imagecreatefrom and dynamic graphics

I'm trying to get an image to analize by
imagecreatefrompng(http://www.domain.pl/png.php);

The file png.php is generating a PNG file different for all logged users in
domain (cookies are used in this process).

I want to get this graphic from another domain e.g. domain2 by
imagecreatefrompng and analize it.
Problem is that - if I get this image straight to HTML by <img
src="http://www.domain.pl/png.php"> everything is ok. But if I'm using
imagecreate... the png.php file is not using it domains' cookie.

Can you solve my problem?

Krzysztof Kujawski

Soryy about all mistakes in English.

"Krzysztof Kujawski" <krzysztof.kujawski@zhp.pl> wrote in message
news:btvclh$8dq$1@atlantis.news.tpi.pl...
> I'm trying to get an image to analize by
> imagecreatefrompng(http://www.domain.pl/png.php);
>
> The file png.php is generating a PNG file different for all logged users
in
> domain (cookies are used in this process).
>
> I want to get this graphic from another domain e.g. domain2 by
> imagecreatefrompng and analize it.
> Problem is that - if I get this image straight to HTML by <img
> src="http://www.domain.pl/png.php"> everything is ok. But if I'm using
> imagecreate... the png.php file is not using it domains' cookie.
>
> Can you solve my problem?
>
> Krzysztof Kujawski
>
> Soryy about all mistakes in English.
>
>

tweek this code to accept your cookies, or to send them:
http://www-2.gzentools.com/snippetvi...etresource.php


--
Mike Bradley
http://www.gzentools.com -- free online php tools

> tweek this code to accept your cookies, or to send them:
> http://www-2.gzentools.com/snippetvi...etresource.php

thanks... but how?


Krzysztof Kujawski

> tweek this code to accept your cookies, or to send them:
> http://www-2.gzentools.com/snippetvi...etresource.php

I don't want to send a cookie, I want that connection via socket to use
cookies from that domain where I'm connecting.

Krzysztof Kujawski

"Krzysztof Kujawski" <krzysztof.kujawski@zhp.pl> wrote in message
news:btvf9f$llr$1@atlantis.news.tpi.pl...
> > tweek this code to accept your cookies, or to send them:
> > http://www-2.gzentools.com/snippetvi...etresource.php
>
> thanks... but how?
>
>
> Krzysztof Kujawski
>
>
First, figure out exactly what you need to do. Without knowing too much
about it, I would suggest the following , assuming your using windows

use a browser, and grab the image in the address bar.
once its on the screen, go to your cookie directory, and open up the
domain.txt file

look at the cookie.

then in the script:
$useHeader = "GET _URI_ HTTP/1.0\n".
...
...
...
"Cookie: item=data".
...
...
"Connection: Close\n";


if you want to spy on the headers, to see what is being sent, use this
program:
http://www-2.gzentools.com/sockview.php

--
Mike Bradley
http://www.gzentools.com -- free online php tools

"Krzysztof Kujawski" <krzysztof.kujawski@zhp.pl> wrote in message
news:btvfu5$n2l$1@atlantis.news.tpi.pl...
> > tweek this code to accept your cookies, or to send them:
> > http://www-2.gzentools.com/snippetvi...etresource.php
>
> I don't want to send a cookie, I want that connection via socket to use
> cookies from that domain where I'm connecting.
>
> Krzysztof Kujawski
>
>

Ok, you do not want to send a cookie, but you want to use cookies from the
domain its connecting to.

Got news for you, you are sending a cookie, I was trying to show you how to
look at what is being sent. becouse it might be looking for a cookie that
was sent from the page, and passed to the image script.

More news for you, this is beyond your ability if you do not understand what
is going on in the trasaction.

--
Mike Bradley
http://www.gzentools.com -- free online php tools

> Got news for you, you are sending a cookie, I was trying to show you how
to
> look at what is being sent. becouse it might be looking for a cookie that
> was sent from the page, and passed to the image script.
Hmm. I've watched headers of this connection, and there is no cookie header.
Maybe I should explain what exactly am I doing..

I have two domains: domain and domain2.
I log in user to domain via another scripts and sending cookies for domain.
png.php script makes PNG-file with encoded information about user that is
logged.
In domain2 I want to read PNG-file with that information and decode it.

In headers that was send (I've installed sockView) there is no cookie header
(and I think it's normal because browser doesn't take a part in reading
PNG-file from png.php - ready PNG-file is output for browser).

I undestand what is going in the transaction, but I can't see solution of
this problem.

I think this will be useful for better contact.

Krzysztof Kujawski

Well, maybe you can get away with not using cookie if the other site has
session.use_trans_sid turned out. In that case you can pass PHPSESSID
through the URL. And if the other site has register_globals turned on, you
might be able to log in by passing the username and password through the
URL.

Uzytkownik "Krzysztof Kujawski" <krzysztof.kujawski@zhp.pl> napisal w
wiadomosci news:btvfu5$n2l$1@atlantis.news.tpi.pl...
> > tweek this code to accept your cookies, or to send them:
> > http://www-2.gzentools.com/snippetvi...etresource.php
>
> I don't want to send a cookie, I want that connection via socket to use
> cookies from that domain where I'm connecting.
>
> Krzysztof Kujawski
>
>

Chung Leong wrote:

> Well, maybe you can get away with not using cookie if the other site has
> session.use_trans_sid turned out. In that case you can pass PHPSESSID
> through the URL. And if the other site has register_globals turned on, you
> might be able to log in by passing the username and password through the
> URL.
>
> Uzytkownik "Krzysztof Kujawski" <krzysztof.kujawski@zhp.pl> napisal w
> wiadomosci news:btvfu5$n2l$1@atlantis.news.tpi.pl...
>
>>>tweek this code to accept your cookies, or to send them:
>>>http://www-2.gzentools.com/snippetvi...etresource.php
>>
>>I don't want to send a cookie, I want that connection via socket to use
>>cookies from that domain where I'm connecting.
>>
>>Krzysztof Kujawski
>>
>>
>
>
>


Maybe I'm missing something here, but it seems to me that the way to
make this work is to append your variables (whatever values are in the
cookies) to the png generator on the second domain. So, the request for
image.php would look like:
<img src='http://domainB/image.php?var1=1&var2=1&so_on_and_on=etc'>

Cookies from domainA aren't sent to domainB, and frankly, that's a GOOD
thing. For instance, if you're logging in to Alice's site, and ask it
to "remember" your info. your info would/could be saved in a cookie
(sessions would be better, but we're talking about cookies). If cookies
set on domainA (Alice's site) could be read by domainB (Malice's site),
then you'd essentially be giving your UID/PWs away to domainB, or really
any site you visit. That would be a pretty big security problem.

I think what you're missing is that the request for the image isn't
being sent from the client's web browser... it's being sent from the
domainB server, which doesn't, and shouldn't have access the cookies
domainA set on the client.

The client won't give domainA's cookies to domainB, so when domainB asks
for domainA's image, no cookies are sent along... and it's *supposed*
to work that way.

Hopefully that's a little clearer than mud. ;)

Regards,

- Dan
http://www.dantripp.com/