2

After looking a bit around I came to this page. Here, I found some code to send a C# string to a PHP page.

However, after implementing it in my own program it did not work. Here is my code:

        private void executesend()
        {  
            using (WebClient client = new WebClient())
            {
                client.UploadString(url,"POST",keys);
            }
        }

For the PHP part, I have:

    <?php 
    mysql_connect("localhost", "", "") or die(mysql_error()); // Connect to database server(localhost) with username and password.
            mysql_select_db("dimittv89_dayz") or die(mysql_error()); // Select registration database.
            $name = $_GET["message"];
 if ( $_SERVER['REQUEST_METHOD'] == 'POST' )
{
    $name = file_get_contents('php://input');

    $opdracht = "INSERT INTO 'keys', (`key`) VALUES ('$name')";
    print $name;
}

if (mysql_query($opdracht)){ 
echo "succesfully registerd to the melloniax u wil now be returned to our main page";
 }
 else{
 echo "hey something went wrong there ! please try again in a minute";
 }


 ?>

In the same topic one of the users also said to try this:

php?fmessage=testtesttest"

and write down the output using

$name = $_GET["message"];
print $name;

This did not work either. Am I doing something wrong?

Thanks for the help already

Well sofar i found out its not the send value thats wrong but the get value :

Username = Registry.CurrentUser.OpenSubKey("Username", true);
Name = "" + Username.GetValue("Uid");

in the regedit menu it says that the value is a REG_BINARY, are these readable with getvalue ?

Community
  • 1
  • 1
MX D
  • 2,453
  • 4
  • 35
  • 47
  • 2
    Can you elaborate a bit on how it doesn't work? What happens exactly? – Mr Lister Feb 01 '13 at 15:03
  • you probably didn't send to the correct php file, make sure you are writting the whole path for the php file, because the user that reply wanted to check if you're addressing to the correct page. – Orel Eraki Feb 01 '13 at 15:06
  • @MrLister i try to send a string i obtain in C# ( visual studio 10) to string url = "http://melloniax.com/receive.php?message=testtesttest"; the message is for the test message i tryd and i want the php page to get that string and send it to a php table through a querry – MX D Feb 01 '13 at 15:09
  • Can you included more of your code? It seems to me that you may have flow control problems in code. – Andrew Cox Feb 01 '13 at 15:15
  • Side note: Please be careful to avoid SQL Injection. – BenMaddox Feb 01 '13 at 15:15
  • @AndrewCox updated the php code – MX D Feb 01 '13 at 15:24
  • There appears to be a typo in your test described. php?fmessage=abc would be have a result if you did $name = $_GET["fmessage"] not $_GET["message"] – TaRDy Feb 01 '13 at 15:34
  • @TaRDy well thats how it was describe in the link i added :) now i got the message part to work, then how am i supposed to make the query work correctly . also sql injection alert ? is it that bad to use it? – MX D Feb 01 '13 at 15:41
  • What is `$keys`? can you show what's in it? – Shani Elharrar Feb 01 '13 at 15:43
  • @ShaniElharrar The regkey Registry.CurrentUser.OpenSubKey("Username", true); keys = "" + RegKey.GetValue("Uid"); this is made the first time you run the program – MX D Feb 01 '13 at 15:46
  • 1
    I am guessing that the SQL statement is incorrect. Can you add to the answer the returned string from the `client.UploadString(url,"POST",keys);` You should be able to debug and just catch the returned value of the function. – Andrew Cox Feb 01 '13 at 15:54
  • @AndrewCox nice tip! i tried it and found out the problem is not the send but the keys value itself. it returns that the value is not there eventhough it is :/. so i am doing something wrong in obtaining the keys now lets find out what :D – MX D Feb 01 '13 at 16:08
  • so is `print $name;` returning nothing, or a different value from `keys` in the c#. – Andrew Cox Feb 01 '13 at 16:34
  • @AndrewCox Nothing as it could not find the key, i managed to fix that much and now it does actualy find the key. it also shows it on the page as i use print. but still not doing the query for some reason. or atleast it doesent end up in my table – MX D Feb 01 '13 at 16:51
  • try doing `print $opdracht` and running the result against your ms sql console to see what the error is. – Andrew Cox Feb 01 '13 at 17:20
  • @AndrewCox thanks for all the help ;) i found out why it is not workin. its returning error code 403 not allowed. could either be i did not configure my users rights correctly ( i dont think thats the case) or i am not allowed to sql inject. If you know any other reasons why this message would come up please tell me but i think this pretty much covers all my issues ^^ – MX D Feb 01 '13 at 17:47

1 Answers1

1

use this code for c# and php :

private void executesend()
    {  

                HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url);

                req.Method = "POST";
                string Data = "message="+keys;
                byte[] postBytes = Encoding.ASCII.GetBytes(Data);
                req.ContentType = "application/x-www-form-urlencoded";
                req.ContentLength = postBytes.Length;
                Stream requestStream = req.GetRequestStream();
                requestStream.Write(postBytes, 0, postBytes.Length);
                requestStream.Close();

                HttpWebResponse response = (HttpWebResponse)req.GetResponse();
                Stream resStream = response.GetResponseStream();

                var sr = new StreamReader(response.GetResponseStream());
                string responseText = sr.ReadToEnd();


            }
            catch (WebException)
            {

                MessageBox.Show("Please Check Your Internet Connection");
            }

}

and php

<?php 
    mysql_connect("localhost", "", "") or die(mysql_error()); // Connect to database server(localhost) with username and password.
            mysql_select_db("dimittv89_dayz") or die(mysql_error()); // Select registration database.

 if (isset($_POST['message']))
{
    $name = $_POST['message'];

    $opdracht = "INSERT INTO keys (key) VALUES ('$name')";
    print $name;
    if (mysql_query($opdracht)){ 
     echo "succesfully registerd to the melloniax u wil now be returned to our main page";
    }
    else{
     echo "hey something went wrong there ! please try`enter code here` again in a minute";
    }

}

?>
Pouya Darabi
  • 2,246
  • 18
  • 23