Jump to content

Help With Rest Api

DalbirSingh

By DalbirSingh,
in POLITICS | LIFESTYLE

 Share

Recommended Posts

DalbirSingh

DalbirSingh

Posted
Posted

I have been working on a firefox toolbar which is an anti-phishing URL detector as per my previous post here

http://forums.mozillazine.org/viewtopic.php?f=19&t=1490965

I want to now use the database that is here http://www.phishtank.com/developer_info.php

with my program, now I am confused I have found out it uses the REST protocol which does 4 things GET POST ... etc. which is a webservice and is supposed to be easier to SOAP, I think with soap you need to setup a webserver like glass fish or apache and edit that using axis set up programs and very long long thing to do, is REST really easy?

found this half useful tutorial http://www.peej.co.uk/articles/rich-user-experience.html and explaination video http://www.youtube.com/watch?v=L21y39nry8I

He said that once you get the XML document you just use cURL and XMLSImple, I know it will have to use AJAX to get my document.

But I have no idea how to structure this, the small segment of code needs to use ajax to take my variable URL (which might be google.com) send it through

to phishtank database, get a response in XML format or something that is decodable, and get its status so if it says its safe or phishing, if it says its safe thats Ok my code

proceeds webpage loads if not its blocked, im ok with this latter part, its just getting the information using AJAX and PHP on a browser end, does anyone have any sample code

.php, .js .html files which get something similar or could someone suggest how I could do it?

0
Link to comment
Share on other sites
Balait_da_Sher Grand Master

Balait_da_Sher

Posted
Posted

hmm have not looked at the api that your phishing database provider provides but as far as the example you provided for ajax is concerned i would advice using jquery's get method.It should make things a lot easier while most likely doing an XMLHttpRequest inthe background.

You are no longer restricted to returning xml document to your js function and then having to parse the xml. You can return json and use them in js code in a more structured way.

http://www.json.org/

-----

Having re-read your post, looks like you are going to host the phishing database and just want to query it using ajax? Then i will again suggest jquery or you may use something like jrock. Just return a json object returning your boolean result and you can use that in js.

if(result.UrlOK)

{

// url is ok.

}

0
Link to comment
Share on other sites
DalbirSingh

DalbirSingh

Posted
  • Author
Posted

Here is the code of my firefox toolbar so far

const URLCHK = "http://www.student.city.ac.uk/~abch543/disso/getUrl.php?param="; 
const REDIRECT = "chrome://antiphishing/content/phishing.html";

// antiphishing = {
 onLoad: function() {
   // initialization code
   this.initialized = true;
 },

 onMenuItemCommand: function() {
   window.open("chrome://antiphishing/content/hello.xul", "", "chrome");
 }
};

window.addEventListener("load", function(e) { antiphishing.onLoad(e); }, false); 
////new code to sniff page change Progress Listeners from Mozilla Development Centre

// myExt_urlBarListener = {
 QueryInterface: function(aIID)
 {
  if (aIID.equals(Components.interfaces.nsIWebProgressListener) ||
  	aIID.equals(Components.interfaces.nsISupportsWeakReference) ||
  	aIID.equals(Components.interfaces.nsISupports))
	return this;
  throw Components.results.NS_NOINTERFACE;
 },

 onLocationChange: function(aProgress, aRequest, aURI)
 {
   myExtension.processNewURL(aURI);
 },

 onStateChange: function(a, b, c, d) {},
 onProgressChange: function(a, b, c, d, e, f) {},
 onStatusChange: function(a, b, c, d) {},
 onSecurityChange: function(a, b, c) {}
};

// myExtension = {
 oldURL: null,

 init: function() {
   // Listen for webpage loads
   gBrowser.addProgressListener(myExt_urlBarListener,
       Components.interfaces.nsIWebProgress.NOTIFY_LOCATION);
 },

 uninit: function() {
   gBrowser.removeProgressListener(myExt_urlBarListener);
 },

 processNewURL: function(aURI) {
   if (aURI.spec == this.oldURL)
     return;
 	this.MakeMyRequest(aURI);	//this is calling the function which is displaying an alert box everytime i go to a new page needs to be changed for my lookupblocked function
 this.oldURL = aURI.spec;
 },



MakeMyRequest: function(zxurl)
 	{
	// url = zxurl.host;
	// url1 = url.replace(new RegExp(/^www\./i),"");//removes www
	// url2 = url1.replace(new RegExp(/\/$/),"");//removes leading forward slashes
	// now i need to strip off following directories and subdomains
	//alert(url2);

