EVE Technology Lab

Forum Index

EVE Forums » EVE Technology and Research Center » EVE Technology Lab » EVE Trust popup doesn't work.

Topic is locked indefinitely.

EVE Trust popup doesn't work.
Author

Previous Topic Next Topic

Viziam Amarr Empire 14
Gurran Wecri Viziam Amarr Empire Likes received: 14	#1 - 2012-09-16 21:46:35 UTC \| Edited by: Gurran Wecri code here site here Sincerely, Patrick Thomas (Timberwolf) Timberwolf Programmers Owner & Founder

Liu Ellens

Sebiestor Tribe

Minmatar Republic

Likes received: 116

#2 - 2012-09-17 06:15:05 UTC

I'm without dev environment right now, so guesses only by looking at the code and what your problems might be (a little more detail would help).

1. I know I'm checking the content of the 'trusted' header against "Yes", so I guess it would be "No" with a capital 'N' for your case. Did you verify that this branch is entered?
2. What wonders me even more is whether this header "eve.trustme" would work or what its signature is (Read: I don't know it, but also the colon separation looks... interesting)

The only way to request trust that I know is via the IGB JavaScript function "CCPEVE.requestTrust()" -- see here, last item under "Always available functions". So, your PHP script would need to create a proper page with a small JavaScript block in this case.

Well, they oughta know what to do with them hogs out there for shure.

Steve Ronuken

Fuzzwork Enterprises

Vote Steve Ronuken for CSM

Likes received: 6,759

#3 - 2012-09-17 11:19:31 UTC

If you're using Apache 2.4, or Nginx, you'll have a problem with using the headers. Because, as they have underscores in them, they're being stripped.

However, it looks like you're using Apache 2.2 (You're a little behind on patching, btw. You might want to see about adding a servertokens prod directive Blink

and ServerSignature Off while you're at it.)

You're getting an internal server error, leading to the white page.
Probably caused by:
$ingame = (strstr($_SERVER['HTTP_USER_AGENT'], == 'Python-urllib/2.5'));

I'm assuming you're trying to look for the string, then evaluating it (so if it's not 0, it's true), if so, just take out the ==

Woo! CSM XI!

Fuzzwork Enterprises

Twitter: @fuzzysteve on Twitter

Gurran Wecri

Viziam

Amarr Empire

Likes received: 14

#4 - 2012-09-21 02:16:20 UTC | Edited by: Gurran Wecri

Ok, I changed the code:

$ingame = (strstr($_SERVER['HTTP_USER_AGENT'], 'Python-urllib/2.5'));

and

if ($_SERVER['HTTP_EVE_TRUSTED']=='no')
{
CCPEVE.requestTrust('http://www.ip-programs.com/upevess.php');
$trusted = false;
}
else
{
$trusted = true;
$pilotname = $_SERVER['HTTP_EVE_CHARNAME'];
$pilotcorp = $_SERVER['HTTP_EVE_CORPNAME'];
}

But i get: Must be in game to upload.

BTW: Most of this stuff was copied, pasted, and edited to what was needed to make it for my website.

Sincerely, Patrick Thomas (Timberwolf) Timberwolf Programmers Owner & Founder

Liu Ellens

Sebiestor Tribe

Minmatar Republic

Likes received: 116

#5 - 2012-09-21 06:07:53 UTC

As for checking for the IGB, I am searching for the string "EVE-IGB", which also makes it more expressive what you are looking for. I don't know by heart whether the given "Python..." string is included.
Try an echo on it to see the contents. (There's also the phpinfo() function that dumps you the complete environment)

Second, an this will give you more work and things you'll need to understand, the "CCPEVE.requestTrust" line is meant to be in a JavaScript block that is to be executed in the browser. This line in the PHP context on the server wont work.
Like I wrote before, if the PHP script determines that the IGB does not trust your site, it will need to send back a valid HTML page and this page needs the call to requestTrust() . If your PHP script is executed without trust, it won't receive it suddenly.

The sequence would look like:
Client -> Server: GET page.php (no trust)
Server -> Client: OK (HTML page with the JavaScript call, either statically onLoad or by button press or...)
Client -> User: Request Trust Popup
(Then trigger a reload, either by script or explicitly by user)
Client -> Server: GET page.php (with trust)
Server -> Client: OK (process result)

And third, a general warning: I guess you want to achieve a lock over your private data/restricted access area. Checking this merely by testing browser header is wrong. It works, but not the way you intend it. Especially since your script is public, anyone can fake these headers by readily available tools and break into your site.

Finally, as you are copy/pasting things around, I need to ask whether you simply want a job done or want to learn the programming languages and necessary APIs for your task. For the former I suggest you look for others willing to do it for you (There's a thread for example here) and for the latter, I suggest you dig into the basics of the languages first, including learning some basic debugging tools & helper.

Well, they oughta know what to do with them hogs out there for shure.


Gurran Wecri Viziam Amarr Empire Likes received: 14	#6 - 2012-09-29 04:04:34 UTC \| Edited by: Gurran Wecri I changed the code, here it is. Sincerely, Patrick Thomas (Timberwolf) Timberwolf Programmers Owner & Founder