question about winhttp

[nacerbaaziz]

goodmorning autoit team

today am comming with some winhttp problems, i hope that you can help me to solve them.

the first problem

is when opening a request

my forums api allow me to delete any post using the api key

all functions work, i mean post / get

but when i tried to use the delete verb it's gave me an html 404 error

here is what am tried

#include "WinHttp.au3"

; Open needed handles
Global $hOpen = _WinHttpOpen()
Global $hConnect = _WinHttpConnect($hOpen, "xxxxxxxx.com")
; Specify the reguest:

Global $hRequest = _WinHttpOpenRequest($hConnect, "Delete", "/vb/Api/posts/10447/?hard_delete=true", default, default)
_WinHttpAddRequestHeaders($hRequest, "XF-Api-Key:xxxxx")
_WinHttpAddRequestHeaders($hRequest, "XF-Api-User:xxxxx")

; Send request
_WinHttpSendRequest($hRequest)

; Wait for the response
_WinHttpReceiveResponse($hRequest)

Global $sHeader = 0, $sReturned = 0
; If there is data available...
If _WinHttpQueryDataAvailable($hRequest) Then 
$sHeader = _WinHttpQueryHeaders($hRequest, $WINHTTP_QUERY_CONTENT_DISPOSITION)
;Or maybe:
; $sHeader = _WinHttpQueryHeaders($hRequest, BitOR($WINHTTP_QUERY_RAW_HEADERS_CRLF, $WINHTTP_QUERY_CUSTOM), "Content-Disposition")

    Do
        $sReturned &= _WinHttpReadData($hRequest)
    Until @error
msgBox(64, "", $sReturned)
endIf


; Close handles
_WinHttpCloseHandle($hRequest)
_WinHttpCloseHandle($hConnect)
_WinHttpCloseHandle($hOpen)

 

and here is the error message

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /vb/Api/posts/10447/
on this server.<br />
</p>
</body></html>

 

i hope you can help me 

thanks in advance

[nacerbaaziz]

so,
@Jos
when i use Post verb or Get it work
e.g here is the result when i use the same example with the Get command
 

