Wednesday, November 9, 2016

Laravel in Shared Hosting - Complete Guide

Once you done with development in your local you might move the code to your hosting.
If it is shared hosting your entire laravel behaves differently than what you see in your local development machine.

Problems with Modifying .htaccess and removing public from URL
Simply because of the Security issues. Do you want to know how how many websites are vulnurable and Credentials are public?

https://www.google.com/search?q=intext%3ADB_PASSWORD+ext%3Aenv&gws_rd=ssl

Don't be part of it. Protect your .env file by maintaining the existing laravel 5.3 folder structure.

Removing /public from Laravel 5.3

First question is why you want to remove. Laravel works very well with its existing structure. Do not follow any techniques to remove the .htacess and server.php file (Server.php is not available in laravel 5.3)

All you need to do is modify the document root in your Shared hosting.

I use cPanel for this tutorial.



But if you already created a domain, you can modify its document root path easily.


Edit the Subdomain or Addon domain you need.



Add /public to the end of the URL to support Laravel existing folder structure

Now try to access your .env file it is not accessible for public.

Happy Laravel Coding.

Read more…

Saturday, October 15, 2016

Facebook Accountkit Login using Mobile SMS - Javascript

Facebook's latest AccountKit is a notable feature. It allows you to integrate it on your website, so that you don't need to worry about login using mobile feature, they will handle the Authentication for you.

To put in simple words, Login using Mobile. Enter SMS code. User Verified.

How to integrate AccountKit in your website

Step 1: Get the App ID, and Token from the Facebook Developer portal.

( We are Going to discuss the integration for Web only [Not Android nor iOS] )

AccountKit App Secret and APP ID Created. Here is how to see them.


Step 2: You can follow the simple introductions at this page or download the sample code I developed to start with.

Basically three things needed.

First

<!-- HTTPS required. HTTP will give a 403 forbidden response -->
<script src="https://sdk.accountkit.com/en_US/sdk.js"></script>

Second

Enter country code (e.g. +1):
<input type="text" id="country_code" />
Enter phone number without spaces (e.g. 444555666):
<input type="text" id="phone_num"/>
<button onclick="phone_btn_onclick();">Login via SMS</button>
Enter email address
<input type="text" id="email"/>
<button onclick="email_btn_onclick();">Login via Email</button>

Third

<script>
  // initialize Account Kit with CSRF protection
  AccountKit_OnInteractive = function(){
    AccountKit.init(
      {
        appId:{{FACEBOOK_APP_ID}}, 
        state:"{{csrf}}", 
        version:"{{ACCOUNT_KIT_API_VERSION}}"
      }
    );
  };

  // login callback
  function loginCallback(response) {
    console.log(response);
    if (response.status === "PARTIALLY_AUTHENTICATED") {
      document.getElementById("code").value = response.code;
      document.getElementById("csrf_nonce").value = response.state;
      document.getElementById("my_form").submit();
    }
    else if (response.status === "NOT_AUTHENTICATED") {
      // handle authentication failure
    }
    else if (response.status === "BAD_PARAMS") {
      // handle bad parameters
    }
  }

  // phone form submission handler
  function phone_btn_onclick() {
    var country_code = document.getElementById("country_code").value;
    var ph_num = document.getElementById("phone_num").value;
    AccountKit.login('PHONE', 
      {countryCode: country_code, phoneNumber: ph_num}, // will use default values if this is not specified
      loginCallback);
  }


  // email form submission handler
  function email_btn_onclick() {
    var email_address = document.getElementById("email").value;

    AccountKit.login('EMAIL', {emailAddress: email_address}, loginCallback);
  }

</script>

In My Sample code / Above code you basically need to change

{{csrf}} - ANY Alphanumeric characters. eg: 322323nn2j32jn32jn3
{{ACCOUNT_KIT_API_VERSION}} : v1.0 

You can find the version of accountkit in the above screenshot with APP ID.

