Im totally new in using curl or other submission services. As i'm following this link to submit an indoor map using wrld3d api they've stated the following line in order to submit a post request
$ curl -v -XPOST https://indoor-maps-api.wrld3d.com/v1/edits/?token=dev_auth_token -F name="my venue name" -F venue_street_address="<address>" -F venue_phone_number="<phone no.>" -F venue_email="<email address>" -F submission_contact_email="<email address for notifications>" -F venue_outline="#/path/to/my/file"
I tried filling in the values such as dev_auth_token with my respective account's developer token and other values like "my venue name","".. etc but i guess im going wrong as the command isn't running.Is there any syntax to follow? Here is how i filled up the command and here is the command after executing
When your URI contains some data wrap it with double quota
$ curl -v -X POST "https://indoor-maps-api.wrld3d.com/v1/edits/?token=dev_auth_token&name=my venue name&venue_street_address=<address>&venue_phone_number=<phone no.>&venue_email=<email address>&submission_contact_email=<email address for notifications>&venue_outline=#/path/to/my/file"
Same here: CURL Command Line URL Parameters. You have just trouble with parameters. Also, ... you can try with your command but using -d (that stay for data) instead of -F.
-F, --form
(HTTP) This lets curl emulate a filled-in form in which a user has pressed the submit button. This causes curl to POST data using the Content-Type multipart/form-data according to RFC 2388. This enables uploading of binary files etc. To force the 'content' part to be a file, prefix the file name with an # sign. To just get the content part from a file, prefix the file name with the symbol <. The difference between # and < is then that # makes a file get attached in the post as a file upload, while the < makes a text field and just get the contents for that text field from a file.
Example: to send an image to a server, where 'profile' is the name of the form-field to which portrait.jpg will be the input:
curl -F profile=#portrait.jpg https://example.com/upload.cgi
To read content from stdin instead of a file, use - as the filename. This goes for both # and < constructs. Unfortunately it does not support reading the file from a named pipe or similar, as it needs the full size before the transfer starts.
You can also tell curl what Content-Type to use by using 'type=', in a manner similar to:
curl -F "web=#index.html;type=text/html" example.com
or
curl -F "name=daniel;type=text/foo" example.com
You can also explicitly change the name field of a file upload part by setting filename=, like this:
curl -F "file=#localfile;filename=nameinpost" example.com
If filename/path contains ',' or ';', it must be quoted by double-quotes like:
curl -F "file=#\"localfile\";filename=\"nameinpost\"" example.com
or
curl -F 'file=#"localfile";filename="nameinpost"' example.com
Note that if a filename/path is quoted by double-quotes, any double-quote or backslash within the filename must be escaped by backslash.
See further examples and details in the MANUAL.
This option can be used multiple times.
This option overrides -d, --data and -I, --head and --upload.
Related
Here are two GET requests. The first one using CURL in php works, but the second one generated by an HTML form receives an error from the response server.
The first (working) is a GET request using CURL
1.
curl 'https://api.authy.com/protected/json/phones/verification/start' \
-d api_key=my_key\
-d via=sms \
-d phone_number=my_number\
-d country_code=my_code
The second (not working) is a GET request URL like one generated from an html form <form method='get'>
2.
https://api.authy.com/protected/json/phones/verification/start?api_key=my_key&via=sms&phone_number=my_number&country_code=my_code
The error message from the response server when using the second one is:
{"message":"Requested URL was not found. Please check http://docs.authy.com/ to see the valid URLs","success":false,"errors":{"message":"Requested URL was not found. Please check http://docs.authy.com/ to see the valid URLs"},"error_code":"60000"}
Question
What is the difference between second GET request compared to the CURL GET request? They look to me like they are identical.
According to the documentation at https://www.twilio.com/docs/verify/api/verification, you should use a POST request to use that API, and that is what the -d option of cURL does.
In your second call, you send a GET request, and according to the documentation and the error message, that is not successful
I've setup a GitHub webhook with a secret and selected application/x-www-form-urlencoded for the content type.