expandcollapse popup

{
    "post": {
        "attach_count": 0,
        "can_edit": true,
        "can_hard_delete": true,
        "can_react": true,
        "can_soft_delete": true,
        "can_view_attachments": true,
        "is_first_post": false,
        "is_last_post": true,
        "is_reacted_to": false,
        "last_edit_date": 1593265281,
        "message": "\u0627\u0644\u0633\u0644\u0627\u0645 \u0639\u0644\u064a\u0643\u0645 \u0645\u0648\u0636\u0648\u0639 \u062c\u0645\u064a\u0644 \u0628\u0627\u0631\u0643 \u0627\u0644\u0644\u0647 \u0641\u064a\u0643 \u064a\u0627 \u062d\u0648\u062f\u0649",
        "message_state": "visible",
        "position": 5,
        "post_date": 1593264635,
        "post_id": 10447,
        "reaction_score": 0,
        "Thread": {
            "BaUser": null,
            "can_edit": true,
            "can_edit_tags": true,
            "can_hard_delete": true,
            "can_reply": true,
            "can_soft_delete": true,
            "can_view_attachments": true,
            "custom_fields": {},
            "discussion_open": true,
            "discussion_state": "visible",
            "discussion_type": "",
            "first_post_id": 10289,
            "first_post_reaction_score": 3,
            "Forum": {
                "breadcrumbs": [
                    {
                        "node_id": 48,
                        "title": "\u0627\u0644\u0642\u0633\u0645 \u0627\u0644\u0639\u0627\u0645",
                        "node_type_id": "Category"
                    }
                ],
                "description": "",
                "display_in_list": true,
                "display_order": 100,
                "node_id": 49,
                "node_name": null,
                "node_type_id": "Forum",
                "parent_node_id": 48,
                "title": "\u0627\u0644\u0645\u0646\u062a\u062f\u0649 \u0627\u0644\u0639\u0627\u0645",
                "type_data": {
                    "allow_poll": true,
                    "allow_posting": true,
                    "can_create_thread": true,
                    "can_upload_attachment": true,
                    "discussion_count": 85,
                    "last_post_date": 1593264635,
                    "last_post_id": 10447,
                    "last_post_username": "MesterPerfect",
                    "last_thread_id": 4884,
                    "last_thread_prefix_id": 0,
                    "last_thread_title": "\u0645\u0627 \u0647\u0648 \u0645\u0641\u0647\u0648\u0645 \u0627\u0644\u0623\u0645\u0646 \u0627\u0644\u0633\u064a\u0628\u0631\u0627\u0646\u064a",
                    "message_count": 172,
                    "min_tags": 0,
                    "require_prefix": false
                }
            },
            "is_watching": true,
            "last_post_date": 1593264635,
            "last_post_id": 10447,
            "last_post_user_id": 2,
            "last_post_username": "MesterPerfect",
            "node_id": 49,
            "post_date": 1592577213,
            "prefix_id": 0,
            "reply_count": 5,
            "sticky": false,
            "tags": [
                "\u0625\u0644\u0649",
                "\u0627\u0644\u0623\u0645\u0646",
                "\u0627\u0644\u0633\u064a\u0628\u0631\u0627\u0646\u064a",
                "\u0627\u0644\u0645\u0639\u0644\u0648\u0645\u0627\u062a",
                "\u0639\u0644\u0649"
            ],
            "thread_id": 4884,
            "title": "\u0645\u0627 \u0647\u0648 \u0645\u0641\u0647\u0648\u0645 \u0627\u0644\u0623\u0645\u0646 \u0627\u0644\u0633\u064a\u0628\u0631\u0627\u0646\u064a",
            "User": {
                "activity_visible": true,
                "age": 21,
                "avatar_urls": {
                    "o": null,
                    "h": null,
                    "l": null,
                    "m": null,
                    "s": null
                },
                "can_ban": false,
                "can_converse": true,
                "can_edit": true,
                "can_follow": true,
                "can_ignore": true,
                "can_post_profile": true,
                "can_view_profile": true,
                "can_view_profile_posts": true,
                "can_warn": false,
                "custom_fields": {
                    "facebook": "mahmoud.atef.000",
                    "gender": "male",
                    "screen_readers": "1",
                    "skype": "mahmoud.atef.000",
                    "twitter": "",
                    "windows": "4"
                },
                "custom_title": "",
                "dob": {
                    "year": 1999,
                    "month": 4,
                    "day": 4
                },
                "is_admin": true,
                "is_banned": false,
                "is_discouraged": false,
                "is_followed": false,
                "is_ignored": false,
                "is_moderator": false,
                "is_staff": false,
                "is_super_admin": true,
                "last_activity": 1593209942,
                "location": "\u0627\u0644\u0642\u0627\u0647\u0631\u0629",
                "message_count": 91,
                "reaction_score": 141,
                "register_date": 1533659760,
                "secondary_group_ids": [
                    3,
                    4
                ],
                "signature": "",
                "trophy_points": 93,
                "user_group_id": 2,
                "user_id": 6,
                "user_state": "valid",
                "user_title": "\u0639\u0636\u0648 \u0641\u0639\u0627\u0644",
                "username": "mahmoud.atef",
                "visible": true,
                "warning_points": 0,
                "website": "https://mx-blind.com"
            },
            "user_id": 6,
            "username": "mahmoud.atef",
            "view_count": 92,
            "visitor_post_count": 1
        },
        "thread_id": 4884,
        "User": {
            "activity_visible": true,
            "avatar_urls": {
                "o": "https://secure.gravatar.com/avatar/324bc0d4e2add5deec287b874280734d?s=384",
                "h": "https://secure.gravatar.com/avatar/324bc0d4e2add5deec287b874280734d?s=384",
                "l": "https://secure.gravatar.com/avatar/324bc0d4e2add5deec287b874280734d?s=192",
                "m": "https://secure.gravatar.com/avatar/324bc0d4e2add5deec287b874280734d?s=96",
                "s": "https://secure.gravatar.com/avatar/324bc0d4e2add5deec287b874280734d?s=48"
            },
            "can_ban": false,
            "can_converse": true,
            "can_edit": true,
            "can_follow": true,
            "can_ignore": false,
            "can_post_profile": true,
            "can_view_profile": true,
            "can_view_profile_posts": true,
            "can_warn": false,
            "custom_fields": {
                "facebook": "my.nvda.1",
                "gender": "male",
                "screen_readers": "1",
                "skype": "live:AhmedBakr012",
                "twitter": "my_nvda",
                "windows": "3",
                "Telegram": "MesterPerfect"
            },
            "custom_title": "",
            "dob": {
                "year": null,
                "month": 10,
                "day": 1
            },
            "is_admin": true,
            "is_banned": false,
            "is_discouraged": false,
            "is_followed": false,
            "is_ignored": false,
            "is_moderator": true,
            "is_staff": true,
            "is_super_admin": true,
            "last_activity": 1593268517,
            "location": "sohag, Egypt",
            "message_count": 3042,
            "reaction_score": 2073,
            "register_date": 1533539769,
            "secondary_group_ids": [
                3,
                4
            ],
            "signature": "[CENTER][SIZE=5]\u2022\u2022\u2022 \uf0d7 The Elimination Chamber is back\u2022\u2022\u2022 \uf0d7[/SIZE][/CENTER]\n[YOUTUBESUBSCRIBER]UC-JaR2UmCzOjz7TFPHS9YHg[/YOUTUBESUBSCRIBER]",
            "trophy_points": 595,
            "user_group_id": 2,
            "user_id": 2,
            "user_state": "valid",
            "user_title": "\u0627\u0644\u0648\u0633\u0627\u0645 \u0627\u0644\u0645\u0627\u0633\u064a",
            "username": "MesterPerfect",
            "visible": true,
            "warning_points": 0,
            "website": "https://mx-blind.com"
        },
        "user_id": 2,
        "username": "MesterPerfect",
        "warning_message": ""
    }
}

