Hi, I'm maintaining a script, and want to add a CallBack home function, to know which domains are using the script!

Can someone help me on this one!

All i need is the script to show me the domain where the call is comming from!

Thanks in Advance!

Do you mean $_SERVER['HTTP_REFERER'] ? you could get the domain which the user came to this page from from this variable, however this is not perfect, it can be spoofed and hidden quite easily.

I think i was not clear enough!
The Call Back function will be in the Script (Users Website) and when someone visits it, the script "calls" my server, and then a script in my server logs down the domain from which it was called!

unless the files are first encoded, then anyone with an understanding of the language would be able to audit the code and remove the function if they didn't want it occurring, or in some case were using your code without paying for it etc.

Don't worry, I know it has to be coded... i just need the function, then i BASE64 it...

Can someone find me that function or not?

I wasn't referencing base64 encoding as that can be quickly decoded by anyone familiar enough to pick out what base64 looks like and I don't believe you can base64 encode a chunk of the source code inside a php file without doing something obscure to it like passing it through an eval statement or such.

I was referencing something like Zend Guard or ionCube PHP encoder.

As far as your function:

<?php

function call()
{
	if( ini_get( 'allow_url_fopen' ) == '1' )
	{
		$response = file_get_contents( 'http://yourdomain.com/answer.php' );
		
		if( $response != 'TRUE' )
		{
			//Cause some catastrophic death?
			exit();
		}
	}
	else
	{
		//Maybe implement a curl fail over if the curl extension is installed.
		//But allow_url_fopen *SHOULD* be enabled by default;
	}
}

answer.php

<?php

	//Something to log $_SERVER variables as necessary.
	//maybe referrer or maybe we are validating a key passed as a GET variable?
	
	//if we're happy return true
	echo 'TRUE';

Now if you were to use curl, you could actually have curl post an almost infinite amount of information to your server and then verify or log it etc.

This is very basic and untested but you should be able to grasp the general concept. If you wanted to get more advanced you could post xml and return xml or JSON etc.

This article has been dead for over six months. Start a new discussion instead.