piccaso Posted June 7, 2007 Posted June 7, 2007 Raik said: it uses openssl so simply use it direct. do you have any idea how simple that would be?You probably dont know the openssl api Raik said: 1. base64 decoding does not work properly2. passwords should be hashed (non reversible), to avoid instant access for passwd-file-stealer.use md5 or crypt and compare the given passwd after hashing it with the same algo to the saved one.and save the passwd-file outside the webroot. yep, base64 is broken because of the unicode changes in autoit...it is very common to store the password file unencrypted on windows, and it doesent matter where its stored because if the web server can access it then any cgi/whatever can too....But i agree, hashing would be a good idea Will66 said: 1. Server hangs when submitting a form using POST and php-cgi.exe. Server wont proccess anything further after the post submission until its restarted.Autoit doesent support binary pipes, this may be fixed with some maniac use of DllCall... Quote 2.folderIndex "index.html" in server.conf ........can this be a list?, eg. folderIndex "index.html,index.htm,index.php" because ie7 doesn't list the folder tree, ffox does.eww ie7 Quote We can start the server and start a gui that uses _IE.au3 to embedd a browser using com....if php files could be embedded in the built exe and prevent viewing source code.....we'd be running php apps as exe's......that'd be very cool!btw, when using php, php doesn't need to be installed as such, alls required is point to location of php-cgi.exe. php4ts.dll needs to be in the same folder.I'm using the minimal php that comes with windbinder.do you know about pcc ?it builds on windows too...it makes normal exe's, dll's, microserver's...but if you compile in all required runtime's (rather than distributing dll's) you end up with an > 3mb file Quote An alternative i've been utilising and the reason that got me reading this post is shttpd (50kb) c source is freely available.Last time i checked (over a year ago) shttpd was so buggy i didnt want to use it.but maybe its good today as far as i remember it provides a sdk to make your own websrevers.maybe this could be turned into a dll/plugin for autoit... CoProc Multi Process Helper libraryTrashBin.nfshost.com store your AutoIt related files here!AutoIt User Map
Will66 Posted June 8, 2007 Posted June 8, 2007 piccaso said: do you know about pcc ?it builds on windows too...it makes normal exe's, dll's, microserver's...but if you compile in all required runtime's (rather than distributing dll's) you end up with an > 3mb file Last time i checked (over a year ago) shttpd was so buggy i didnt want to use it.but maybe its good today as far as i remember it provides a sdk to make your own websrevers.maybe this could be turned into a dll/plugin for autoit...no i don't know about pcc?
Apzo Posted June 8, 2007 Posted June 8, 2007 (edited) http://www.roadsend.com/home/index.phpI tried, not realy easy to understand. Still trying to BEWARE : the installer resets the %PATH environment variable, be sure to save it before !! Edited June 8, 2007 by Apzo All the pop3 functions.Rsync your files on your USB key (or anywhere else)
Raik Posted June 9, 2007 Posted June 9, 2007 piccaso said: do you have any idea how simple that would be?You probably dont know the openssl api is it possible? then it doesent matter if it is complicated. piccaso said: yep, base64 is broken because of the unicode changes in autoit...this one works with the new autoit too. piccaso said: it doesent matter where its stored because if the web server can access it then any cgi/whatever can too....it does matter where it is stored, because if it is stored inside the public_html folder, everybody, who knows about this, will be able, to download it.if somebody writes a vulnerable script and does not tread every input from the user as untrustable (checking length, allowed chars, etc.), this will be outside of our reach. AutoIt-Syntaxsheme for Proton & Phase5 * Firefox Addons by me (resizable Textarea 0.1d) (docked JS-Console 0.1.1)
piccaso Posted June 9, 2007 Posted June 9, 2007 Raik said: is it possible? then it doesent matter if it is complicated.Well at least is complicated.There are some functions which need callback but i dont know if they are critical.everytime i look at the partly documentet api i allways go back to stunnel Quote it does matter where it is stored, because if it is stored inside the public_html folder, everybody, who knows about this, will be able, to download it.im not sure on how authentication is implemented in this server but i assumed the server wont let you download it. Quote if somebody writes a vulnerable script and does not tread every input from the user as untrustable (checking length, allowed chars, etc.), this will be outside of our reach.Yes php acts that way when configured right but everyithing between <?au3 ?> tags has the same access rights and even the same module name as the server.are you interested in continuing the development on this server? CoProc Multi Process Helper libraryTrashBin.nfshost.com store your AutoIt related files here!AutoIt User Map