 

[Jos]

I removed my post earlier as I misread the error code....   but either way ...  there isn't much we can do unless we can test. the 403 is an access issue.

Jos

[nacerbaaziz]

sir @Jos

if you want can i send you a temp api to private to be able to test

[nacerbaaziz]

i tried to Read the UDF and do a small compairation with the Microsoft Doc, i can't find any problem, only post and get working, the others no

what i need to is

post, delete, put, and get

i can't know where is the problem

[nacerbaaziz]

here the api i tried to use
xenforo api

and here is the UDF that i used
autoit-winhttp

Edited June 27, 2020 by nacerbaaziz

[TheXman]

Why are you asking what appears to be a XenForo Forum API related questions in an AutoIt forum?  Looking at the response to the DELETE API request that you posted earlier, you got back a 403 Forbidden response.  Given that your GET requests are successful, that probably means that either your API call is not correct or that the XF-Api-User does not have permission to delete the specified post.

[nacerbaaziz]

@TheXman

i can not know if the problem is from the API function

or from the winhttp i posted here just to know where is the problem, ifit not from winhttp and not from the udf

i will go to xenforo cominity and i will post a thread there 

[TheXman]

Are you using a Super-User api-key?  I assume that you are because you supplied an api-user in the header.  If that user does not have permission to delete posts, that is why you are getting a 403 response.  If you want to bypass the user's context and delete the post as a super user, then you must do it on a per-request basis.  The following is taken from the API documentation:

If the request is made with a super user key and you wish to bypass the context user's permissions, this may be done on a per-request basis by setting the api_bypass_permissions parameter to 1. (This can be passed via a query string or as part of the request body.)

That information above can be found on the following page of the API doc:

https://xenforo.com/xf2-docs/dev/rest-api/

Edited June 27, 2020 by TheXman

[nacerbaaziz]

the api key is a super key

i put an admin user

by the way i don't know how i can pass this param using winhttp, can you gid me to do that and test please?

note: when i tried to create e.g a new thread using a guest api key it gave me an error msg as json string told me that the api does not have the permitions to do that

[TheXman]

Assuming that everything else in your script is correct, then you can try changing the follow line from:

Global $hRequest = _WinHttpOpenRequest($hConnect, "Delete", "/vb/Api/posts/10447/?hard_delete=true", default, default)

To

Global $hRequest = _WinHttpOpenRequest($hConnect, "Delete", "/vb/Api/posts/10447?hard_delete=true&api_bypass_permissions=1", default, default)

 

[nacerbaaziz]

unfortunately, the same problem

i will try to use the delete with php and i will see the return, then i will tell you what the result
 

[nacerbaaziz]

