• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 492
  • Last Modified:

Take out Sessions from PHP script

Hello, i've got a small application that is implemented into a shop system, this allows the customer to pay with something called "Ukash vouchers", that script only works if the user is logged into the shop, now i want to use that script for something else and want to get rid of the sessions so the user doesn't have to be logged into anything and can just use the script.

I want to keep all the functionality to write into MySQL

This is the script:


<?php
if(!empty($_SESSION[$session_prefix."user"]))
{
//Functions
function middlestring($string,$start,$stop){
$pos = strpos($string,$start)+strlen($start);
$retstr = substr($string,$pos);
$pos = strpos($retstr,$stop);
$retstr = substr($retstr,0,$pos);
return $retstr;
}

function curl_get($url, $head, $cook, $ssl){
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14"); 
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,$ssl);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,$ssl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, $head);
if($cook == 1) curl_setopt($ch, CURLOPT_COOKIE, $_SESSION["cookies"]);
return curl_exec($ch);
}

function curl_post($url, $datas, $cook, $ssl){
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_POST,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $datas);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14"); 
if($cook == 1) curl_setopt($ch, CURLOPT_COOKIE, $_SESSION["cookies"]);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,$ssl);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,$ssl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
return curl_exec($ch);
}

function getcookies($text, $startstr, $endstr){
$start = strpos($text, $startstr);
$end = strpos($text, $endstr);
$parts = split("Set-Cookie: ",substr($text, $start, $end-$start));
$cookies = '';
foreach ($parts as $co)
    {
    $cd = split(";",$co);
    if (!empty($cd[0]))
		{
		if(strpos($cd[0], "deleted"))
			{}
		else
		$cookies .= $cd[0].';';
		}
    }
return $cookies;
}

$mail = $ukuser;
$pass = $ukpw;
$code = $_REQUEST["code"];
$wert = $_REQUEST["guthaben"];
$captcha = $_REQUEST["captcha"];

if(empty($captcha))
{
$text = curl_get('http://www.ukash.com/global/en/login.aspx', 1, 0, 1);
$_SESSION["viewstate"] = urlencode(middlestring($text, '__VIEWSTATE" value="', '" />'));
$text = curl_post('http://www.ukash.com/global/en/login.aspx', '__EVENTTARGET=ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpMainHolder%24loginCentral_10%24loginButton&__EVENTARGUMENT=&__VIEWSTATE='.$_SESSION["viewstate"].'&sIFR_replacement_0=&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpMainHolder%24loginCentral_10%24txtEmail='.$mail.'&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpMainHolder%24loginCentral_10%24txtPassword='.$pass.'&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpMainHolder%24loginRegForm_11%24txtR1FirstName=&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpMainHolder%24loginRegForm_11%24txtR1LastName=&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpMainHolder%24loginRegForm_11%24txtR1Email=&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpMainHolder%24loginRegForm_11%24ddlDOBday=01&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpMainHolder%24loginRegForm_11%24ddlDOBmonth=01&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpMainHolder%24loginRegForm_11%24ddlDOByear=1980&%23=%2Fservices%2FlocaleRedirector.aspx%3FnodeId%3D156095%26languageCode%3Den&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpSideHolder%24sideRegisterLogin_15%24txtR1FirstName=&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpSideHolder%24sideRegisterLogin_15%24txtR1LastName=&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpSideHolder%24sideRegisterLogin_15%24txtR1Email=&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpSideHolder%24sideRegisterLogin_15%24ddlDOBday=01&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpSideHolder%24sideRegisterLogin_15%24ddlDOBmonth=01&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpSideHolder%24sideRegisterLogin_15%24ddlDOByear=1980&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24footerTellAFriend_23%24txtStFemail=&__SCROLLPOSITIONX=0&__SCROLLPOSITIONY=0', 0, 1);
$_SESSION["cookies"] = getcookies($text, 'Set-Cookie:', 'Cache-Control: ');
$text = curl_get('http://www.ukash.com/global/en/my-ukash.aspx', 1, 1, 1);
if(strpos($text, 'My Used Codes'))
	{
	$text = curl_get('https://direct.ukash.com/de/tools/combine/logic/step1.aspx?email=&culture=de&country=de&lang=de', 1, 1, 0);
	$_SESSION["cookies"] .= 'ASP.NET_SessionId='.middlestring($text, 'Set-Cookie: ASP.NET_SessionId=', ' path=/; HttpOnly');
	$_SESSION["event"] = urlencode(middlestring($text, 'EVENTVALIDATION" value="', '" />'));
	$_SESSION["viewstate"] = urlencode(middlestring($text, 'VIEWSTATE" value="', '" />'));
	$text = curl_get('https://direct.ukash.com/de/tools/combine/utils/PhishingImage.aspx', 0, 1, 0);
	echo '<form action="" method="post">
		  <table id="items">
		  <tr><td>'.$uka1lng.'</td><td><input type="text" name="code"></td></tr>
		  <tr><td>'.$uka2lng.'</td><td><input type="text" name="guthaben"></td></tr>
		  <tr><td><img src="data:image/jpg;base64,'.base64_encode($text).'"></td><td><input type="text" name="captcha"></td></tr>
		  <tr><td></td><td><input type="submit" value="'.$uka3lng.'"></td></tr>
		  </table>
		  </form><br>
		  <font color="red">'.$uka4lng.'</font>'.$uka5lng.'<br>'.$uka6lng;
	}
else
	$ukerror = $uka7lng;
}
else
	{
	if($wert < 10)
		$ukerror = $uka8lng;
	else
	{
	$text = curl_post('https://direct.ukash.com/de/tools/combine/logic/step1.aspx', '__VIEWSTATE='.$_SESSION["viewstate"].'&__EVENTVALIDATION='.$_SESSION["event"].'&tbxVoucherNo1='.$code.'&tbxVoucherVal1='.$wert.'&tbxVoucherNo2='.$code.'&tbxVoucherVal2=0&tbxVoucherNo3=&tbxVoucherVal3=&tbxVoucherNo4=&tbxVoucherVal4=&tbxVoucherNo5=&tbxVoucherVal5=&tbxVoucherNo6=&tbxVoucherVal6=&tbxVoucherNo7=&tbxVoucherVal7=&tbxVoucherNo8=&tbxVoucherVal8=&tbxVoucherNo9=&tbxVoucherVal9=&tbxVoucherNo10=&tbxVoucherVal10=&tbxBaseCurrency=EUR&tbxVerContent='.$captcha.'&chkTerms=on&btnConsolidate=', 1, 0);
	if(strpos($text, 'stimmt nicht mit dem Systemcode'))
		$ukerror = $uka9lng;
	else
		{
		$text = curl_get('https://direct.ukash.com/de/tools/combine/logic/step2.aspx?lang=de', 1, 1, 0);
		$_SESSION["viewstate"] = urlencode(middlestring($text, 'VIEWSTATE" value="', '" />'));
		$_SESSION["event"] = urlencode(middlestring($text, 'EVENTVALIDATION" value="', '" />'));
		if(strpos($text, 'Ihre Ukash Referenznummer'))
			{
			$text = curl_post('https://direct.ukash.com/de/tools/combine/logic/step2.aspx?lang=de', '__VIEWSTATE='.$_SESSION["viewstate"].'&__EVENTVALIDATION='.$_SESSION["event"].'&btnProceed=', 1, 0);
			$text = curl_get('https://direct.ukash.com/de/tools/combine/logic/Step4.aspx', 1, 1, 0);
			
