I have issue with my feature which I want add to my website.
When I'm trying exec curl, script getting crash (HTTP ERROR 500).
There is something what I don't know about session and curl?
Everything works without session OR withour execute curl.
How I can fix that or where I should look to issue?
<?php
session_start();
include("include/function.php");
if($_SESSION['logadm']=="adm" or $_SESSION['logmod']=="mod")
{
$link = $_GET['link'];
$curl = curl_init("https://discordapp.com/api/webhooks/keyyy");
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode(array("content" => "$link", "username" => "webhook")));
curl_exec($curl)
}
header("Location: ".$_SERVER['HTTP_REFERER']."");
?>
Related
I have 2 .php files
The first php creates a session:
<?php
session_start();
$_SESSION['ID'] = '1';
$_SESSION['NAME'] = 'ALIAS';
$_SESSION['TIME'] = time();
print_r($_SESSION);
The second file has the same session and if it is called from the same browser using the GET method should return the values of the session:
<?php
session_start();
if($_SERVER['REQUEST_METHOD'] == "GET"){
$key = $_GET["access_token"];
if($key=="b8bc45179e0c022a0a5e7738356549a3ebf3788c"){
$json = array("status" => 1, "msg" => $_SESSION['NAME']);
}else{
$json = array("status" => 0, "msg" => "ACCESS ERROR");
}
header('Content-type: application/json');
echo json_encode($json);
}
It is a success when I call from navigation bar from browser as follows:
https://test.com.mx/p_session.php?access_token=b8bc45179e0c022a0a5e7738356549a3ebf3788c
I get:
{"status":1,"msg":ALIAS}
but when a script from a third party:
<?php
$ch = curl_init('https://test.com.mx/p_session?access_token=b8bc45179e0c022a0a5e7738356549a3ebf3788c');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$response = curl_exec($ch);
curl_close($ch);
print_r($response);
calls from the same browser I get:
{"status":1,"msg":null}
Exist way of make this possible?
When you use sessions in PHP, a session cookie is set to the clients browser, containing a session id.
Curl, by default, doesn't keep cookies so when you call the second file, it can't access your cookies.
First, you should call the first url with curl, get the cookies it returns to you, then request the second url with these cookies. Also, you aren't even calling the first file in the first place, so it didn't even return you a cookie anyway. (even if it did, you wouldn't be able to keep it like this without options, though)
example options:
curl_setopt( $curl_handle, CURLOPT_COOKIESESSION, true);
curl_setopt( $curl_handle, CURLOPT_COOKIEJAR, $cookie);
curl_setopt( $curl_handle, CURLOPT_COOKIEFILE, $cookie);
you should call the first url with curl, keep the cookies, then call the second url.
related: PHP Curl And Cookies
google "curl php cookie" and similar for more, but this is basically it.
I'm trying to send some parameters for an autentication on a web page this is the code
$url = "http://www.webpage.com/account/submit";
$handler = curl_init();
curl_setopt($handler, CURLOPT_URL, $url);
curl_setopt($handler, CURLOPT_POST,true);
curl_setopt($handler, CURLOPT_POSTFIELDS, "username=user#webmail.com&remember=true&password=123456");
$response = curl_exec ($handler);
curl_close($handler);
When I run this script shows nothing, Im trying to autenticate me succesfully into a website without the HTML form . . . there is another way to do this ???
Ofcourse it shows nothing. You would at least have to echo something (and likely do something with $response to actually check the result of the login). Also, make sure error reporting is enabled.
I am using trying to extract the wiki documentation from a page on my website (redmine). I successfully retrieved the redirect to the login page, send post username and password field, but then I arrive on a page with a ruby redirect from redmine and I can't go further. The ruby code in the file "response.rb" of redmine is:
def redirect(url, status)
self.status = status
self.location = url.gsub(/[\r\n]/, '')
self.body = "<html><body>You are being redirected.</body></html>"
end
I don't kbow enough about ruby to modify redmine's code, so is there a way to do this in php?
curl_setopt($curlHandle, CURLOPT_FOLLOWLOCATION, true);
Would tell cURL to follow any properly configured redirects (anything that sends the Location: header).
Found an alternate solution!
IF anybody else has that problem with redmine or any other redirect:
Use cURL to login first
Save your session to a cookie
Use cURL to get your secured page that needs authentification.
