Authentication - PHP

What is RETS? At first glance it sounds like something you may want to avoid, but for the professional Realtor and their web developer it’s like gold. It helps Realtors update property information on the MLS server, saving time and keeping listings current. It can all be done through PHP and a good database.

TABLE OF CONTENTS:

By: Ron Goff

Poor Best

Rating:

/ 16

October 25, 2004

print this article

SEARCH DEV SHED

TOOLS YOU CAN USE

The lines below will be the header we create and send over for authentication. These are the usual minimum requirements but again may be slightly different from MLS server to MLS server. You may want to take some time before trying the authentication process to locate and check the requirements of your local office; they are usually posted online.

<code>
$out2 = "GET /IMPV/rets/rets_login.asprn";
</code>

The page we use for authentication. Notice that it differs slightly from our $A2 variable.

<code>
$out2 .= "Authorization: Digest username="$username ", realm="$MLS_county ",
nonce="$auth_nonce ", opaque="$auth_opaque", uri="/IMPV/rets/rets_login.asp", response="$resp" rn";
</code>

This is the actual digest string that brings everything together for authentication. Some of the variables we created above are placed here and our MD5ed variable $resp is in the response area at the end.

You will notice that there is a variable called opaque. This variable will appear when you get the nonce variable from the header and looks similar to the nonce. You can pull it the exact same way that you pull the nonce. Again my specific MLS server does not change this variable, but others might.

The server that you will post this code to and run the program from.

<code>
$out2 .= "Accept: */*rn";
</code>

The type of response you will accept. Some MLS server may require you to specify the type which may be text or XML. The above is set to anything and everything.

<code>
$out2 .="User-Agent: MY_RETS_CLIENT/1.0rn";
</code>

This is the name of your client; this will need to be registered with the MLS office. This is to prevent any program from trying to gain access without properly registering with the MLS office. You may be familiar with this variable which usually holds information about your browser like "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-us)". We are basically spoofing the header; if it's not set, it would probably say "PHP 4.2.3" or whatever version your PHP is on the server.

<code>
$out2 .="RETS-Request-ID: 571rn";
</code>

This is used by your program to keep track of requests. Every request could have a unique number assigned to it for logging or record keeping. This is usually an optional variable.

<code>
$out2 .= "Connection: Closernrn";
</code>

Finally close the connection.

<code>
fputs($fp, $out2);
</code>

Now we connect to our fsocket connection and send over the header we just made. The header is a GET statement and not a POST, information that you may not need but is good to know how things are being sent.

<code>
while (!feof($fp)) {

$grabo = fgets($fp, 128);

      preg_match("/RETS-Session-ID(..........)/", $grabo, $set_cookie);
     if($set_cookie[0] != ''){
      $set_cookiea = $set_cookie[0];
      }
      }

fclose($fp);
}
</code>

This bit of code retrieves the server response once we send our authentication. If we are successful, it will try to find a variable called RETS-Session-ID. If we get this variable, then it means that we have successfully logged into the server and can process requests for property using that session id.

Next: Benefits of RETS >>