I have two php scripts on two different servers. I'm using curl to get data from one to the other (from server 1 to server 2):
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$output = curl_exec($ch);
curl_close($ch);
It works but is there a way to hide the output on server 1 if somebody is accessing that script through its actual url?
A very basic way to lock down your PHP script is to create a password via a URL parameter. What if you had ?pwd=ABCDEF (create your own password here https://passwordsgenerator.net/) and then your Server-side PHP script can check to see if the password matches the URL parameter, and if it does you can print out the output.
Then modify PHP script #2 to pass your chosen password as a URL Parameter
Related
I have created a simple classic ASP script that will take a username and password from a post and create session variables. This script works fine if i use a standard html form and redirect to this page. I have a php site and I want to log users into both websites when they log into the php site. To do this i wanted to add a curl request to the login script in php. This would send the password and username over to the script and create the session variables. The response i get from the curl request would suggest that it worked, but it doesnt seem to be saving the session.
Here is the curl request.
$postinfo = "username=".$username."&password=".$password;
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postinfo);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
$result = curl_exec($ch);
curl_close($ch);
var_dump($result);
I dont want to paste the full asp script, but this is roughly how it works. The session persists when i login using a html form so i know its working correctly. When the curl request is finished executing it seems that the session variables are populated, but when i visit another page the session does not exist.
'do some stuff with the db to check if the credentials work.
if success = true then
Session("userid") = userid
Session("login") = "good"
Response.Write("Login successful - " & Session("userid"))
else
Response.Write("Login Failed")
end if
When i run the curl request the response is "Login successful - 123". This means not only is the login working, but its also setting the session value. The problem is that when i try to visit the asp site it does not detect any session data.
I have verified that the all links are pointing to https://www.website.com. Both websites are under the same domain name, just 2 different subdirectories/languages. They are both running on the same server.
I am visiting one site, which already provide following functionality: When user browser visits this url, it will automatically prompt window to download containing file (video). In my script I need to download this attached file from this site to disk using php. I tried to use curl:
function get_data($url) {
$ch = curl_init();
$timeout = 5;
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
And also similar file_get_contents but it doesnt work for me. It get me only containing HTML on that site. Have you any idea how to save this file on the disk using php?
One standard way that developers do this in PHP is to use the "header" method. After calling header, the page can output the video contents, which will prompt a user download.
See this example: PHP header attach AVI-file
What I am trying to do is open a url and pass variables using PHP,
Everytime I use the cURL method it opens the page and displays the output and won't follow the redirects afterwards.
The HttpRequest is not found.
What can I do?
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_exec($ch);
curl_close($ch);
For privacy issues I cant post what the url is but thats the code thats giving me the problem when It curls the page it actually displays what it's curling.
I am trying to set cookie through cURL in PHP but it fails. my php code looks like this
$ch=curl_init();
$url="http://localhost/javascript%20cookies/test_cookies.html";
curl_setopt($ch, CURLOPT_COOKIE, 'user=1');
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$contents = curl_exec($ch);
curl_close($ch);
echo $contents;
?>
the file test_cookies.html contains javascript that checks for a cookie and if it finds it dispalys the content with additional user content.
but when i use the above script it displays the contents of the page test_cookies.html but not with the additional user content which means that it is not setting the cookie.
i tried writing another script like this
<?php
header("Set-Cookie:user=1");
header("Location:test_cookies.html");
?>
this works and sets the cookie and shows the additional user content too.
I also tried using
curl_setopt($ch,CURLOPT_COOKIEFILE,"cookie.txt");
curl_setopt($ch,CURLOPT_COOKIEJAR,"cookie.txt");
this is writing the cookie information to the file but not reading it when fetching the page.
can somebody help?
Since javascript conducts the check in the browser, you should set the cookie before sending the output to the browser. So you need to combine both scripts:
$ch=curl_init();
$url="http://localhost/javascript%20cookies/test_cookies.html";
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$contents = curl_exec($ch);
curl_close($ch);
header("Set-Cookie:user=1");
echo $contents;
Explanation:
Please note that we are looking at two transfers here:
data is fetched by curl, and then
it is sent to the browser.
This is a special case where you are using curl to get the content from localhost, but in real-life uses you'd use curl to get content from a 3rd host.
If you receive different content based on whether a cookie is sent in the request or not, then you should set the cookie with curl. In most cases you can then send the content with no additional tweaking to the browser. But here, you make the decision with checking for a cookie in the browser, so you don't need the first cookie setting, and you do need the second one.
JavaScript will not work by getting page from curl.
I have just started a project that involves me sending data using POST in HTML forms to a another companies server. This returns XML. I need to process this XML to display certain information on a web page.
I am using PHP and have no idea where to start with how to access the XML. Once I knwo how to get at it I know how to access it using XPath.
Any tips of how to get started or links to sites with information on this would be very useful.
You should check out the DOMDocument() class, it comes as part of the standard PHP installation on most systems.
http://us3.php.net/manual/en/class.domdocument.php
ohhh, I see. You should set up a PHP script that the user form posts to. If you want to process the XML response you should then pass those fields on to the remote server using cURL.
http://us.php.net/manual/en/book.curl.php
A simple example would be something like:
<?php
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://the_remote_server");
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $_POST);
$YourXMLResponse = curl_exec($ch);
?>