| Question : | Using Curl can I access the OpenSRS admin control panel (tucows) | |
| | Answer : |
<?php
/*
Curl must be compiled into PHP and have SSL support
TODO
----
Add credit card payment option https://rr-n1-tor.opensrs.net/resellers/index?action=ccp
Add renew domain function (Requires to page lookup)
*/
function opensrs_login ($srs_username,$srs_password,$cookie)
{
/*
This function logs into the OpenSRS system, it sends the default cookie sting to make the system think
you have been to the login page first. The initial system we wrote went to the login page first andf obtained
the first cookie and then sent that. However unless they change the system this way will also work without
needing the additional request.
You would just need to goto the login page get the cookie and then send it with
//curl_setopt ($ch, CURLOPT_COOKIEFILE, "/tmp/srs/cookie.txt");
rather than using the line
curl_setopt($ch,CURLOPT_COOKIE,"CheckCookie=CheckCookie; domain=.opensrs.net; path=/resellers");
However we don't feel this is needed
*/
$ch = curl_init ("https://rr-n1-tor.opensrs.net/resellers/index?action=login&username=$srs_username&password=$srs_password");
$cookie_new = fopen ("$cookie", "w"); // Save the cookie in a tmp file
$webpage = fopen ("/dev/null", "w"); // We don't need to save the webpage so dev/null it
curl_setopt ($ch, CURLOPT_WRITEHEADER, $cookie_new); // We need to save the cookie sent on a good login
curl_setopt($ch,CURLOPT_COOKIE,"CheckCookie=CheckCookie; domain=.opensrs.net; path=/resellers");
curl_setopt ($ch, CURLOPT_FILE, $webpage);
curl_setopt ($ch, CURLOPT_HEADER, 0);
curl_exec ($ch);
curl_close ($ch);
fclose ($cookie_new);
fclose ($webpage);
if( !opensrs_check_cookie ($cookie) )
{
return false;
}
// If we are at this point we have logged into the SRS system and have a valid cookie
return true;
}
function opensrs_sendpassword ($srs_domain,$webpage_file,$cookie,$contact="admin")
{
/*
This function will request the managment password be sent to either the admin or owner contact
it defaults to the admin contact if no contact option is set
*/
GLOBAL $srs_error_message; // This is used to return an error messages
if($contact != "admin")
{
$contact = "owner";
}
if( !opensrs_check_cookie ($cookie) )
{
$srs_error_message = "Login cookie not found, have you logged in!";
return false;
}
$ch = curl_init ("https://rr-n1-tor.opensrs.net/resellers/index?action=send_password&send_to=".$contact."&sub_user=0&domain=".$srs_domain."&type=password");
$webpage = fopen ("$webpage_file", "w"); // We want to save the page so we can check for errors
curl_setopt ($ch, CURLOPT_COOKIEFILE, "$cookie"); // Send the cookie that shows we have already logged in
curl_setopt ($ch, CURLOPT_FILE, $webpage); // Tell it where to write the log page
curl_setopt ($ch, CURLOPT_HEADER, 0); // We don't want to save headers
curl_exec ($ch);
curl_close ($ch);
fclose ($webpage);
// Now open the webpage retreived and look for error messages
$webpage = fopen ("$webpage_file", "r");
while (!feof ($webpage)) {
$buffer = fgets($webpage, 4096);
if( strstr($buffer,"Error") )
{
$error_found = 1;
$srs_error_message = "Error in sending Password";
}
if( strstr($buffer,"Domain not in database") )
{
$error_found = 1;
$srs_error_message = "Domain ($srs_domain) not in database";
}
}
fclose ($webpage);
unlink("$webpage_file"); // Remove the webpage
if($error_found == 1)
{
return false;
}
// If we are at this point we found the login cookie, and we found no errors
return true;
}
function opensrs_get_contacts ($srs_domain,$webpage_file,$cookie)
{
GLOBAL $srs_admin_contact,$srs_owner_contact,$srs_error_message;
if( !opensrs_check_cookie ($cookie) )
{
$srs_error_message = "Login cookie not found, have you logged in!";
return false;
}
$ch = curl_init ("https://rr-n1-tor.opensrs.net/resellers/index?action=view_domain&name=".$srs_domain);
$webpage = fopen ("$webpage_file", "w"); // We want to save the page so we can pull out the contacts
curl_setopt ($ch, CURLOPT_COOKIEFILE, "$cookie"); // Send the cookie that shows we have already logged in
curl_setopt ($ch, CURLOPT_FILE, $webpage); // Tell it where to write the log page
curl_setopt ($ch, CURLOPT_HEADER, 0); // We don't want to save headers
curl_exec ($ch);
curl_close ($ch);
fclose ($webpage);