       // oRequest = new XMLHttpRequest();
	// urlS= URLCHK + escape(url2);

	oRequest.open("GET", urlS, true);
	//this section of code is being called fault is below somewhere
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	oRequest.onreadystatechange = function(){
									//this function is being called
									if (oRequest.readyState == 4) {  	
								    	// textout = oRequest.responseText;
										//results is outputing a value of nothing being shown something has gone wrong here
									if (textout=="false")
										{
										gBrowser.loadURI(REDIRECT);
										}
									else{ 	
										}
																						}
						}
       oRequest.send(null);
 },
 ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////









};
window.addEventListener("load", function() {myExtension.init()}, false);
window.addEventListener("unload", function() {myExtension.uninit()}, false);

Now I want to also get my application to query into Phishtank checkers database aswell, I am not exactly sure if this is the code I need to look at but its here;

/*
PhishTank SiteChecker
Written by MASA
Mail: allyourbasearebelongtous.com@gmail.com
Website: http://gamespotting.net/

Please see the license for more info on what you can and can't do with this code.
*/
//startup vars



// safePrefs1 = Components.classes["@mozilla.org/preferences-service;1"].getService(Components.interfaces.nsIPrefService).getBranch("security.");
// phishtankPrefs = Components.classes["@mozilla.org/preferences-service;1"].getService(Components.interfaces.nsIPrefService).getBranch("extensions.phishtank."); 
// homepagePref = Components.classes["@mozilla.org/preferences-service;1"].getService(Components.interfaces.nsIPrefService).getBranch("browser.startup."); 

function pterror(e) {
 // consoleService = Components.classes["@mozilla.org/consoleservice;1"].getService(Components.interfaces.nsIConsoleService);
 consoleService.logStringMessage(e);
}
// phishtank = {	
startup: function(){

//when the tab is changed
// cont = document.getElementById("content");
cont.tabContainer.addEventListener("select",  function() { phishtank.refreshInformation(); 	}, true);
//on page load
document.addEventListener("load", function() { phishtank.refreshInformation(); 	}, true); phishtank.refreshInformation();
}, 
//this is the fetching stuff
refreshInformation: function()
{

if(phishtankPrefs.getBoolPref("firsttime") == true)
{
	window.content.location = "http://phishtanksitechecker.com/installed.php";
	phishtankPrefs.setBoolPref("firsttime",false);

}
// httpRequest = null;	
//this gets the url
// theurl=getBrowser().currentURI.spec;
//this is the misc extension objects
// thestatusbar = document.getElementById('phishtank');
// phishstatusbar = document.getElementById('phishtanktext');
	// stringsBundle = document.getElementById("string-bundle");
// tooltipstuff = document.getElementById("phishtank_tooltip_info");
//disabled pref string	
// blockoff = phishtankPrefs.getBoolPref("disabled");
//no error
phishtankPrefs.setBoolPref("error",false);
//icon pref string
// iconpref = phishtankPrefs.getBoolPref("fishy");
//this is the icon
// phishstatusicon = document.getElementById('phishtankicon');
//this is for the fishy icon. We check the prefs to see if it is on.
if(iconpref == true)
	phishstatusicon.hidden = false;
else
           phishstatusicon.hidden = true;
       //this is the pref that contains the status bar hiding
// staton = phishtankPrefs.getBoolPref("hidestatusbar");	
// homepage = homepagePref.getCharPref("homepage");
if(staton == true)
               thestatusbar.hidden = true;
else
	thestatusbar.hidden = false;

//check if the extension is disabled or not
if(blockoff != true && theurl != "chrome://phishtank/content/phishview.xul")
	phishstatusicon.src="chrome://phishtank/content/fish.png";
if(blockoff == true && theurl != "chrome://phishtank/content/phishview.xul")
{
	phishstatusicon.src="chrome://phishtank/content/fishdisabled.png";
	// disabledword = stringsBundle.getString('disabledString');
	phishstatusbar.value = disabledword;
	tooltipstuff.value = disabledword;
}
//for some reason I have a feeling it would be better to place this here
phishtankPrefs.setBoolPref("notdata",true);
  		// protoman =getBrowser().currentURI.scheme;
// thefin = btoa(theurl);
if(theurl == "chrome://phishtank/content/phishblock.xul" || theurl == "chrome://phishtank/content/phishview.xul")
{
	// isphish = stringsBundle.getString('phishString');
	phishstatusbar.value = isphish;
	// isphishexplained = stringsBundle.getString('phishexpainedString');                                		tooltipstuff.value = isphishexplained;
	if(theurl == "chrome://phishtank/content/phishview.xul")
	{
		getBrowser().docShell.allowAuth = false;
  				getBrowser().docShell.allowPlugins = false;
	}
	if(theurl == "chrome://phishtank/content/phishblock.xul")
	{
		getBrowser().docShell.allowAuth = true;
		getBrowser().docShell.allowPlugins = true;
	}		
}
else
{
	//it wouldn't work anywhere else
	getBrowser().docShell.allowAuth = true;
	getBrowser().docShell.allowPlugins = true;
	SendPhishdata(thefin, protoman);
}