The Above Code has two functionalities.

  • Login using SMS
  • Login using Email 


You can remove the login using email button and the function email_btn_onclick()  if not needed. We are focusing on Login using SMS in this Article.

If You run the above code you might experience couple of issues.

1)  Status : BAD_PARAMS
Bad Params error with Account kit.

To see the more details about the error, enable the debug mode as shown in the picture below. debug:true

Debug Mode True for Account kit to see more error info
Now you should see the following if you reexecute the code after a refresh.

2)  Status : NOT_AUTHENTICATED

Not Authenticated Error when debug mode is turned on


If you still getting BAD_PARAMS error, you need to Upload the AccountKit code in your website and add the URL in to the box as shown below.

Add the Website URL where this AccountKit Code is used.
If you are getting this following error, it means the Facebook App configuration is wrong.

{
    error: {
        message: "Error verifying the token in the 'access_token'",
        type: "OAuthException",
        code: 190,
        fbtrace_id: "GNhScPPp22t"
    }
}

To Fix this:
Open your App in facebook developers console.


Enable the Above settings.

Please Note: There is different App Secret if you are using AccountKit. (Correct App Secret is shown below)






Whitelist the URLs from where you are accessing (as shown below)




Hope you received a Authorization Code as shown below



See the {code:.....}
Code is Authorization code, which you need to send to facebook along with APPID and APP Secret to get the AccessToken.

<?php
 $ch = curl_init();
  // Set url elements
  $fb_app_id = '1777284542513521';
  $ak_secret = '0d0be3327a004c29334488cc5c45ffe9';
  $token = 'AA|'.$fb_app_id.'|'.$ak_secret;
  $code = "AQBCk7Fr9RN0st1bvAQIdm8v4OH2phrjn__J2fF0QAtIMAB3stLioGh1XrEV3jqych842LlJkHzJkzTZ3zlLZYZaqJ3UX-piWJEqGeF_4JnhQwVVRp38zzeLRn0cLKgMy1WH6CO0KLnsUCWsHNL4SGEEfSRIoZ6QqoDXcYAVowWlfrKLPw-HMjJwi7d8BorNwpxwg9LVWWcmu5p69xGI3-MZhHEFnAsrT1wWCQw4T9YWhWdP3ubtpHsR0XpOChJfI3Xf_TRYVoLd3K_3JQ3knRiT";
  // Get access token
  $url = 'https://graph.accountkit.com/v1.0/access_token?grant_type=authorization_code&code='.$code.'&access_token='.$token;
  $ch = curl_init();
  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  curl_setopt($ch, CURLOPT_URL,$url);
  $result=curl_exec($ch);
  curl_close($ch);
  $info = json_decode($result);

print_r($info);

?>

Now you should see the following Output



You successfully received the Access Token


Possible errors here 

stdClass Object
(
    [error] => stdClass Object
        (
            [message] => This authorization code has expired.
            [type] => OAuthException
            [code] => 100
            [fbtrace_id] => BDBlNw9ptK6
        )

)
This means the Authorization Code has expired, you need to regerate new Authorization Code with Above SMS verification process. (Enter Phone, Verify SMS and so..)


Now to retrieve the details of this user

<?php
$access_token = "EMAWdkiDW3MPrLKKAF5Lc0IeXP2qFp4OoZBEwAHgrOavmRl2XgiCMuYySr3cZD";
$app_secret      = "0d0bXXXXXXXXXXXXXc5c45ffe9";
// Get account information
$appsecret_proof = hash_hmac('sha256', $access_token, $app_secret);

$url = 'https://graph.accountkit.com/v1.0/me/?access_token=' . $access_token . 
'&appsecret_proof=' . $appsecret_proof;

echo $url; //View this URL you will get the Following data

?>



Hope, Now it is working.
If you are still facing any issues, comment here, I will help you.

Read more…

Sunday, May 8, 2016

Magento2 Simple Hello World Extension helloworld.zip

Magento2 comes up with little changes as shown in following picture.