sshrum Posted June 13, 2007 Posted June 13, 2007 Nice. Got it working on my system. Had a thought...(2 actually): Why not envset() the query string values: ; environment-ize the query string entries [sshrum] $sReserved = "REMOTE_ADDR|SERVER_NAME|SERVER_SOFTWARE|SERVER_PORT|SERVER_PROTOCOL|QUERY_STRING|REQUEST_URI|SCR IPT_NAME" if $queryString <> "" Then $aArguments = StringSplit($queryString, "&") for $i = 1 to $aArguments[0] $aArgument = StringSplit($aArguments[$i], "=") ; dis-allow reserved if not stringinstr($sReserved, $aArgument[1]) then if $aArgument[0] = 2 then envset ($aArgument[1],$aArgument[2]) Else envset ($aArgument[1],"") EndIf EndIf next endif ;-- sshrum stop ...and why not set up the preprocess call to handle script calls to other engines: perl, php, etc.? Sean Shrum :: http://www.shrum.net All my published AU3-based apps and utilities 'Make it idiot-proof, and someone will make a better idiot'
sshrum Posted June 14, 2007 Posted June 14, 2007 Do'h...found the newer version: sweet...autoit, php, perl, and python. Idea: How about error logging? Sean Shrum :: http://www.shrum.net All my published AU3-based apps and utilities 'Make it idiot-proof, and someone will make a better idiot'
sshrum Posted June 14, 2007 Posted June 14, 2007 Idea for the function lib: Func _GetQueryValue($sLookup="") $aQuery = stringsplit(envGet('QUERY_STRING'),"&") for $i = $aQuery[0] to 1 step -1 if stringinstr($aQuery[$i],"=") Then $sKey = stringleft($aQuery[$i], stringinstr($aQuery[$i], "=") - 1) if $sLookup = $sKey Then return stringtrimleft($aQuery[$i], stringlen($sKey)+1) EndIf EndIf Next return "" EndFunc Takes the last instance of a repeated key as the current (http://www.foo.com?page=q&foo=bar&page=t===); _GetQueryValue('page') will return 't===' as is how Apache deals with repeated keys. Also allows for additional '=' char in values. Sean Shrum :: http://www.shrum.net All my published AU3-based apps and utilities 'Make it idiot-proof, and someone will make a better idiot'
sshrum Posted June 14, 2007 Posted June 14, 2007 Just an FYI... I like to keep my \public_html outside of the server folder like this: \www -+ \public_html -+ \server-1.2 ----+ \server -+ \server-1.3 ----+ \ server -+ \... ...so in my server.conf I'd like to list my DOCUMENT_ROOT as '\..\..\public_html' This way I can have multiple server code projects to deal with the same content. I just noticed that fileGetLongName() doesn't resolve the full pathname for this type of folder ref. Sean Shrum :: http://www.shrum.net All my published AU3-based apps and utilities 'Make it idiot-proof, and someone will make a better idiot'
shadesdude Posted June 15, 2007 Posted June 15, 2007 I've been lurking around the forums for a while now and I think I made something post worthy.I combined the web server with a few Itunes control scraps laying around and created a web service to control it =D.This pack comes fully setup all you need to do is run the server.exe and you have web control of your music. Simply navigate to either 127.0.0.1 on the computer that it is running or visit it from another computer. Haha and if you don't trust me just grab the index.aux file out of the Http folder and use it with your own server. If you don't want to use it as the index page add "& envGet('SCRIPT_NAME')" to each of the lines that start with "consoleWrite ('<a href="' &"Credits to SolidSnake for the idea and some of the com controls and of course to all the guys working on the WebServer.http://files.filefront.com/ItunesServerzip...;/fileinfo.htmlSample page (may go down depending on how hard I get hit)
Will66 Posted June 18, 2007 Posted June 18, 2007 hoping someone will help me out with this as i don't really understand networking stuff and i don't want to mess with the original script without knowing what i'm effecting.Can someone please give me an example of how to combine server.au3 with an embedded web browser using one of the options for embedding IE into a gui eg:$oIE = ObjCreate("Shell.Explorer.2") or <IE.au3>.I'm wanting that when i run server.au3 a gui opens which contains embedded browser and loads the index page from localhost:#include <GUIConstants.au3> #include <IE.au3> _IEErrorHandlerRegister () $oIE = _IECreateEmbedded () GUICreate("Embedded Web control Test", 640, 580, _ (@DesktopWidth - 640) / 2, (@DesktopHeight - 580) / 2, _ $WS_OVERLAPPEDWINDOW + $WS_VISIBLE + $WS_CLIPSIBLINGS) $GUIActiveX = GUICtrlCreateObj($oIE, 10, 40, 600, 360) _IENavigate ($oIE, "127.0.0.1") //localhost _IEAction($oIE,"refresh") GUISetState() ;Show GUIThe code for server.au3 is from here the svnHow can I incorporate this as a single service please?....i.e 1 trayicon, 1 service
