API check username and password

Questions regarding the API
Application Programming Interface
Makke007
Posts: 2
Joined: Tue Feb 21, 2017 12:49 am

API check username and password

Postby Makke007 » Fri Mar 24, 2017 9:09 pm

Hi,

I want to use the API to check username and password, but it doesn't work.
Everytime he pass the check, I'll get 'OK: User can login'. It doesn't matter what value $username or $password contains.
I've only a problem with this one, other API scripts works good.

Code: Select all

<?php
// Server credentials
$vst_hostname = 'server.vestacp.com';
$vst_username = 'admin';
$vst_password = 'p4ssw0rd';
$vst_command = 'v-check-user-password';
$vst_returncode = 'yes';

// Account
$username = 'demo';
$password = 'demopassword';

// Prepare POST query
$postvars = array(
    'user' => $vst_username,
    'password' => $vst_password,
    'cmd' => $vst_command,
    'arg1' => $username,
    'arg2' => $password
);
$postdata = http_build_query($postvars);

// Send POST query via cURL
$postdata = http_build_query($postvars);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, 'https://' . $vst_hostname . ':8083/api/');
curl_setopt($curl, CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata);
$answer = curl_exec($curl);

// Check result
if($answer == 0) {
    echo "OK: User can login\n";
} else {
    echo "Error: Username or password is incorrect\n";
}

?>


Thanks.

BBuchanan1013
Posts: 139
Joined: Thu Jan 07, 2016 12:01 am

Re: API check username and password

Postby BBuchanan1013 » Fri May 26, 2017 2:39 am

Makke007 wrote:Hi,

I want to use the API to check username and password, but it doesn't work.
Everytime he pass the check, I'll get 'OK: User can login'. It doesn't matter what value $username or $password contains.
I've only a problem with this one, other API scripts works good.

Code: Select all

<?php
// Server credentials
$vst_hostname = 'server.vestacp.com';
$vst_username = 'admin';
$vst_password = 'p4ssw0rd';
$vst_command = 'v-check-user-password';
$vst_returncode = 'yes';

// Account
$username = 'demo';
$password = 'demopassword';

// Prepare POST query
$postvars = array(
    'user' => $vst_username,
    'password' => $vst_password,
    'cmd' => $vst_command,
    'arg1' => $username,
    'arg2' => $password
);
$postdata = http_build_query($postvars);

// Send POST query via cURL
$postdata = http_build_query($postvars);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, 'https://' . $vst_hostname . ':8083/api/');
curl_setopt($curl, CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata);
$answer = curl_exec($curl);

// Check result
if($answer == 0) {
    echo "OK: User can login\n";
} else {
    echo "Error: Username or password is incorrect\n";
}

?>


Thanks.


Have you tried:

Code: Select all

$vst_returncode = '';

Maybe set a check for this to ensure it's actually correct instead of assuming it is. No offense.


Return to “Scripting / API”



Who is online

Users browsing this forum: No registered users and 2 guests