Magento 1 to 1.9 vs Magento2 differences.
Source: venustheme.com

From the tutorial here I have created a HelloWorld magento2 Module.

Everytime you develop an app, you can use this app as template or a starter app.

How to install this Sample Starter App in your machine

I am using Ubuntu with magento2. PHP 5.9 and all modules required during Magento2 Install.

Download Magento2 the Sample Extension

If you have the magento2 installed here /var/www/html/magento2

Then copy the extracted file into
/var/www/html/magento2/app/code




Make sure the /var/www/html/magento2/var directory has 777 Permission.

sudo chmod 777 -R /var/www/html/magento2/var

To Install the Magento2 Helloworld Extension run the following command in terminal

sudo php bin/magento setup:upgrade

OR

you can manually to it. Open /var/www/html/magento2/app/etc/config.php

Add 'Ras_HelloWorld' => 1,  line at the end.



Now Point your browser to this URL http://localhost/magento2/helloworld/index/index

Read the tutorial here

To Disable a Plugin

sudo php bin/magento module:disable -c -f Ras_HelloWord

Read more…

Monday, April 25, 2016

How to use PHP SoapClient TLS Request - Advanced Tutorial

Basics
To start with PHPSoap you need a WSDL (Web Service Definition Language) file. Its an XML file looks like following.

WSDL XML File Sample Structure
Unlike REST api, SOAP uses XML file structure.

This article will focus on

  1. How to start with PHP SoapClient
  2. Using SoapUI
  3. Sending First SOAP request
  4. Sending TLS Request with PHP SoapClient

1. Using SoapUI

(Consider You are Developer and you have a Hosting A and you are trying to integrate a ThirdParty Service)

WSDL file (created by ThirdParty) should always be hosted in a publicly accessible URL. Some time WSDL file will be splitted into two, one is hosted locally (Hosting A) and another one will be kept with ThirdParty Service.

For this example I used the WSDL file from here. (Thanks TutorialsPoint)

I hosted it here for your convenience http://code.educationgovt.com/wsdl/sample.wsdl

Step 1: Install SoapUI and Open it.
Step 2: Click File -> New Soap Project   or Ctrl+N. When you click ok, it will load the file.
New SoapUI Project
Step 3: See the Projects Pane. The Requests in the WSDL file are listed here. Right click, Double click and see the available options. It will clear most of your basic Doubts.

Step 4: Double click on Request 1 it will open the Request Pane. It has two sections as shown below. Request and Response (Right Column).

SoapUI Sending Request and Process the Response
Step 5: Click the Green Play button in the top of Request window. It says "Submit request to specific endpoint URL".
You should see the response in the Right column. In this Example, you should see a 404 page .

In the Production WSDL definitions file, this Request pane will create a Request for you.

Soap Request with paramets

<firstName xsi:type="xsd:string">?</firstName>

SoapUI will put ?  for the parameters you need to pass.
Here firstName is expecting a String.

It can be any complex WSDL definition, you just open the SoapUI and Do above, you will see the Request and Variables you need to pass.

I hope i covered a basic understanding you need to start with Soap.

Example 2: use http://www.webservicex.net/globalweather.asmx?WSDL


Simple Soap Response Successful 


2. How to start with PHP SoapClient

PHP Provides a SoapClient class to do the above through php code.

<?php 

//Create the client object
$soapclient = new SoapClient('http://www.webservicex.net/globalweather.asmx?WSDL');

//Use the functions of the client, the params of the function are in 
$params = array('CountryName' => 'India');
$response = $soapclient->GetCitiesByCountry($params);
print_r($response);

If you cannot see complete response, View Source in browser or var_dump

You can do the above in many ways.