piccaso Posted June 18, 2007 Posted June 18, 2007 The tricky part is combining the main gui loop with the servers main loop... but i wouldn't do that if i where you. but you could make a separate process and do some ipc stuff... check out CoProc from my sig. if you need an example on ipc or search the forums for WM_COPYDATA CoProc Multi Process Helper libraryTrashBin.nfshost.com store your AutoIt related files here!AutoIt User Map
Will66 Posted June 18, 2007 Posted June 18, 2007 piccaso said: The tricky part is combining the main gui loop with the servers main loop...but i wouldn't do that if i where you.but you could make a separate process and do some ipc stuff...check out CoProc from my sig. if you need an example on ipc or search the forums for WM_COPYDATAThanx for the info piccaso, i'll check it out.I did manage to incorporate the gui with the server but its pretty hacked up by hiding the servers tray icon/menu and adding the TCPShutdown() call to the browser guis exit function using on event mode....it worked but i knew its not good,Cheers
Raik Posted July 4, 2007 Posted July 4, 2007 (edited) piccaso said: im not sure on how authentication is implemented in this server but i assumed the server wont let you download it.i feel not like an ostrich ... as long, as i dont KNOW, i will feel mutch better, if it is outside the folder, witch the server will provide for webaccess. piccaso said: Yes php acts that way when configured right but everyithing between <?au3 ?> tags has the same access rights and even the same module name as the server.php too has the same rights as the server, but as long as you not implement access outside the webroot via php, nobody will be able, to gain it. Edited July 4, 2007 by Raik AutoIt-Syntaxsheme for Proton & Phase5 * Firefox Addons by me (resizable Textarea 0.1d) (docked JS-Console 0.1.1)
AzKay Posted July 20, 2007 Posted July 20, 2007 Cant get it working with PHP. Im getting "No input file specified.", When I go to a php file. # MY LOVE FOR YOU... IS LIKE A TRUCK- #
Will66 Posted November 21, 2007 Posted November 21, 2007 make sure there are no spaces in your path to php. If your using php4 then use php-cgi.exe, php5 use php.exe.My problem is images are not showing eg:http://localhost/leftbg.gifAndhttp://localhost/images/leftbg.gifThe paths are right, but all i get is the red X
Will66 Posted November 21, 2007 Posted November 21, 2007 Will66 said: make sure there are no spaces in your path to php. If your using php4 then use php-cgi.exe, php5 use php.exe.My problem is images are not showing eg:http://localhost/leftbg.gifAndhttp://localhost/images/leftbg.gifThe paths are right, but all i get is the red Xbump
Will66 Posted November 21, 2007 Posted November 21, 2007 images display for anyone else? ^^ Am I the only one?
Will66 Posted November 22, 2007 Posted November 22, 2007 TWIMC Maybe if i bump long enough ^^^, someone might be kind enough to relay to me whether images are displaying ok for them. Viewing the source code of a served html page shows the correct code eg: <img scr="some.gif"> However the image is not displaying, which leads me to suggest the images are not mapped properly (http://localhost/some.gif) to the actual file location. All the settings in server config file are correct and there are no permission issues. Regards
Will66 Posted November 23, 2007 Posted November 23, 2007 Will66 said: TWIMCMaybe if i bump long enough ^^^, someone might be kind enough to relay to me whether images are displaying ok for them. Viewing the source code of a served html page shows the correct code eg: <img scr="some.gif"> However the image is not displaying, which leads me to suggest the images are not mapped properly (http://localhost/some.gif) to the actual file location.All the settings in server config file are correct and there are no permission issues.RegardsSeems to be a security issue?I've tested at work on xp pro and images show fine(btw,i'm not the administrator).When i compile on my machine at home(xp home,btw,i AM the administrator) and run I get security alert and click to unblock.Images still not showing via running compiled or uncompiled running through scite.Any ideas...please?
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now