I went through the script step by step with a debugger, examining what the script
sends and what the server returns.
Everything works fine right up to the last step. The script correctly logs in to the
server, and it receives the authentication
cookie. But when it
requests that the password be sent, it is redirected back to the login screen. That's
what happens if it's running on my server.
When I run it from my home machine, the last step DOES NOT get redirected to the login
screen, instead I get a message saying that
the password has been sent.
To me that says that the script is correct, and the server is refusing to send
passwords when the request comes from my server. Is
this possible ? Can OpenSRS block me ?
Best Regards,
Alex Brecher
Visit us at http://www.Successfulhosting.com
We'll make your web site a success!
Get your own domain name for only $14.99 http://www.DiscountDomainRegistry.com
*****PLEASE DO NOT DELETE ANY PART OF THIS MESSAGE WHEN REPLYING*****
----- Original Message -----
From: "Alex Brecher" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, June 27, 2001 7:15 PM
Subject: Password Script
> We were using a script that allowed users to automatically have their login sent to
>the admin. email address listed for their
> domain. Two weeks ago this script stopped working. We have not touched the server
>and we're sure that all of the necessary
libraries
> have not changed or have been updated. I moved the script onto my local machine and
>it was working flawlessly! Any suggestions ???
> Here is the script we were using:
>
> ----------------------------------------------------------
> #!/usr/bin/perl
> &parse_query();
> print "Content-type: text/html\n\n";
> if (! $INPUT{'domain'} ) {
> print "No domain entered - hit the back button and retry.";
> exit;
> }
> #$INPUT{domain} = "123language.com";
> open (TEMPLATE, "base.html");
> while (<TEMPLATE>) {
> $HTML .= $_;
> }
> $username = "XXXXX";
> $password = "XXXXX";
> use LWP;
> use LWP::UserAgent;
> use HTTP::Cookies;
> use HTTP::Request;
> use HTTP::Status;
> $string = "https://rr-n1-tor.opensrs.net/resellers/index?username="; . "$username" .
>"&password=" . "$password" .
> "&action=login";
> my $ua = LWP::UserAgent->new;
> my $cookies = HTTP::Cookies->new; # Create a cookie jar
> $ua->cookie_jar($cookies); # Enable cookies
> $req = new HTTP::Request('GET', 'https://rr-n1-tor.opensrs.net/resellers/index');
> my $response = $ua->request($req);
> $mainresponse = $response->content();
> if ($mainresponse =~ /OpenSRS/) {
> $req2 = new HTTP::Request('GET', "$string");
> my $response2 = $ua->request($req2);
> $loginresponse = $response2->content();
> if ($loginresponse =~ /Domain Registration Administration/ ) {
> $url =
>"https://rr-n1-tor.opensrs.net/resellers/index?action=send_password&domain=$INPUT{'domain'}";
> $req3 = new HTTP::Request('GET', "$url");
> my $response3 = $ua->request($req3);
> $resp = $response3->content();
> if ($resp =~ /Password sent/) {
> $HTML =~ s/{{CONTENT}}/Password sent/;
> } else {
> $HTML =~ s/{{CONTENT}}/There was an error\. Try again later or contact
>support\./;
> }
> print $HTML;
> exit;
> } else {
> $HTML =~ s/{{CONTENT}}/There was an error\. Could not connect to server (code 1)\.
>Try again later or contact support\./;
> print $HTML;
> exit;
> }
> } else {
> $HTML =~ s/{{CONTENT}}/There was an error\. Could not connect to server (code 2a)\.
>Try again later or contact support\./;
> print $HTML;
> exit;
> }
> sub parse_query {
> @pairs = split(/&/, $ENV{'QUERY_STRING'});
> foreach $pair (@pairs) {
> ($name, $value) = split(/=/, $pair);
> $value =~ tr/+/ /;
> $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
> if ($INPUT{$name}) { $INPUT{$name} = $INPUT{$name}.",".$value; }
> else { $INPUT{$name} = $value; }
> $value =~ s/<!--(.|\n)*-->//g;
> }
> }
> ----------------------------------------------------------
>
> Best Regards,
>
> Alex Brecher
>
> Visit us at http://www.Successfulhosting.com
> We'll make your web site a success!
>
> Get your own domain name for only $14.99 http://www.DiscountDomainRegistry.com
>
> *****PLEASE DO NOT DELETE ANY PART OF THIS MESSAGE WHEN REPLYING*****
>