hello again,

i confermed that the problem from the xenforo api i conntacted them

now i have a small problem with json

i hope that i can find here a reply

i have this data

expandcollapse popup

{
    "success": true,
    "conversation": {
        "can_edit": true,
        "can_invite": true,
        "can_reply": true,
        "can_upload_attachment": true,
        "conversation_id": 955,
        "conversation_open": true,
        "first_message_id": 1710,
        "is_starred": false,
        "last_message_date": 1593345206,
        "last_message_id": 1710,
        "last_message_user_id": 5,
        "open_invite": false,
        "recipient_count": 2,
        "recipients": {
            "2": "MesterPerfect"
        },
        "reply_count": 0,
        "start_date": 1593345206,
        "Starter": {
            "activity_visible": false,
            "avatar_urls": {
                "o": "https://mx-blind.com/vb/data/avatars/o/0/5.jpg?1534192853",
                "h": "https://mx-blind.com/vb/data/avatars/h/0/5.jpg?1534192853",
                "l": "https://mx-blind.com/vb/data/avatars/l/0/5.jpg?1534192853",
                "m": "https://mx-blind.com/vb/data/avatars/m/0/5.jpg?1534192853",
                "s": "https://mx-blind.com/vb/data/avatars/s/0/5.jpg?1534192853"
            },
            "can_ban": false,
            "can_converse": false,
            "can_edit": true,
            "can_follow": false,
            "can_ignore": false,
            "can_post_profile": true,
            "can_view_profile": true,
            "can_view_profile_posts": true,
            "can_warn": false,
            "custom_fields": {
                "facebook": "baaziznacer1",
                "gender": "male",
                "screen_readers": "2",
                "skype": "simple-blind",
                "twitter": "baaziznacer",
                "windows": "4"
            },
            "custom_title": "",
            "is_admin": true,
            "is_banned": false,
            "is_discouraged": false,
            "is_followed": false,
            "is_ignored": false,
            "is_moderator": true,
            "is_staff": true,
            "is_super_admin": true,
            "last_activity": 1593287145,
            "location": "\u0627\u0644\u062c\u0632\u0627\u0626\u0631",
            "message_count": 597,
            "reaction_score": 569,
            "register_date": 1533642994,
            "secondary_group_ids": [
                3,
                4
            ],
            "signature": "\u2022 \u0627\u0644\u062f\u0646\u064a\u0627 \u062b\u0644\u0627\u062b\u0629 \u0623\u064a\u0627\u0645: \u0627\u0644\u0623\u0645\u0633 \u0639\u0634\u0646\u0627\u0647 \u0648\u0644\u0646 \u064a\u0639\u0648\u062f\u060c \u0627\u0644\u064a\u0648\u0645 \u0646\u0639\u064a\u0634\u0647 \u0648\u0644\u0646 \u064a\u062f\u0648\u0645\u060c \u0648\u0627\u0644\u063a\u062f: \u0644\u0627 \u0646\u062f\u0631\u064a \u0623\u064a\u0646 \u0633\u0646\u0643\u0648\u0646 \u0641\u0635\u0627\u0641\u062d\u060c \u0648\u0633\u0627\u0645\u062d\u060c \u0648\u062f\u0639 \u0627\u0644\u062e\u0644\u0642 \u0644\u0644\u062e\u0627\u0644\u0642\u060c \u0641\u0623\u0646\u0627 \u0648\u0623\u0646\u062a \u0648\u0647\u0645 \u0648\u0646\u062d\u0646 \u0631\u0627\u062d\u0644\u0648\u0646\u060c \u0641\u0645\u0646 \u0623\u0639\u0645\u0627\u0642 \u0642\u0644\u0628\u0643 \u0633\u0627\u0645\u062d \u0645\u0646 \u0623\u0633\u0627\u0621 \u0625\u0644\u064a\u0643.",
            "trophy_points": 210,
            "user_group_id": 2,
            "user_id": 5,
            "user_state": "valid",
            "user_title": "\u0639\u0636\u0648 \u0645\u062d\u062a\u0631\u0641",
            "username": "\u0646\u0627\u0635\u0631 \u0628\u0639\u0632\u064a\u0632",
            "visible": true,
            "warning_points": 0,
            "website": "http://mx-blind.com/"
        },
        "title": "\u0623\u0646\u0627 \u0632\u0641\u062a",
        "user_id": 5,
        "username": "\u0646\u0627\u0635\u0631 \u0628\u0639\u0632\u064a\u0632"
    }
}

 

i need to decode it using json

can we do that using autoit?

because the utf8 text here is encoded

thanks in advance

[Jos]

This is an example script that will read your posted data from "data.txt" and then display 2 of the keys of which one is containing Unicode characters:

#include "Json.au3"
$data = FileRead("data.txt")
Json_dump($data)
$object = json_decode($data)
$register_date=json_get($object, '.conversation.Starter.register_date')
MsgBox(262144, 'Debug line ~' & @ScriptLineNumber, 'Selection:' & @CRLF & '$register_date' & @CRLF & @CRLF & 'Return:' & @CRLF & $register_date) ;### Debug MSGBOX
$signature=json_get($object, '.conversation.Starter.signature')
MsgBox(262144, 'Debug line ~' & @ScriptLineNumber, 'Selection:' & @CRLF & '$signature' & @CRLF & @CRLF & 'Return:' & @CRLF & $signature) ;### Debug MSGBOX

The json.au3 can be found here:  

 

Jos

[nacerbaaziz]

@Jos

 

thank you very much

it fully worked with me

realy thank you

and sorry for bothering you

accept my greetings to all who helped me