// Now open the webpage retreived and look for error messages
$webpage = fopen ("$webpage_file", "r");
while (!feof ($webpage)) {
$buffer = fgets($webpage, 4096);
if( strstr($buffer,"Error") )
{
$error_found = 1;
$srs_error_message = "Error in getting contacts";
}
if( strstr($buffer,"Domain not in database") )
{
$error_found = 1;
$srs_error_message = "Domain ($srs_domain) not in database";
}
if( strstr($buffer,"E-Mail Login Password") )
{
$buffer = ereg_replace( "\t", "" , $buffer);
$buffer = ereg_replace( "\(", "" , $buffer);
$buffer = ereg_replace( "\)", "" , $buffer);
$buffer = ereg_replace( "\<\/a\>", "" , $buffer);
$buffer = trim($buffer);
if ( strstr($buffer,"Admin Contact") )
{
$buffer = ereg_replace( "E-Mail Login Password to the Admin Contact", "" , $buffer);
$buffer = ereg_replace( " ", "" , $buffer);
$srs_admin_contact = $buffer;
}else
{
$buffer = ereg_replace( "E-Mail Login Password to the Owner Contact", "" , $buffer);
$buffer = ereg_replace( " ", "" , $buffer);
$srs_owner_contact = $buffer;
}
}
}
fclose ($webpage);
unlink("$webpage_file"); // Remove the webpage
if($error_found == 1)
{
return false;
}
return true;
}
function opensrs_payment_info ($webpage_file,$cookie)
{
if( !opensrs_check_cookie ($cookie) )
{
$srs_error_message = "Login cookie not found, have you logged in!";
return false;
}
$ch = curl_init ("https://rr-n1-tor.opensrs.net/resellers/index?action=view_payments");
$webpage = fopen ("$webpage_file", "w"); // We want to save the page so we can pull out the contacts
curl_setopt ($ch, CURLOPT_COOKIEFILE, "$cookie"); // Send the cookie that shows we have already logged in
curl_setopt ($ch, CURLOPT_FILE, $webpage); // Tell it where to write the log page
curl_setopt ($ch, CURLOPT_HEADER, 0); // We don't want to save headers
curl_exec ($ch);
curl_close ($ch);
fclose ($webpage);
$webpage = fopen ("$webpage_file", "r");
while (!feof ($webpage)) {
$buffer = fgets($webpage, 4096);
if( strstr($buffer,"Error") )
{
$error_found = 1;
$srs_error_message = "Error in getting account balance";
}
//<b>Current Account Balance:</b> $97.50 <br>
if( strstr($buffer,"Current Account Balance:") )
{
$buffer = ereg_replace( '<b>', "" , $buffer);
$buffer = ereg_replace( '</b>', "" , $buffer);
$buffer = ereg_replace( '<br>', "" , $buffer);
$buffer = ereg_replace( ':', "" , $buffer);
$buffer = ereg_replace( 'Current Account Balance', "" , $buffer);
$buffer = ereg_replace( ' ', "" , $buffer);
$buffer = trim($buffer);
$amount = $buffer;
}
}
fclose ($webpage);
unlink("$webpage_file"); // Remove the webpage
return $amount;
}
function opensrs_check_cookie ($cookie)
{
if( ! is_readable ($cookie) )
{
return false;
}
$error_found = 1; // Set as default, if a valid login it will be reset
$cookie_file = fopen ("$cookie", "r");
while (!feof ($cookie_file)) {
$buffer = fgets($cookie_file, 4096);
if( strstr($buffer,"Set-Cookie: RESELLER_LIVE_KEY") )
{
$error_found = 0;
}
}
fclose ($cookie_file);
if( $error_found == 1 )
{
return false;
}
return true;
}
function random_cookie ($dir="/tmp")
{
mt_srand();
$cookie = mt_rand (1000, 10000);
while(file_exists("$dir/$cookie") )
{
mt_srand();
$cookie = mt_rand (1000, 10000);
}
return $cookie;
}
/* No more functions just the code now*/
$srs_username = "USERNAME";
$srs_password = "";
$temp_dir = "/tmp"; // this should have read/write for the webserver user /tmp is less secure
if( (!is_writable($temp_dir)) || (!is_readable($temp_dir)) )
{
echo "Error $temp_dir has not got correct permissions<BR>";
exit(0);
}
$cookie = "$temp_dir/".random_cookie ($temp_dir);
$webpage_file = "$temp_dir/".random_cookie ($temp_dir);
if( opensrs_login ($srs_username,$srs_password,$cookie) )
{
/*
if( opensrs_sendpassword ("php4hosting.com",$webpage_file,$cookie) )
{
echo "Password sent<BR>";
}else
{
echo "Failed to send password<BR>";
echo "$srs_error_message<BR>";
}
if( opensrs_get_contacts ("php4hosting.com",$webpage_file,$cookie) )
{
echo "$srs_admin_contact<BR>";
echo "$srs_owner_contact<BR>";
}else
{
echo "Failed to get contacts<BR>";
echo "$srs_error_message<BR>";
}
*/
echo opensrs_payment_info ($webpage_file,$cookie);
}else
{
echo "Failed to login to openSRS system<BR>";
}
// remove files that pose a security risk
if( file_exists($cookie) )
{
unlink($cookie);
}
if( file_exists($webpage) )
{
unlink($webpage);
}
?>
| | |
