| Pages: [1] :: one page |
| Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Lem2J
Black Sea Industries
Cult of War
   |
Posted - 2007.10.21 21:35:00 -
[1]
Hey guys, im having some problems with IGB trust... For some reason, a popup does not appear asking for trust. When users enter it for themselves, it doesnt allow access still..
ok so.. php first..
 Quote:
if ($_SERVER['HTTP_EVE_TRUSTED'] == 'no'
{
header("eve.trustme:http://www.eve-bsi.co.uk/::Im nice let me in");
print '<h1>Trust Required</h1>';
print 'I need to be trusted to work properly';
}
No headers are output, before this.. Also im sure this used to work, until i recently added a vhost setup.. e.g. it matches on url, and forwards to the correct dir on the server.. Could it be replated?...
Thanks Lem2j
|
Redjohn
Gallente
The UK Family
|
Posted - 2007.10.21 22:29:00 -
[2]
Edited by: Redjohn on 21/10/2007 22:33:24
heres how I got our corps to work, although it does ask to be trusted, but wont allow for a permanent trust. (if anyone can let me know how to do that, I would appreciate it)
if ($_SERVER['HTTP_EVE_TRUSTED']=='no')
{
header('eve.trustMe:http://' . $_SERVER['HTTP_HOST'] . '::Please trust me, I\'m nice');
print '<html><body>';
print '<h1>Trust Required</h1>';
print 'I need to be trusted to work properly';
}
Also, Im unsure as to whether it does ask you to trust, I think I may have missed that part out when I last updated (I know, I should have backed up the original file before modifying it... /me hits self with a bat).
It does work now with trust enabled, or without it asks you to manually had the trust:
EDIT: above code is actually spliced together from the devs page, and the mcdee.net help page.
I used these pages to help create them:
Mcdee Header Help
Mcdee Trust Source
The Dev Help
The UK Family |
Lem2J
Black Sea Industries
Cult of War
|
Posted - 2007.10.21 23:14:00 -
[3]
well... i used a stand alone page, with the following:
<?php
if ($_SERVER['HTTP_EVE_TRUSTED'] == 'no' )
{
header("eve.trustme:". $_SERVER['HTTP_HOST'] ."::please allow me to access your pilot information.");
print '<h1>Trust Required</h1>';
print 'I need to be trusted to work properly';
}
?>
no change :(
|
Redjohn
Gallente
The UK Family
|
Posted - 2007.10.22 15:53:00 -
[4]
Edited by: Redjohn on 22/10/2007 15:54:20
Originally by: Lem2J
well... i used a stand alone page, with the following:
<?php
if ($_SERVER['HTTP_EVE_TRUSTED'] == 'no' )
{
header("eve.trustme:". $_SERVER['HTTP_HOST'] ."::please allow me to access your pilot information.");
print '<h1>Trust Required</h1>';
print 'I need to be trusted to work properly';
}
?>
no change :(
change the "
in
Quote:
header("eve.trustme:". $_SERVER['HTTP_HOST'] ."::please allow me to access your pilot information.");
to my experience, php uses '
try
Quote:
header('eve.trustme:http://' . $_SERVER['HTTP_HOST'] . '::please allow me to access your pilot information.');
note also the spaces inbetween:
' and .
. and $
] and .
. and '
these tell the html coding to return to php coding temporarily.
EDIT:
I also noticed u missed out the http:// this is also nessacary at the start of the url.
The UK Family |
Lem2J
Black Sea Industries
Cult of War
|
Posted - 2007.10.22 16:33:00 -
[5]
I tried it, no luck.. Do you think it uses reverse DNS?
|
Lostshadow
|
Posted - 2007.10.22 16:57:00 -
[6]
Edited by: Lostshadow on 22/10/2007 17:00:11
Edited by: Lostshadow on 22/10/2007 16:58:23
Right, welcome to the world of the buggy IGB. You're all very close to the solution, but not quite there.
1) The OP has the correct formatting for the header, the other posters do not. Why? Because the IGB is fussy about trailing slashes. If you don't have a trailing slash then the IGB can easily suddenly lose trust for a page on your site. When requesting trust, make sure you put in your url as http://example.com/ rather than http://example.com The HTTP_HOST server var will return the host without the trailing slash so you need to add it manually.
2) When browsing to the page in the IGB make sure you add that trailing slash to the address. This is tied to number 1, it's a little awkward I know but it works so just do it and smile :)
3) Not going to help massively but I have to say it. Using either single or double quotes to surround strings in PHP makes no difference. Neither does spacing between quotes and full stops, brackets and full stops or anything else. Sorry, I code in PHP for a living and that just wound me up a little.
4) There is another bug with the popup requesting trust. If you tick the box saying dont ask me again then it doesn't matter whether you chose to trust the site or not. The IGB will add it to it's never trust this site list. The way to permanently trust a site is to go to options, trusted sites in the IGB. If you clicked the do not ask me again button you will see the site listed there and flagged as not trusted. You can then right click it to set it to always trusted. If it's not in the list, you can manually add it, but remember to add the trailing slash!
I think that's everything covered, have fun finding way's around the many many other IGB bugs :)
Edit: I forgot one. The reason you wont be seeing a popup is because you got the popup once and then told it to trust and never ask you again. The IGB thinks that you dont wanna trust and so will never ask again, but you're code is actually correct.
|
Tonto Auri
|
Posted - 2007.10.22 18:03:00 -
[7]
Adding slash to the end of bomain have simple reason.
If You trust something like "http://here.com" attacker can use host "http://here.comein.cn/" to spoof You and steal Your data.
Speaking about quotes in PHP... They're handled differently, short example is:
echo "I'm {$_SERVER['HTTP_HOST']}";
echo 'I\'m {$_SERVER[\'HTTP_HOST\']}';
4) is a sad old bug about a year old. :(
--
Thanks CCP for cu<end of sig> |
Redjohn
Gallente
The UK Family
|
Posted - 2007.10.22 23:04:00 -
[8]
wow sorry for the upset there Lostshadow, I am only an amatuer when it comes to PhP, and the sorts, its more of a hobby for me. Im still trying to learn many aspects of php too..
I tried originally using the double quotes, but couldnt get them to work, hence I changed to single quote and got it to work. Like you said, the popup is buggy too, which is probably why I didnt get it to work. The code I posted does work at least when you have manually set the site to trust.
I am open to constructive criticism, I welcome it :)
The UK Family |
DeTox MinRohim
Madhatters Inc.
M. PIRE
|
Posted - 2007.10.22 23:43:00 -
[9]
Edited by: DeTox MinRohim on 22/10/2007 23:46:17
Originally by: Lostshadow
2) When browsing to the page in the IGB make sure you add that trailing slash to the address. This is tied to number 1, it's a little awkward I know but it works so just do it and smile :)
It's an old debate about the strings surrounded between single or double quotes if you use variables in that string and the speed PHP parse that kind of stuff. So old that I wouldn't even dig it out myself.
In the end, it's more a habit/preference for some, for others, it's a bad habit to use "$variable". (Sanitization argument, speed, etc... 2 schools shooting each other). Personnally, I don't care, I use single, sanitize and use templates anyway. So I rarely use html or print out from the php files.
To come back on topic... can't believe #4 still haven't been fixed yet.....
To add on LostS edit: Usually, the "trust" message don't come back until you close the browser and reopen it again. Doing a reload will not make it come back 
------
This sig space is Read-only !
omgalink - Online Skillsheet |
| |
|
| Pages: [1] :: one page |
| First page | Previous page | Next page | Last page |