Hi Till, The user does exist and username and password is absolutely correct. I have setup a test environment for this, I am really keen to get this working. Any help greatly appreciated. Here is the code, you can see I have applied your update already. PHP: <?php$user = $_GET['user'];$pass = $_GET['pass'];$ip = isset($_GET['ip']) ? isset($_GET['ip']) : $_SERVER['REMOTE_ADDR'];$domain = !empty($_GET['domain']) ? $_GET['domain'] : error(500, "missing domain");require_once('../../../lib/config.inc.php');require_once('../../../lib/classes/auth.inc.php');require_once('../../../lib/app.inc.php');global $app;$ip = $app->db->quote($ip);$user = $app->db->quote($user);$pass = $app->db->quote($pass);$domain = $app->db->quote($domain);$sql = "SELECT * FROM sys_user WHERE USERNAME = '$user' and ( PASSWORT = '".md5($pass)."' or PASSWORT = password('$pass') )";$app->db->show_error_messages = true;$dbuser = $app->db->queryOneRecord($sql);if ($dbuser === false) error(403, "authentication failed");$groups = $dbuser['groups'];$id = $app->db->queryOneRecord("SELECT id FROM dns_rr WHERE name = '$domain' AND type = 'A' AND sys_groupid IN ($groups)");if ($id === false) error(404, "DNS record not found");$id = $id['id'];$app->db->datalogUpdate('dns_rr', "data = '$ip'", 'id', $id);function error($code, $msg){ header("HTTP/1.0 $code $msg"); echo $msg; die();}?>
So I am trying to update this script for the newer version of ISPConfig. I have hit a couple of roadblocks so any help will be appreciated. The idea of this is you can use a URL to update an A record for a particular domain: http://host.example.com:8080/tools/dyndns/update.php?domain=test&user=username&pass=password This is what I have right now, works sometimes but not all the time. I think it has something to do with the groupid and userid. Sorry, I am just crap at this and muddling my way through... PHP: <?phprequire_once('../../../lib/config.inc.php');#require_once('../../../lib/classes/db_mysql.inc.php');require_once('../../../lib/app.inc.php');$dbname = 'dbispconfig';$dbuser = 'xxxxxxxxxxxx';$dbpass = 'xxxxxxxxxxxxxxxxxxxxxxxxxx';$dbhost = 'localhost';$user = $_GET['user'];$pass = $_GET['pass'];$remoteip = isset($_GET['ip']) ? isset($_GET['ip']) : $_SERVER['REMOTE_ADDR'];$domain = !empty($_GET['domain']) ? $_GET['domain'] : error(500, "missing domain");global $app;$ip = $app->db->quote($ip);$user = $app->db->quote($user);$pass = $app->db->quote($pass);$domain = $app->db->quote($domain);$sql = "SELECT * FROM client WHERE USERNAME = '$user' and ( PASSWORD = '".md5($pass)."' or PASSWORD = password('$pass') )";$app->db->show_error_messages = true;$dbuser = $app->db->queryOneRecord($sql);#$pas = md5($pass);if ($dbuser == $false) error(403, "authentication failed");$groups = $dbuser['sys_groupid'];$id = $app->db->queryOneRecord("SELECT id FROM dns_rr WHERE name = '$domain' AND type = 'A' AND sys_groupid = '$groups'");if ($id == $false) error(404, "DNS record not found");$clientid = $id['id'];$updateresult = $app->db->query("UPDATE dns_rr SET data = '$remoteip' WHERE id = '$clientid' ");if ($updateresult == $false) error(404, "DNS record not updated");$newip = $app->db->queryOneRecord("SELECT data FROM dns_rr WHERE name = '$domain' AND type = 'A' AND sys_groupid = '$groups' ");$changedip = $newip['data'];if($changedip == $remoteip) error(400, "DNS record updated");if($changedip != $remoteip) error(404, "DNS record not updated");$app->db->close();function error($code, $msg){ header("HTTP/1.0 $code $msg"); echo $msg; die();}?> Any help greatly appreciated.