//global function that deals with our http requests
//calls the server to ask if site is safe
function SendPhishdata(url,protoguy)
{
if(blockoff == true)
{
	//sitechecker is disabled
}
else
{
       if(window.navigator.onLine)
       {
		if(protoguy != "http" && protoguy != "ftp" && protoguy != "https")
		{
			if(theurl == "chrome://phishtank/content/phishblock.xul" || theurl == "chrome://phishtank/content/phishview.xul")
			{
				// isphish = stringsBundle.getString('phishString');
				phishstatusbar.value = isphish;
				// isphishexplained = stringsBundle.getString('phishexpainedString');                                   	
				tooltipstuff.value = isphishexplained;
			}	
		}
		else
		{
              		httpRequest = new XMLHttpRequest();
			//new version trys the post idea.
			// fullUrl = "http://checkurl.phishtank.com/checkurl/";
			httpRequest.open("POST", fullUrl, true);
			httpRequest.onload = phishDataReceived;
			httpRequest.onerror = Errord;
			try
			{
				httpRequest.setRequestHeader('Using','PhishTankSiteChecker(fX)');
				httpRequest.setRequestHeader('Content-Type','application/x-www-form-urlencoded');
				httpRequest.send("url="+url);
			} 
			catch(e) 
			{
				pterror(e); 
			}
		}
	}
	else
	{
    	// offlinemsg="You are not online!";
    	pterror(offlinemsg);
	}
}

}
	function Errord()
	{
			phishtankPrefs.setBoolPref("error",true);
                        		// iserror = stringsBundle.getString('errorString');
                        		// iserrorexplained = stringsBundle.getString('errorexplainedString');
			phishstatusbar.value = iserror;
			tooltipstuff.value = iserrorexplained;
			// readystate = httpRequest.readyState;
			// PTOS = navigator.platform;
			// online = window.navigator.onLine;
			// errormessage = "CDE: CheckURL Site ERROR |"+readystate+"|"+online+"|"+PTOS+" on website:\n "+theurl; 
			pterror(errormessage);
	}	

	function blockPhish(output,selectedbrowser)
	{
		// theurlsav = output.getElementsByTagName('url').item(0).firstChild.data;
		//this get's the detail page for the phish site
                       // detailpage = output.getElementsByTagName('phish_id').item(0).firstChild.data;
                       //status bar says it's a phishing site
		//but first we get the info in the user's language
		// isphish = stringsBundle.getString('phishString');
		phishstatusbar.value = isphish;
		// isphishexplained = stringsBundle.getString('phishexpainedString');                                			tooltipstuff.value = isphishexplained;
		//save the url and details for the block
		goon(''+theurlsav+'');
		tankpage(''+detailpage+'');
		//we load our blocked phishing page only when disabled is false
		if(selectedbrowser == null)
                         loadURI('chrome://phishtank/content/phishblock.xul',null,null);
		else
	  	selectedbrowser.loadURI('chrome://phishtank/content/phishblock.xul',null,null);
	}
	function phishDataReceived()
	{
		// output = httpRequest.responseXML;
		//if the status is not availble.
		// indatabase = output.getElementsByTagName('in_database').item(0);
		if(indatabase)
		{
			// notexsist = indatabase.firstChild.data;
			if(notexsist == "false" && phishtankPrefs.getBoolPref("notdata") != false)
			{
				phishtankPrefs.setBoolPref("notdata",true);

			}

		}
		if(!output || httpRequest.status != "200")
		{
			phishtankPrefs.setBoolPref("error",true);
                        		// iserror = stringsBundle.getString('errorString');
                        		// iserrorexplained = stringsBundle.getString('errorexplainedString');
			phishstatusbar.value = iserror;
			tooltipstuff.value = iserrorexplained;


