VB Web query request - vb.net

I am trying to send a query request from VB Login form to Website to check if user Email and Password are Valid.
If I am using request string: http://mathsquest.com/api.php?email=testemail&password=testpass
it returns value "1" as "testemail & "testpass" are pre-registered correct values.
How to send the request with user input values stored in Login form variables (EmailInput and PasswordInput)?
Thank you for help

If I correctly understand your question you should build your url request and then make a redirect or an http request:
Dim req_url as string = "http://mathsquest.com/api.php"
req_url &= "?email=" & EmailInput & "&password=" & PasswordInput
Dim webClient As New System.Net.WebClient
Dim result As String = webClient.DownloadString(req_url)
P.S. As suggested in the comments you should consider hashing/crypting your parameters

Related

How to pass input parameter to VBA http POST URL

I am new to VBA . I am trying to get some input parameters from InputBox and I want to pass this InputBox element to my post request URL . but I don't know how should I pass the value to my URL?
for eg->
Dim iInput As String
iInput = InputBox("Please enter a number", "Create Invoice Number", "Enter your input text HERE")
Url = "myurl.com/api/v4/projects/3765/ref/master/trigger/pipeline?token=123&variables[check1]=2"
objHTTP.Open "POST", Url, False
here, Instead of 2(in the end) I need to pass this 2 through InputBox by taking userinput. how we should modify the current URL? please let me know.
thanks
You can concatenate two strings with &
Url = "myurl.com/api/v4/projects/3765/ref/master/trigger/pipeline?token=123&variables[check1]=" & iInput

Posting with an open event

Action: Trying to 'post' excel data to a webpage that the user sees/uses with a vba code event.
Issue: I can open a window with a get, or I can xmlhttp with a post and a get a response variable, but neither is what I need. I need to POST login information (a service account) from baked in vba code on a button to POST and open a browser.
The webpage is behind Spring Security and the service account credentials should not be known to the user, it's hidden in a protected workbook/vba. I need to post those over to the url.
--> How do I open AND post at the same time?
What I need is the excel equivalent of an HTML form post with a
target=_blank
attribute in vba. Is this possible?
I've tried both
ShellExecute
functions
and
xmlhttp
methods
but both only give me half of the package.
Any advice?
Adding to what #Florent B. has posted, check whether the cookie is set when calling the login page (which I assume) or really when posting the login data.
Dim xhttp As MSXML2.XMLHTTP ' make sure you reference to MSXML!
Dim strCookie As String
Set xHttp = New MSXML2.XMLHTTP
XMLHttp.Open "GET" TheURLOfYourLogInPage
If xHttp.Status = 200 Then
strCookie = xHttp.getResponseHeader("Set-Cookie")
End If
Check your web browser for what is sent to the server when login in, probably something like "username=" & YourUserName & "&password=" & YourPassword & "&cookie=" & strCookie Declare another string variable (I will call it strTicker) and fill it accordingly, then
xHttp.Open "POST", "URLOfYourLoginPage"
xHttp.setRequestHeader "Cookie", strCookie
xHttp.send strTicker

'401 Unauthorised' when calling a url with Net.WebClient

In my app I'm making a call to an API.
I start by building the URL...
Dim url As String = "http://" & Home.sn_username & ":" & Home.sn_password & "#" & Home.sn_ip & "/command.htm?number=" & phonenumber
url = Replace(url, Chr(13), "")
I want to make sure the URL its attempting to call is correct, so i've dumped it to the console...
Console.WriteLine("DIALING: " & url)
The URL is spot on, so finally I call the URL with Net.Webclient...
Dim client As New Net.WebClient
client.DownloadString(url)
This does not work.
An exception is thrown and I get a 401 Unauthorised error.
Am i doing something wrong?
The final URL is like this:
http://username:passwrd#domainame.com/command.htm?Number=01611234565
If i take that and paste it directly into my browser it works fine! (its for an IP phone API... my desk phone dials the number!).
Do i need to look at a different way of supplying the credentials or something?
Thanks in advance!
Try adding your authentication credentials directly to the WebClient instead of prepending them before the url before executing.
client.Credentials = new NetworkCredential(Home.sn_username, Home.sn_password)