<?php
$tempFilename = tempnam("/tmp", "COOKIE");
// Login
$curlHandle = curl_init("http://bob.com/login");
curl_setopt($curlHandle, CURLOPT_COOKIEJAR, $tempFilename);
curl_setopt($curlHandle, CURLOPT_RETURNTRANSFER, true);
$dataArray = array(
"username" => "bob",
"password" => "password"
);
curl_setopt($curlHandle, CURLOPT_POSTFIELDS, $dataArray);
$output = curl_exec($curlHandle);
// Getting the wiki
$curlHandle = curl_init("http://bob.com/wiki");
curl_setopt($curlHandle, CURLOPT_COOKIEFILE, $tempFilename);
curl_setopt($curlHandle, CURLOPT_RETURNTRANSFER, true);
$output = curl_exec($curlHandle);
echo $output;
?>
Alright I'm at the end of the rope here. I've tried just about everything to try to get this working. I've done Google OAUTH API calls before on web hosts and everything works great, but when I use the same scripts on my WAMP server, google does not reply to my cURL posts. I've tested cURL post by posting to my own server as well as to this server someone set up:
http://www.newburghschools.org/testfolder/dump.php
And it works just fine. Here's the script I'm using after I get the user to allow my application:
<?
//This script handles the response from google. If the user as authed the app, it will continue the process by formulating another URL request to Google to get the users information. If there was an error, it will simply redirect to index.
include_once($_SERVER['DOCUMENT_ROOT']."/../src/php/google/initialize.php");
if (!isset($_GET['error'])) {
//No error found, formulate next HTTP post request to get our auth token
//Set URL and get our data encoded for POST
$url = "https://accounts.google.com/o/oauth2/token";
$fields = array(
'code' => $_GET['code'],
'client_id' => $google['clientID'],
'client_secret' => $google['clientSecret'],
'redirect_uri' => "http://www.dealertec.com/scripts/php/google/reg_response.php",
'grant_type' => "authorization_code"
);
//$data = http_build_query($fields);
$data = "code=".$fields['code'].'&client_id='.$fields['client_id'].'&client_secret='.$fields['client_secret'].'&redirect_uri='.$fields['redirect_uri'].'&grant_type='.$fields['grant_type'];
echo $data."<br> /";
//Begin cURL function
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
echo $response;
curl_close($ch);
//Decode the JSON and use it to make a request for user information
print_r($response);
$response = json_decode($response, true);
/*if (!isset($response['error'])) {
//No error in response, procede with final step of acquiring users information
$apiURL = "https://www.googleapis.com/oauth2/v1/userinfo?access_token=".$response['access_token'];
$apiCall = curl_init($apiURL);
curl_setopt($apiCall, CURLOPT_RETURNTRANSFER, true);
curl_setopt($apiCall, CURLOPT_HEADER, false);
$apiResponse = curl_exec($apiCall);
$apiResponse = json_decode($apiResponse, true);
var_dump($apiResponse);
}else{
echo $response['error'];
}*/
}else{
header("LOCATION: http://www.dealertec.com/");
}
?>
When I echo out what is supposed to be the google response, all I get is a singular "/". When I run this same exact script on my webhost, after changing back the DNS IP, it works fine. I'm thinking either Google doesn't like my WAMP server and won't even talk to it, or perhaps it's something with my cURL configuration. It's only a minor annoyance not being able to develop for Google API on my WAMP server, but if anyone has any ideas whatsoever, it would be greatly appreciated.
Thanks!
I was getting a FALSE coming back from curl_exec(), but this is how I fixed it:
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
http://us3.php.net/manual/en/function.curl-setopt.php
hope this helps!
I am trying to log in a website using php via cURL. But the website I am trying to log in requires cookies and session I am new to php what is the best way to set up cookies and session so that I can log in I have tried $_SESSION and setcookies they don't seem to work.. here is the code I have written any help on this topic would be helpful thanks
<?php
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://example.com/logint");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, true);
$data = array(
'username' => 'username',
'passwd' => 'pass',
);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
$output = curl_exec($ch);
echo($output);
curl_close($ch);
?>
To login to a webpage using curl and get the cookie you do something like this:
curl -c cookies.txt -d "username=myUser&password=FooBar" http://xyz.com/login
and to use those cookie in later requests you do:
curl -b cookies.txt http://whatever.com/getPage
P.S: Not sure abt PHP syntax