		}
		if(output && theurl != "http://www.phishtank.com" && theurl !="chrome://phishtank/content/phishblock.xul" && blockoff != true && theurl != "chrome://phishtank/content/phishview.xul")
		{
			//this is "is real" not "isreal"
			try
			{
				// isreal2 = output.getElementsByTagName('valid').item(0);
			}
			catch(e)
			{
				// errormessage = "Warning! There was a problem validating the PT feed! OS: "+navigator.platform+" Details: "+e;
				pterror(errormessage);

			}
			//we put this check because without it, the error console would be full of errors.
			if(isreal2)
			{
				// isitphish = isreal2.firstChild.data;
				// theurlsav = output.getElementsByTagName('url').item(0).firstChild.data;
                                       if(isitphish == "true" && getBrowser().mCurrentBrowser.currentURI.spec.match(theurlsav) != null)
					blockPhish(output);						

				else if(isitphish == "true")
				{
				// num = gBrowser.browsers.length;
				for (// i = 0; i < num; i++) 
				{
 					// b = gBrowser.getBrowserAtIndex(i);
				     try 
				{
					if(b.currentURI.spec == theurlsav)
					{
						blockPhish(output,b);
					}
 					}
			     catch(e) 
				{
   						Components.utils.reportError(e);
			  	}
				}
				}

			}
			else
			{
                                    		//the site is safe and the status bar says so
					//but! first we get the info in the user's language
					// issafe = stringsBundle.getString('safeString');
					phishstatusbar.value = issafe;
					// issafeexplained = stringsBundle.getString('safeexplainedString');
					tooltipstuff.value = issafeexplained;
			}

			/*
			this is if the site in the database is missing a slash at the end (always possible)
			the following will check it too
			This is the Blood hound feature.
			*/

			if(indatabase)
			{
				//check if bloodhound has run already.
				//bloodhound has that one pref before that sets it to true when a tab changes or a page loads
				// check = phishtankPrefs.getBoolPref("notdata");
				// databaseno = indatabase.firstChild.data;
				if(databaseno == "false" && check == true)
				{
					// urllength = theurl.length;
					// number = urllength-1;
					// whatsmissin = theurl.charAt(number);
                                               if(whatsmissin == "/")
						// test9 = theurl.slice(0,number);
					else
						// test9 = theurl+"/";
					if(check == true)
					{
						// thefixedfin = btoa(test9);
						SendPhishdata(thefixedfin, "http:");
						//so we don't run BloodHound again until the page changes again.
						phishtankPrefs.setBoolPref("notdata",false);							

					}
				}

			}
		}
//closes recieve code		
	}
//closes all data funtion
}
//closes //
}
window.addEventListener("load", function(e) { phishtank.startup(); }, false);

//set our prefs for the block page
function goon(aurl)
{
//this saves this so we can later referance the phish url
phishtankPrefs.setCharPref("urlgoon",aurl);   	
}
function tankpage(theurl)
{
//the phishtank detail page
phishtankPrefs.setCharPref("detailpage",theurl);
}

my php document is


<?php
/**
* Connects to the database.
* Return false if connection failed.
* Be sure to change the $database_name. $database_username , and 
* $database_password values  to reflect your database settings.
*/

//function to start database connection			

function db_connect() {
//name of the mysql database
 $database_name = 'xxxxxxxxx'; 
//username for mysql database
$database_username = 'xxxxxxx'; 
//password for mysql database
 $database_password = 'xxxxxxxx'; 
 //result is equated to  persistent connection with mysql database
 $result = mysql_pconnect('localhost',$database_username, $database_password); 
 //if not connected return false
 if (!$result) return false;
//if not connected to the database specifed retrun false 
if (!mysql_select_db($database_name)) return false;
//return the connection
return $result;
}


$conn = db_connect(); // Connect to database
if ($conn) {
 $url = $_GET['param']; // The parameter passed to us
 $query = "select url from url where url = '$url'";
 $result = mysql_query($query,$conn);
 $count = mysql_num_rows($result); //  asigned the number of rows which are obtained by the query as count. function returns the number of rows in a recordset.

 if ($count > 0) {				//this section of code is executed if there is more then 1 row obtained, so if the URL is present in my search
   $present = "true";
 }
 else{
 $present = "false";
}
}
if (isset($present)) { 
 $return_value = $present; 
}
else {  
 $return_value = "invalid".",".$_GET['param']; // Include Zip for debugging purposes
}
echo $return_value; // This will become the response value for the XMLHttpRequest object
?>

My progress listner is ok, So I would be looking to combine the ajax also into looking into phishtank, would this be called a webservice?

