On report_memleaks = On = On y2k_compliance = On = On Multibyte regex (oniguruma) backtrack check = On mysql.allow_persistent = On = On session.bug_compat_warn = On = On session.use_cookies = On = On suhosin.cookie.cryptdocroot = On = On suhosin.cookie.cryptua = On = On suhosin.mt_srand.ignore = On = On suhosin.protectkey = On = On suhosin.server.encode = On = On suhosin.server.strip = On = On suhosin.session.cryptdocroot = On = On suhosin.session.cryptua = On = On suhosin.session.encrypt = On = On suhosin.srand.ignore = On = On suhosin.stealth = On = On The answer might be very naive, but I am just trying to get started and looking for any suggestions regarding this and also using Joyent and cakephp to develop facebook applications. Thanks.

    Read the article

  • Looping login with Facebook JS SDK and Rails

    - by nafe
    I'm using the Facebook JS SDK for single-sign with my rails app. I translated the php code from the Facebook example (at the bottom of the page under "Single Sign-on with the JavaScript SDK") into ruby. This appeared to be working great but I've noticed one user that gets continual redirects when trying to login. The logs look like: Processing UsersController#login (for X.X.X.X at 2010-05-22 17:25:55) [GET] Redirected to http://myapp.com/ Completed in 0ms (DB: 0) | 302 Found [http://myapp.com/login] (times as many entries as my unfortunate user leaves the browser redirecting in a loop). My client side code includes a callback with the "auth.sessionChange": FB.Event.subscribe('auth.sessionChange', function(response) { if (response.session) { // A user has logged in, and a new cookie has been saved window.location = "/login"; } else { // The user has logged out, and the cookie has been cleared window.location = "/logout"; } }); So it seems to me like this event is continually firing. Although, I can't test this theory because I can't recreate this scenario locally. I don't think it's the rails controller. The code here is just: def login # if first time user create db entry # now redirect back to where the user came from begin redirect_to :back rescue ActionController::RedirectBackError redirect_to root_url end end Does anyone have any idea on what's going on?

    Read the article

  • How to store multiple cookies through PHP Curl

    - by Ahmad
    'SOUP.IO' is not providing any api. So Iam trying to use 'PHP Curl' to login and submit data through PHP. Iam able to login the website successfully(through cUrl), but when I try to submit data through cUrl, it gives me error of 'invalid user'. When I tried to analysed the code and website, I came to know that cUrl is getting values of only 1-2 cookies. Where as when I open the same page in FireFox, it shows me 6-7 cookies related to 'SOUP.IO'. Can some one guide me how to get all these 7 cookies values. Following cookies are getable by cUrl: soup_session_id Following cookies are shown in Firefox (not through cUrl): __qca, __utma, __utmb, __utmc, __utmz Following is my cUrl code: $cookie_file_path = getcwd()."/cookie/cookie.txt"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'http://www.soup.io'); curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($ch, CURLOPT_HEADER, TRUE); curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate'); curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path); curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path); curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 (.NET CLR 3.5.30729) FirePHP/0.4'); curl_setopt($ch, CURLOPT_MAXREDIRS, 10); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); $result = curl_exec($ch); curl_close($ch); print_r($result); ? Can some one guide me in this regards Thanks in advance

    Read the article

< Previous Page | 34 35 36 37 38 39 40 41 42 43 44 45  | Next Page >