pearweb
[ class tree: pearweb ] [ index: pearweb ] [ all elements ]
Packages:
pearweb_index
pearweb


Files:
rest-login.php

File: rest-login.php

Source Location: /pearweb_index-1.16.13/public_html/rest-login.php

Classes:

Page Details:

Simple REST-based server for remote authentication

To access, first browse to rest-login.php/getsalt and retrieve a salt plus the session idea from the HTTP response headers. Then, use the salt to create a new hash of the hashed password and send a POST request to rest-login.php/validate and the response will be returned in plain text. If the first character returned is "8" then the login succeeded. 1-6 are internal errors, 0 and 7 are invalid logins.

Here is some sample code for a client to access this server:

  1.  <?php
    2. 

  2.  $user 'username';
    3. 

  3.  $password 'password';
    4. 

  4.  
    5. 

  5.  $salt file_get_contents('https://pear.php.net/rest-login.php/getsalt');
    6. 

  6.  $cookies array_values(preg_grep('/Set-Cookie:/'$http_response_header));
    7. 

  7.  preg_match('/PHPSESSID=(.+); /'$cookies[0]$session);
    8. 

  8.  $pass md5($salt md5($password));
    9. 

  9.  $opts = array('http' => array(
    10. 

  10.      'method' => 'POST',
    11. 

  11.      'header' => 'Cookie: PHPSESSID=' $session[1';',
    12. 

  12.      'content' => http_build_query(array('username' => $user'password' => $pass))
    13. 

  13.  ));
    14. 

  14.  $context stream_context_create($opts);
    15. 

  15.  var_dump(file_get_contents('https://pear.php.net/rest-login.php/validate'false$context));
    16. 

  16.  ?>
    17.

Documentation generated on Mon, 11 Mar 2019 15:14:36 -0400 by phpDocumentor 1.4.4. PEAR Logo Copyright © PHP Group 2004.