PDA

View Full Version : HTTP_GET Access to Password protected File


Dragony92
23/09/2013, 04:26 AM
I'm trying to get access to protected file by sending username and password in url, but server is every time returing code 1 (HTTP_ERROR_BAD_HOST).

Example:

HTTP(playerid, HTTP_GET, "http://user:pass@domain.com/file.txt", "", "MyHttpResponse");


And also can someone explain me how to use 4th param in HTTP function.

whatthefuck123
23/09/2013, 05:03 AM
4th param is post.. i dont think u need that for .txt file

What exactly are u trying to do with this? login system?

Dragony92
23/09/2013, 06:07 AM
To get data from protected file...

Vince
23/09/2013, 09:20 AM
I believe you can only structure an FTP URL like that. I also don't think it is even possible to circumvent the authorization with the HTTP() function, because you can't send the required HTTP Authorization headers. http://en.wikipedia.org/wiki/Basic_access_authentication#Client_side

I recommend writing a PHP script that can only be accessed from the localhost and the server's IP. This is probably the easiest way to keep unwanted persons out. Replace the x'es with your server IP.


<?php
if($_SERVER['REMOTE_IP'] != '127.0.0.1' && $_SERVER['REMOTE_IP'] != 'x.x.x.x')
{
header('HTTP/1.1 403 Forbidden');
exit();
}
?>

Rest of file here

Dragony92
23/09/2013, 09:37 AM
Hmm, is there anyway to allow server ip and other user:pass accs by htaccess?

iJumbo
23/09/2013, 09:46 AM
Check for htaccess and htpasswd tutorials on web

Dragony92
23/09/2013, 10:12 AM
Sloved...

AuthUserFile /path/to/.htpasswd
AuthName "Private"
Authtype Basic
require valid-user
order deny,allow
deny from all
allow from x.x.x.x
allow from 127.0.0.1
Satisfy Any