I found this on phishtanks website http://www.phishtank...ndividual-urls/

The test they outline is converting the existing URL into base64 which I played about using http://www.motobit.c...der-encoder.asp

and I sent some through to get a XML document back which just said not in database, I don't quite understand the usefullness or harnessing that

Perhaps the php document could contain its own request to ajax and search the phishtank database.

0
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing
  • advertisement_alt
  • advertisement_alt
  • advertisement_alt


  • Topics

  • Posts

    • Singh1989
      why dasam granth bani is not included in guru granth sahib

      By Singh1989 · Posted

      Definitely the Guru Sahibs would be a heavier Scriptures to handle. Dasam Granth is more towards Bir Rass, Guru Gobind Singh showed his Greatness (of course, they would never say this) by separating his own Baania.  And the BIGGEST test of all?? Do we try and read Dasam Granth, Understand n show respect like we do to SGGS? Or... Do we QUESTION it? Guru Gobind Singh Ji is testing us. 
    • v.singh
      Mri Scan And Kakaars

      By v.singh · Posted

      My wife will be going for an MRI scan next week but her Kara won’t physically come off.  Is there any way the mri scan can be done with the Kara still on?  The alternative is we will have to try to saw it off before the scan.  
    • ipledgeblue
      Correct Direction - Parkamaya

      By ipledgeblue · Posted

      was researching this and came back to this thread. Also found an older thread:    
    • BhForce
      Dasvandh

      By BhForce · Posted

      Net pay after taxes. If you don't agree, think about this: If you were a trader and started off in China with silk that cost 100 rupees and came to India, and you had to pay total 800 rupees taxes at every small kingdom along the way, and then sold your goods for 1000 rupees, you'd have 100 rupees left, right? If your daswandh is on the gross, that's 100 rupees, meaning you have nothing left. Obviously, you owe only 10% of 100, not 10% of 1000. No, it's 10% before bills and other expenses. These expenses are not your expenses to earn money. They are consumption. If you are a business owner, you take out all expenses, including rent, shop electricity, cost of goods sold, advertising, and government taxes. Whatever is left is your profit and you owe 10% of that.  If you are an employee, you are also entitled to deduct the cost of earning money. That would be government taxes. Everything else is consumption.    
    • BhForce
      Gurbani Paath is NOT enough

      By BhForce · Posted

      No, bro, it's simply not true that no one talks about Simran. Where did you hear that? Swingdon? The entire Sikh world talks about doing Simran, whether it's Maskeen ji, Giani Pinderpal Singh, Giani Kulwant Singh Jawaddi, or Sants. So what are you talking about? Agreed. Agreed. Well, if every bani were exactly the same, then why would Guru ji even write anything after writing Japji Sahib? We should all enjoy all the banis. No, Gurbani tells you to do Simran, but it's not just "the manual". Gurbani itself also has cleansing powers. I'm not saying not to do Simran. Do it. But Gurbani is not merely "the manual". Reading and singing Gurbani is spiritually helpful: ਪ੍ਰਭ ਬਾਣੀ ਸਬਦੁ ਸੁਭਾਖਿਆ ॥  ਗਾਵਹੁ ਸੁਣਹੁ ਪੜਹੁ ਨਿਤ ਭਾਈ ਗੁਰ ਪੂਰੈ ਤੂ ਰਾਖਿਆ ॥ ਰਹਾਉ ॥ The Lord's Bani and the words are the best utterances. Ever sing hear and recite them, O brother and the Perfect Guru shall save thee. Pause. p611 Here Guru ji shows the importance of both Bani and Naam: ਆਇਓ ਸੁਨਨ ਪੜਨ ਕਉ ਬਾਣੀ ॥ ਨਾਮੁ ਵਿਸਾਰਿ ਲਗਹਿ ਅਨ ਲਾਲਚਿ ਬਿਰਥਾ ਜਨਮੁ ਪਰਾਣੀ ॥੧॥ ਰਹਾਉ ॥ The mortal has come to hear and utter Bani. Forgetting the Name thou attached thyself to other desires. Vain is thy life, O mortal. Pause. p1219 Are there any house manuals that say to read and sing the house manual?
×
×
  • Create New...

Important Information

Terms of Use

  I accept