Here's what I would like to do.
I have a PHP file in my server where I would like to call java applet. The applet function will send a get request to read a page from third party server. Now I want page read from applet function to be sent to PHP script. To simply put ,i want the return value of the applet request function in a PHP variable. Is it possible to do?
I want to do this way because I already have the code to parse the page information in PHP, so I don't want to rewrite that in java again.
I wanted the Java applet because the request has to be sent using the client information like IP. So I don't want to use proxies.
Note: I am not trying to hack anyone's server. I am not a advanced programmer of either Java or PHP. Please reply me in a descriptive manner possibly with pseudo code.
I already have the code to parse the page information in PHP, so I don't want to rewrite that in java again.
PHP should be able to get that page more easily than can a Java applet. The applet would need to be trusted or in communication with a site that uses the 'cross-domain resources' file that explicitly allows hot-linking.
Searches on 'php proxie' seemed to spill out around 7.32 million hits. I'd start there.
Related
I have started to develop an HTTP/1.0 web server under Java(not for commercial purpose, just for fun). Hope this will increase my confidence. Initially, I just wanted to include PHP support(only rest API). I have almost done the request parsing and now I have stuck on executing the request. That's why I would like to know how actually web server like Apache communicates with PHP. It would be appreciable if you please share your experience, knowledge in details regarding this.
Thanks in advance
it is good to know how things works, it will help you understand the deep aspect of development and servers.
In regards to your question, the APACHE knows that the files ends with .php must be sent to PHP interpreter to execute it and provide the results, check this anatomy of a request.
Step 1
The user enters https://stackoverflow.com into their browser and taps/hits 'enter'.
Step 2
The browser sends the page request over the Internet to the web server.
Step 3
The web server gets the request and analyzes the request information. Apache realizes that we didn't specify a file, so it looks for a directory index and finds index.php.
Step 4
Since Apache knows to send files that end with the .php file extension to the PHP interpreter, it asks PHP to execute the file.
This knowledge of Apache is specified in the httpd.conf file, it tells Apache exactly what to do when it find the .php files.
Step 5
PHP Interpreter is executing the code contained in the index.php file from the request. During this step, PHP may interact with databases, the file system or make external API calls, amongst other things.
Step 6
After PHP Interpreter has finished executing the index.php file, it sends the output back to Apache. Note that the output will be HTML.
Step 7
Apache receives the output from PHP and sends it back over the Internet to a user's web browser. This is called the response.
Step 8
The user's web browser receives the response from the server, and renders the web page on a computer or device.
Hope this will shed the light on where you should focus, please visit https://httpd.apache.org/docs/2.4/ and check what modules the Apache use to find the PHP interpreter, also note you will need to install PHP separately to achieve this.
Im developing a little serverside api to use with a java client (which i wrote too).
The api is written with jersey (RESTful) und running on a tomcat server. The data it provides is passed to the client as Json-String and all communication is performed via Http.
I now want to ensure that only my own client programm is able to access the api (At the moment, as its http, everyone could receive the json data via an ordinary browser). Therefor, im looking for a way to "identify" my clientside programm to the api with a key or something like that. I first thought about using the user-agent for identification, but this could easily be copied. So i need some kind of key which changes dynamically or something like that.
Whats a good way to do that?
I searched in the net but didnt find a proper answer (maybe wrong keywords?), so im happy for every hint and/or link about that topic.
Edit: The client side programm is an android app. I want to make sure noone is creating a similar app and use my server for his purpose.
If the attacker has a the client in his possession, there's almost no security that can't eventually be compromised.
A good start, that's fairly out of box is bi-directional SSL authentication (Client and Server certificates). This is supported out of the box and requires little code changes.
I need to be able to access my database, which in it's own isn't hard as java can directly access it. I want to, however, use a php script to access it, as I need to insert stuff into the database as well, and I don't want to have the username and password of a read-write accoutn for my database in my java code. If someone decompiles it, he can just access my database and do stuff with it...
So basicly, I want to use a PHP script and send $_POST request info from my java code to my php script
(yes, java, not javascript ;-) )
You can do this, no problem. Use a URLConnection with setDoOutput(true), and get its output stream for the POST.
Of course, your PHP script should make sure that all data which is sent is sane, as anyone could send such a request to your PHP script. (Or you would need some way for the Java application to authenticate itself to the PHP script, which simply shifts the problem of hiding these credentials instead of the database ones.)
You should store DB credentials in configuration file to avoid embedding them directly into the code.
Im trying to use DefaultHttpClient to log into xbox.com. I realize that you cant be logged in without visiting http://login.live.com, so I was going to submit to the form on that page and then use the cookies in any requests to xbox.com.
The problem is that requesting anything from live.com using DefaultHttpClient returns the followings message.
Windows Live ID requires JavaScript to sign in. This web browser either does not support JavaScript, or scripts are being blocked.
How do I tell DefaultHttpClient to tell the server that javascript is available for use? I tried looking in the default options and also adding it as a parameter object but I cant see what I've got to do.
The reason this is happening is that this line of HTML is getting parsed from live:
<noscript><meta http-equiv="Refresh" content="0; URL=http://login.live.com/jsDisabled.srf?mkt=EN-US&lc=1033"/>Windows Live ID requires JavaScript to sign in. This web browser either does not support JavaScript, or scripts are being blocked.<br /><br />To find out whether your browser supports JavaScript, or to allow scripts, see the browser's online help.</noscript>
Which is used to redirect you if your client does not have javascript enabled (and therefore will parse <noscript> tags.)
You could try to use a less intelligent HTTP library which does no parsing of the content, but which instead simply does the transport and leaves the parsing to you.
Use Wireshark to trace the communication using both a browser and your program, and look for the differences. It's hard to say what, exactly, live.com/xbox.com are looking for, but there is likely some AJAX-y code used to get the actual content.
Windows Live ID requires JavaScript to sign in. This web browser either does not support JavaScript, or scripts are being blocked.To find out whether your browser supports JavaScript, or to allow scripts, see the browser's online help.
I'm creating a Java applet which communicate with my PHP website by requesting pages and retrieving their contents. It works pretty well, and it allows my applet to use PHP sessions.
However, I tried to launch the applet with Opera (instead of Firefox), and it appears that Opera doesn't let my applet use its PHP session, and as Java (or at least IcedTea) doesn't handle PHP sessions itself, I can't make my applet work.
Is there any way to make Java be able to handle PHP sessions?
You would have to carry the PHP session ID in every query. That is, make a start_session.php which returns only the result of session_start(); and echo session_id() and use that number in the subsequent queries, that is, other.php?sid=XXXXX inside other.php use session_id($_GET['sid']); to start the session.