Stripe Payment with VB - 400 Bad Request

I'm trying to make a stripe payment work from a VB website. I know, I know, "I should use C#". I can't because the site is already in VB. Nothing I can do about it.
Anyway, I have most of it figured out:
User clicks submit button with valid info
Form submits to Stripe
Stripe sends a token back
A jQuery ajax function posts the data to donate/pay-by-stripe
I have this line of code in my Global.asax.vb
routes.MapRoute("pay-by-stripe", "donate/pay-by-stripe", New With{.controller = "Dynamic", .action = "PayByStripe"})
So my PayByStripe function in the Dynamic Controller looks like this:
Function PayByStripe()
''The Stripe Account API Token
Dim STR_Stripe_API_Token As String = "sk_test_*****"
''The Stripe API URL
Dim STR_Stripe_API_URL As [String] = "https://api.stripe.com/v1/charges"
''The Stripe Card Token
Dim token As String = HttpContext.Request.Form("token")
Dim description As String = HttpContext.Request.Form("description")
Dim amount As Single = HttpContext.Request.Form("amount")
''Creates a Web Client
Dim OBJ_Webclient As New System.Net.WebClient()
''Creates Credentials
Dim OBJ_Credentials As New System.Net.NetworkCredential(STR_Stripe_API_Token, "")
''Sets the Credentials on the Web Client
OBJ_Webclient.Credentials = OBJ_Credentials
''Creates a Transaction with Data that Will be Sent to Stripe
''Dim OBJ_Transaction As New System.Collections.Specialized.NameValueCollection()
Dim OBJ_Transaction As NameValueCollection = New NameValueCollection()
OBJ_Transaction.Add("amount", amount)
OBJ_Transaction.Add("currency", "usd")
OBJ_Transaction.Add("address-country", "US")
OBJ_Transaction.Add("description", "")
OBJ_Transaction.Add("card", token)
''The Stripe Response String
Dim STR_Response As String = Encoding.ASCII.GetString(OBJ_Webclient.UploadValues(STR_Stripe_API_URL, OBJ_Transaction))
'Response.Redirect("/donate/?transaction=success");
Return STR_Response
End Function
I'm getting a 400 bad request error on the STR_Response line:
Dim STR_Response As String = Encoding.ASCII.GetString(OBJ_Webclient.UploadValues(STR_Stripe_API_URL, OBJ_Transaction))
I'm a VB and Stripe noob, and not sure what this means. My main theory now is that it's because I don't have a /donate/pay-by-stripe/ page, but I don't know what I'd even put in there if I did create it.
Any help would be great!
That's a webservice you are calling, right?
A 400 Bad Request with a webservice means your XML request is malformed.
Example, in my request, part of it is a UTC in a certain date format. Example: <pp:utc>2013-05-24 2025</pp:utc>
So, if I were to malform my request to this <pp:utc>2013-05-24 2025</pp:utc2> it would result in:
HTTP/1.1 400 Bad Request
Cache-Control: private
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.5
So, check your request and make sure everything is properly formatted.
EDIT: just noticed I put the "incorrect" utc tags incorrectly.
Please notice the opening tag <pp:utc> is being closed with a </pp:utc2>, which is the reason why you see 400 bad request
I had to put my password in System.Net.NetworkCredentials, and address-country is not a usable field. The only usable fields when submitting a charge are amount, currency, description, and card (which is actually the token). This is the final, working version of my PayByStripe Function in my Dynamic Controller:
Function PayByStripe()
'' The Stripe Account API Token - change this for testing
Dim STR_Stripe_API_Token As String = ""
If (this_is_a_test) Then
' Test Secret Key
STR_Stripe_API_Token = "sk_test_***"
Else
' Prod Secret Key
STR_Stripe_API_Token = "sk_live_***"
End If
''The Stripe API URL
Dim STR_Stripe_API_URL As [String] = "https://api.stripe.com/v1/charges"
''The Stripe Card Token
Dim token As String = HttpContext.Request.Form("token")
Dim description As String = HttpContext.Request.Form("description")
Dim amount As Single = HttpContext.Request.Form("amount")
''Creates a Web Client
Dim OBJ_Webclient As New System.Net.WebClient()
''Creates Credentials
Dim OBJ_Credentials As New System.Net.NetworkCredential(STR_Stripe_API_Token, "YOUR PASSWORD FOR STRIPE")
''Sets the Credentials on the Web Client
OBJ_Webclient.Credentials = OBJ_Credentials
''Creates a Transaction with Data that Will be Sent to Stripe
Dim OBJ_Transaction As New System.Collections.Specialized.NameValueCollection()
OBJ_Transaction.Add("amount", amount)
OBJ_Transaction.Add("currency", "usd")
OBJ_Transaction.Add("description", description)
OBJ_Transaction.Add("card", token)
''The Stripe Response String
Dim STR_Response As String = Encoding.ASCII.GetString(OBJ_Webclient.UploadValues(STR_Stripe_API_URL, OBJ_Transaction))
Return STR_Response
End Function
I've never had to pass in my password when connecting to Stripe's API. Simply pass in your private API Key through an authorization header with no password. It may also help to pass in a version header as well, something Stripe recommends. The following lines of card are in C#, I know your question was in VB, but I'm sure you can easily adaptive this:
webrequest.Headers.Add("Stripe-Version", "2014-12-22");
webrequest.Headers.Add("Authorization", String.Concat("Basic ", (Convert.ToBase64String(Encoding.UTF8.GetBytes(string.Format("{0}:", "sk_test_XXXXXXXXXXXXXXXXXXX"))))));
Also, it may help to know that Stripe sends a 400 Bad Request when an expired or invalid card token is sent.

