I've just moved to new server and got this error due to webmaster has disabled this function(because of security reasons):
PHP Code:
Warning: file_get_contents() [function.file-get-contents]: URL file-access is disabled in the server configuration in /home/public_html/files/ym/status.php on line 3
The easiest thing to do is to ask your host to open up the PHP directive allow_url_fopen. That is how PHP is able to issue an fopen (or any sub-variation of it including file_get_contents() and file()) over an http:// protocol instead of a file:// protocol. Baring that, you can use either curl library or directly invoking sockets to connect remotely. Curl can easily be disabled by simply not configuring it, while sockets are the least likely to be closed since they take explicit commanding on the denied functions list.
If they refuse to open the allow_url_fopen directive, than check if your sockets are available:
PHP Code:
$rf = new ReflectionFunction("fsockopen"); printf("fsockopen is available? %s" . PHP_EOL, ($rf->isDisabled() ? 'no' : 'yes'));
If that says its available, you should be able to use sockets for this.
__________________
As of PHP 5.5, the MySQL library has been officially deprecated. It is recommended to move to either MySQLi or PDO libraries for your mysql connectivity. See here for help choosing which interface you prefer: http://php.net/manual/en/mysqlinfo.api.choosing.php
$sDomain = 'mail.opi.yahoo.com';
$iTimeout = 10;
$sStatus = ''; // I'd actually recommend defaulting this to whatever the "offline" status is.
if (isset($_GET['id'], $_GET['img']))
{
if ($fh = @fsockopen($sDomain, 80, $errno, $errstr, $iTimeout))
{
$sResult = '';
$sWrite = "GET /online?u={$_GET['id']}&m=a&t=1 HTTP/1.1\r\n";
$sWrite .= "Host: $sDomain\r\n";
$sWrite .= "Connection: Close\r\n\r\n";
fwrite($fh, $sWrite);
while (!feof($fh))
{
$sResult .= fread($fh, 128);
}
$sStatus = !empty($sResult) ? $sResult : $sStatus;
fclose($fh);
}
$file = './icon/'.$sStatus.'/'.$_GET['img'].'.gif'; // This $_GET['img'] isn't really the most secure. Perhaps a switch validation should be used.
if(is_file($file))
{
header("Content-type: image/gif");
readfile($file);
}
}
Try that.
__________________
As of PHP 5.5, the MySQL library has been officially deprecated. It is recommended to move to either MySQLi or PDO libraries for your mysql connectivity. See here for help choosing which interface you prefer: http://php.net/manual/en/mysqlinfo.api.choosing.php
Thank you very much. I did, but nothing happened(Still blank). I'm going to inbox you my server details.
I'm so sorry for bothering you but you're the only person who can help me out
That won't really help me.
What will help is if you tell me what the $status is you can get back from them. I kinda forgot that with sockets you'll need to strip the headers out from the return result, so I doubt you have a status that looks exactly like this:
Code:
HTTP/1.1 200 OK
Date: Mon, 28 Jan 2013 23:57:25 GMT
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Expires: Thu, 05 Jan 1995 22:00:00 GMT
Cache-Control: private
Vary: Accept-Encoding
Connection: close
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
2
00
0
I don't know what the 2, 00, or 0 stand for in their results. Getting there would be easy, but its not knowing what the linefeeds between the numbers represent.
__________________
As of PHP 5.5, the MySQL library has been officially deprecated. It is recommended to move to either MySQLi or PDO libraries for your mysql connectivity. See here for help choosing which interface you prefer: http://php.net/manual/en/mysqlinfo.api.choosing.php
That won't really help me.
What will help is if you tell me what the $status is you can get back from them. I kinda forgot that with sockets you'll need to strip the headers out from the return result, so I doubt you have a status that looks exactly like this:
Code:
HTTP/1.1 200 OK
Date: Mon, 28 Jan 2013 23:57:25 GMT
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Expires: Thu, 05 Jan 1995 22:00:00 GMT
Cache-Control: private
Vary: Accept-Encoding
Connection: close
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
2
00
0
I don't know what the 2, 00, or 0 stand for in their results. Getting there would be easy, but its not knowing what the linefeeds between the numbers represent.
Sadly, I didn't get anything from $status. Can you check your PM box please?
I just need to know what directories you have since you use the status here: $file = './icon/'.$status. . .. That $status is what the content body is of the file_get_contents, but with the socket run I have I don't have a valid messenger to give it so all it gives me back is 2\n00\n0, and I don't know what that means in combination with the $status directories you have.
__________________
As of PHP 5.5, the MySQL library has been officially deprecated. It is recommended to move to either MySQLi or PDO libraries for your mysql connectivity. See here for help choosing which interface you prefer: http://php.net/manual/en/mysqlinfo.api.choosing.php
list($header, $body) = explode("\r\n\r\n", $sResult);
$aHeaders = explode("\r\n", $header); // optional, can scanf off of the regular string
sscanf($aHeaders[0], 'HTTP/1.1 %d %s', $code, $httpStatus);
if ($code == 200)
{
// Now, this is what I'm not sure about. The status you have in the directories match this, but I'm not sure why it differs from the file_get_content.
