Accesing secured IIS server

ichbin · December 9th, 2004, 12:41 PM

Hi!
I want to access a site that is password protected. I found out that the server is a Win2K Server with IIS. The protection prompts me similarly to an .htaccess prompt, but it's done by IIS, with which I am very unfamiliar.

If I access the page directly, I am prompted for the uname/pword, and then I see the html, which is just a bunch of links to .csv log files that I need to download.

When I click on the first link, I am prompted for the uname/pword again, but after that, all other links do not bring me the prompt.

If I go directly to the file through the browser window, using:

http://uname:[email protected]/myfile.csv

9 times out of 10 I get prompted for the uname/pword again, but occasionally I get right through.

I would like to be able to access all the files in the /filedir directory using PHP fopen to copy them to my machine without having to click on each and every link, and the host does not provide ftp access.

I wrote this little PHP script on my server to connect to their machine and get the files. When the double-prompt doesn't happen, it works, but when I get prompted 2x, I get the following results:

here is the loop:

$filepref ="http://uname:[email protected]/mydir/filedir/";

// Fake the browser type
ini_set('user_agent','MSIE 4\.0b2;');

while (diff_days($cdate,$edate)>=0) {
$thefile = $am . $ad . $ay . ".csv";
//do the file stuff
$filename = $filepref . $thefile;
echo("Going to read: $filename . <br>");
// open file
If ($fh = fopen($filename, "r"))
{
$i=0;
while (!feof($fh)) {
$cline = fgets($fh);
echo(" Reading line $i: value= $cline<br>");
if (ltrim($cline)!="") {
$contents .= $cline;
$i++;
}
}
fclose($fh);
}
else {
//$errors .= "Could not open file " . $thefile . "<br>";
echo(" -- Could not open file " . $thefile . "<br>");
}
//normalize next day
$showname = getnextday($am, $ad, $ay);
list($am,$ad,$ay) = split('-',$showname);
$cdate=normalizedate($am, $ad, $ay);
}

I get:

Going to read: http://uname:[email protected]/01012004.csv .
Warning: fopen(http://[email protected]/mydir/01012004.csv): failed to open stream: HTTP request failed! HTTP/1.1 401 Access Denied in /var/www/html/fetchfile.php on line 147
-- Could not open file 01012004.csv

Someone mentioned that I might be able to capture the cookie that is generated when I manually get logged in and then send that using fsockopen? I have been looking for documentation but I can't find anything.

I would appreciate any help on this!

Christine.

Combine knowledge with action and you can achieve anything!

SiliconFuRy · December 10th, 2004, 05:19 AM

PHP is known to be a bit tetchy when running with IIS, i think this is just one of the problems. The directories are protected with the Windows Access Control Lists (i think) when running under IIS, so this could represent a little problem.

See if theres any known bugs about this on the php.net website.

Many shoes,

Jamez/SiliconFuRy