			$newukash = middlestring($text, 'span id="lblVoucherDetailValue"', '</table>');
			$newukash = middlestring($newukash, '<tr><td>', '</td></tr>');
			$newukash = split('</td><td>', $newukash);
			
			$newcode = $newukash[0];
			$ukguthaben = $newukash[2];
			
			$user = mysql_fetch_array(mysql_query('SELECT * FROM users WHERE username="'.$_SESSION[$session_prefix."user"].'"'));
			$geld = floor($user["guthaben"] + $ukguthaben);
			mysql_query('UPDATE users SET guthaben="'.$geld.'" WHERE username="'.$_SESSION[$session_prefix."user"].'"');
			mysql_query('INSERT into ukash (user, code1, code2, value) VALUES ("'.$_SESSION[$session_prefix."user"].'", '.$newcode.', 0, '.$ukguthaben.')');

			echo floor($ukguthaben).' '.$guthaben.$uka10lng;
			
			}
		else
		$ukerror = $uka11lng;
		}
	}
	}
echo $ukerror;
}
else
echo'<font color="red">'.$uka12lng.'</font>';
?>

Open in new window

0
Rhcarmincke
Asked:
Rhcarmincke
  • 2
1 Solution
 
RhcarminckeAuthor Commented:
Alternatively, is there a way to create a session upon opening the page, without the need to use some login form ? So i could use the same user for everyone and the script would work again.
0
 
kdotkannanCommented:

You can add a user name for the session by simply adding a line before your code.

$_SESSION['user'] = "username" ; // add this code before your existing code.
//your code follows
if(!empty($_SESSION[$session_prefix."user"]))
{
//Functions

But you have many other information from the session, if it is empty the your code may not work as expected.

You can try with adding the one line that I have given above. In later stage you have code to read and update db with session user. So make sure that you use proper name.  

kannan
0
 
RhcarminckeAuthor Commented:
Hello, Thanks for your input, but that didn't let me be logged in, this is the index page, i think it has to be defined there:

<?php
include('./inc/config.php');
include('./inc/functions.php');
include('./lang/'.$language.'.lng');
$id = addslashes($_REQUEST["id"]);
$user = addslashes($_REQUEST["username"]);
$pass = addslashes($_REQUEST["password"]);
$language = strtolower($language);
if(empty($id)) $id =1;
$file = mysql_query('SELECT * FROM navi_'.$language.' WHERE id="'.$id.'"');
if(mysql_num_rows($file)>0)
$file = mysql_fetch_array($file);
else
$file = mysql_fetch_array(mysql_query('SELECT * FROM navi_'.$language.' WHERE id="404"'));

if(!empty($user) AND !empty($pass))
{$query = mysql_query('SELECT * FROM users WHERE username="'.$user.'" AND pass="'.md6($pass).'"');
if(mysql_num_rows($query) == 1) {$_SESSION[$session_prefix."user"] = ucfirst($user); echo'<meta http-equiv="refresh" content="0; url=index.php?id=8">';}
else $error = 'Username oder Passwort ist falsch.';}

include('./designe/'.$designe.'/head.tpl');
include('./designe/'.$designe.'/navi.php');
include('./designe/'.$designe.'/middle.tpl');

	if(file_exists('./pages/'.$file["file"]))
	{echo'<h1>'.ucfirst($file["title"]).'</h1>';
	include('./pages/'.$file["file"]);}
	if(!empty($error)) echo '<font color="red">'.$error.'</font>'; 
	
include('./designe/'.$designe.'/foot.tpl');	
?>

Open in new window


So lets say username is hans, password is hans, and hans id is 122, what would i have to add to make every user that visits the page be automatically logged in as "hans" ?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now