$aBody = explode("\n", $body);
$sStatus = isset($aBody[1]) ? $aBody[1] : '00';
}
fclose($fh);
And near the top set the default value of $sStatus to '00' as a string.
Try that.
__________________
As of PHP 5.5, the MySQL library has been officially deprecated. It is recommended to move to either MySQLi or PDO libraries for your mysql connectivity. See here for help choosing which interface you prefer: http://php.net/manual/en/mysqlinfo.api.choosing.php
<?php $sDomain = 'mail.opi.yahoo.com'; $iTimeout = 10; $sStatus = '00'; // I'd actually recommend defaulting this to whatever the "offline" status is. if (isset($_GET['id'], $_GET['img'])) { if ($fh = @fsockopen($sDomain, 80, $errno, $errstr, $iTimeout)) { $sResult = ''; $sWrite = "GET /online?u={$_GET['id']}&m=a&t=1 HTTP/1.1\r\n"; $sWrite .= "Host: $sDomain\r\n"; $sWrite .= "Connection: Close\r\n\r\n"; fwrite($fh, $sWrite); while (!feof($fh)) { $sResult .= fread($fh, 128); } list($header, $body) = explode("\r\n\r\n", $sResult); $aHeaders = explode("\r\n", $header); // optional, can scanf off of the regular string sscanf($aHeaders[0], 'HTTP/1.1 %d %s', $code, $httpStatus); if ($code == 200) { // Now, this is what I'm not sure about. The status you have in the directories match this, but I'm not sure why it differs from the file_get_content. $aBody = explode("\n", $body); $sStatus = isset($aBody[1]) ? $aBody[1] : '00'; } fclose($fh); }
$file = './icon/'.$sStatus.'/'.$_GET['img'].'.gif'; // This $_GET['img'] isn't really the most secure. Perhaps a switch validation should be used. if(is_file($file)) { header("Content-type: image/gif"); readfile($file); } } ?>
k, put in some logging and attach to the script directly:
PHP Code:
<?php
$sDomain = 'mail.opi.yahoo.com';
$iTimeout = 10;
$sStatus = '00'; // I'd actually recommend defaulting this to whatever the "offline" status is.
if (isset($_GET['id'], $_GET['img']))
{
printf("Connecting to %s" . PHP_EOL, $sDomain);
if ($fh = @fsockopen($sDomain, 80, $errno, $errstr, $iTimeout))
{
$sResult = '';
$sWrite = "GET /online?u={$_GET['id']}&m=a&t=1 HTTP/1.1\r\n";
$sWrite .= "Host: $sDomain\r\n";
$sWrite .= "Connection: Close\r\n\r\n";
printf("Sending request: %s" . PHP_EOL, $sWrite);
fwrite($fh, $sWrite);
while (!feof($fh))
{
$sResult .= fread($fh, 128);
}
printf("Response received: %s" . PHP_EOL, $sResult);
list($header, $body) = explode("\r\n\r\n", $sResult);
$aHeaders = explode("\r\n", $header); // optional, can scanf off of the regular string
sscanf($aHeaders[0], 'HTTP/1.1 %d %s', $code, $httpStatus);
if ($code == 200)
{
// Now, this is what I'm not sure about. The status you have in the directories match this, but I'm not sure why it differs from the file_get_content.
$aBody = explode("\n", $body);
$sStatus = isset($aBody[1]) ? $aBody[1] : '00';
}
fclose($fh);
}
else
{
printf("Failed to connect: %s (%d)" . PHP_EOL, $errstr, $errno);
}
$file = './icon/'.$sStatus.'/'.$_GET['img'].'.gif'; // This $_GET['img'] isn't really the most secure. Perhaps a switch validation should be used.
if(is_file($file))
{
// header("Content-type: image/gif");
// readfile($file);
}
}
What's the output from that? Drag it up from the resulting HTML source since it has linefeeds to format it.
__________________
As of PHP 5.5, the MySQL library has been officially deprecated. It is recommended to move to either MySQLi or PDO libraries for your mysql connectivity. See here for help choosing which interface you prefer: http://php.net/manual/en/mysqlinfo.api.choosing.php
I replaced above code with the previous one in status.php but still not working
The page source for ~/status.php is only number 1
Did you give it the querystring for the id and img as well?
I'm not sure where the 1 is coming from though. The only output we have is textual.
Edit:
BTW, give it a valid id. You can remove it from the source that you post back, it'll be in the part that we're sending to the server.
__________________
As of PHP 5.5, the MySQL library has been officially deprecated. It is recommended to move to either MySQLi or PDO libraries for your mysql connectivity. See here for help choosing which interface you prefer: http://php.net/manual/en/mysqlinfo.api.choosing.php
Before you post, read our: 