<?php 

//Create the client object
$soapclient = new SoapClient('http://www.webservicex.net/globalweather.asmx?WSDL');

//Use the functions of the client, the params of the function are in 
$params = array('CountryName' => 'India');
$response = $soapclient->__soapCall('GetCitiesByCountry', array($params));
print_r($response);

Produces the same above output. Here we have called __soapCall a low level method from SoapClient Class.

Code explanation:
We created the SoapClient object from SoapClient() class. Using that we send the request parameters to the particulat Soap Request Method.

The Basic SoapClient usage is explained here.

3. Advanced Soap Request in PHP

Project like bank B2B and other Transaction related services will usually have a complex SOAP request. 

Start Looking at the functions provided by SoapClient class http://php.net/manual/en/class.soapclient.php

Consider you have a WSDL file, how to know what is the Request End point?
If the Service Provider doesn't provide you document, you can follow below methods to find the Service End point (Request URL's).

Method 1: (Recommended)
In SOAPUI you can see the Service End points. If you double click on request you will see the required parameters for every request.

Soap Service End Points 
Method 2:
Use the following code to list all the available functions inside the WSDL. It list all the functions.

$soapclient->__getFunctions()

Simple Request with Certificate

<?php 
$wsdl = "someURL-with.wsdl";
$local_cert = "YourDirectory\ClientKeyAndCer.pem";

$soapclient = new SoapClient($wsdl, array('local_cert' => $local_cert));

$theResponse = $soapclient->test();

Request with Certificate and Other Parameters

<?php 
$wsdl = "someURL-with.wsdl";
$local_cert = "YourDirectory\ClientKeyAndCer.pem";

$soapclient = new SoapClient($wsdl,array(
        "trace"         => 1, 
        "exceptions"    => true, 
        "local_cert"    => $local_cert, 
        "uri"           => "urn:xmethods-delayed-quotes",
        "style"         => SOAP_RPC,
        "use"           => SOAP_ENCODED,
        "soap_version"  => SOAP_1_2 ,
        "location"      => $this->location
    ));

Using PHP Soap for Request with Certificate and Private Key

PHP SoapClient is limited with functionalities. You can attach a Certificate with SoapClient Request if needed. But Private key cannot be send.

To handle these situation you need to create your own class extending SoapClient functionality.

Creating your Own Soap Class to handle Custom Request
<?php 
class Myclass extends SoapClient{
    
    function __construct($wsdl, $options = null) {
        parent::__construct($wsdl, $options);
    }
    
    function __doRequest($request, $location, $action, $version) {
        return parent::__doRequest($request, $location, $action, $version);        
    }
    
}
Print the parameters and see the individual data like URL, and $request.

If you see the PHP SoapClient Functionality, it actually sends the formatted XML string (same like the ones created through SoapUI) with parameters filled.

Following line is the one which handles the Network Data Transport from You to Other Server.

parent::__doRequest()

Replace this code with cURL or any other code which handles your own Data transport mechanism.

Example 2:

<?php

define('WSDL_URL', 'http://www.webservicex.com/CurrencyConvertor.asmx?wsdl');

class MyOwnSOAPClient extends SoapClient {

    //Required variables
    public $url = "";

    function __construct($wsdl, $options = null) {
        parent::__construct($wsdl, $options);
    }

    function __doRequest($request, $location, $action, $version) {
        $requestDOM = new DOMDocument('1.0');
        $soapHeaderDOM = new DOMDocument('1.0');

        try {
            $requestDOM->loadXML($request);
            $request = $requestDOM->saveXML();
        } catch (DOMException $e) {
            die('Error adding UsernameToken: ' . $e->code);
        }
        return parent::__doRequest($request, $location, $action, $version);
    }

}

    $soapClient = new MyOwnSOAPClient(WSDL_URL, array());
    $ConversionRateObj = new stdClass();
    $ConversionRateObj->FromCurrency = "USD";
    $ConversionRateObj->ToCurrency = "INR";
//    print_r($soapClient->__getFunctions());
    $reply = $soapClient->ConversionRate($ConversionRateObj);
    print_r($reply);


Read more…