vb.net problems posting to web form

I've hit a wall on POST'ing data to a webform :(
Below is the code I've adapted from many places (here most recently: http://p2p.wrox.com/asp-net-1-0-1-1-professional/34517-webrequest-webresponse-form-submit-problem-help.html )
Dim url As String = "https://student.ashford.edu/student/"
Dim data As String = "username=myusername&password=mypassword"
Dim buffer As Byte() = Encoding.UTF8.GetBytes(data)
Dim result As String = ""
Dim req As HttpWebRequest = DirectCast(WebRequest.Create(url), HttpWebRequest)
req.Method = "POST"
req.ContentType = "application/x-www-form-urlencoded"
req.ContentLength = buffer.Length
req.CookieContainer = New CookieContainer()
' enable cookies
Dim reqst As Stream = req.GetRequestStream()
' add form data to request stream
reqst.Write(buffer, 0, buffer.Length)
reqst.Flush()
reqst.Close()
Console.WriteLine(vbLf & "Posting data to " & url)
Dim res As HttpWebResponse = DirectCast(req.GetResponse(), HttpWebResponse)
' send request,get response
Console.WriteLine(vbLf & "Response stream is: " & vbLf)
Dim resst As Stream = res.GetResponseStream()
' display HTTP response
Dim sr2 As New StreamReader(resst)
result = sr2.ReadToEnd()
Using writer As System.IO.StreamWriter = New StreamWriter("C:\Temp\checkcheck.html")
writer.Write(result)
End Using
When I check the checkcheck.html file, it doesn't show the page I normally see when I've successfully logged into my university, but instead shows the login page again prompting for a user name and password. Since it's prompting for a user/pass in the output response, does that mean nothing is posted? Or is the login button not being hit?
As far as the field names in the source, the name of the username field is "username", and the name of the password field is "password". From what I can tell, the name of the login button itself is "submit". Below is the source of the page, am I missing something?
view-source:https://student.ashford.edu/student/
https://student.ashford.edu/student/
What I want to have happen is that in my VB.NET backend, I click a button and my username and password are automatically entered and I am automagically logged in. Once the login is done, I want to retrieve the HTML of the logged in page so I can parse it for items relating to my studies. This may be unrelated, but do I need cookies to keep my application "logged in" if I navigate to other pages?
EDIT:
I tried plugging different URL's, to no avail. I have also tried adding submit=login and login=submit (alternately of course) to the POST data. I'm still getting the original login screen HTML from the result variable at the end, instead of my university homepage that I'm expecting after I normally login by hand as a human would. Maybe there is a follow up step that I am missing?
The actual form action is at https://student.ashford.edu/login/commands/login.php. You might plug that into url instead. Also, try including the submit button - submit=login - in the values.
I found out what I needed to do. First I have to make sure that I have a cookie container. Next, I used Fiddler to find out EXACTLY what is being sent back and forth between my browser and where I want to login. I post all the login info, and I get the response back. This seems to fill up my cookie container variable with the required authentication cookies? Next I make another POST request to the page I want to go to, and voila - it works.