I tried to search around but there does not seem to be much info on how to use the post data, such as what does GitHub include in the POST request, can I just do:
$_POST["secret"] or is there more to it than that? I know I could test this myself but with the way I setup the webhook its hard to see the output and more of a pain to do a var_dump() for POST.
So basically my question is what is the POST layout when GitHub sends a POST request, because I am looking to validate which branch was pushed and validate the secret as well.
seems it is translated by PHP as $_SERVER['HTTP_X_HUB_SIGNATURE']
but when in doubt as to how PHP will name a header, set up a page with <?php phpinfo(~0); , and run curl with the url like curl http://ratma.net/phpinfo.php --header "X-Hub-Signature: test" -v 2>&1 | grep -i test , and you should see what the header is called. in this case, i got
<tr><td class="e">$_SERVER['HTTP_X_HUB_SIGNATURE']</td><td class="v">test</td></tr>
So, I've got this PHP script that calls a REST API with curl. The URL basically looks like this:
https://firewall1/api/?type=config&action=set&xpath=/config/devices/entry[#name='localhost.localdomain']/vsys/entry[#name='vsys1']/rulebase/security/rules/entry[#name='RULENAME']&element=<disabled>no</disabled>&key=APIKEY
The response comes back as a success, but the change is not actually made in the firewall, which seems odd. If I take and run this same URL with command-line curl, it works as expected.
curl -v -k -g "https://firewall1/api/?type=config&action=set&xpath=/config/devices/entry[#name='localhost.localdomain']/vsys/entry[#name='vsys1']/rulebase/security/rules/entry[#name='RuleName']&element=<disabled>no</disabled>&key=APIKEY"
My curl settings look like this:
$failover1 = curl_init($enableFailover1);
$failback1 = curl_init($disableFailover1);
$commit1 = curl_init($commitFW1);
//set curl options
curl_setopt_array($failover1, array(
CURLOPT_SSL_VERIFYHOST => 0,
CURLOPT_SSL_VERIFYPEER => 0,
CURLOPT_POST => TRUE,
CURLOPT_RETURNTRANSFER => TRUE
));
$responseFail1 = curl_exec($failover1);
$responseBack1 = curl_exec($failback1);
$responseCommit1 = curl_exec($commit1);
//failover and take approprate action for errors
if($responseFail1 === FALSE) {
die(curl_error($failover1));
} else {
//do some stuff
}
Running the PHP script returns the same response as the curl command line, but the result is not the same. Is there some header I'm not passing or something I should do to get this working properly? I should also add that it works if I take the URL and paste in a browser and if I pass the command to shell_exec. Thanks for the help!
Response from curl command line:
* Connection #0 to host firewall1 left intact
<response status="success" code="20"><msg>command succeeded</msg></response>
Response from curl in PHP script:
<response status="success" code="20"><msg>command succeeded</msg></response>
Looks like you are omitting the option -g in the PHP call. As I can see below description from manual:
"When this style is used, the -g option must be given to stop curl from interpreting the square brackets as special globbing characters. Link local and site local addresses including a scope identifier, such as fe80::1234%1, may also be used, but the scope portion must be numeric or match an existing network interface on Linux and the percent character must be URL escaped. The previous example in an SFTP URL might look like :sftp://[fe80::1234%251]/"
https://curl.haxx.se/docs/manual.html
A better option would be to call the overall URL string using PHP shell script execution function shell_exec() in your case. PHP curl is a wrapper library to be used for curl using PHP there may be few options that PHP curl library may not be supporting like -g option in your case which is available in command line.
I’m trying to post an image and a few nested parameters to an api using django rest framework. I’m trying to set up a curl with -F flags as discussed here with nested params as discussed here:
curl -X POST -S -H 'Accept: application/json' -F "customer[name]=foo&customer[email]=foo#bar.com&customer[zipcode]=1076AL&customer[city]=Amsterdam&customer[address]=foobar" -F "photo=#/Users/vincentvanleeuwen/Desktop/tmp/accord.jpg;type=image/jpg" http://localhost:8000/api/orders/
But I get the following response:
{"customer":{"city":["This field is required."],"email":["This field is required."],"zipcode":["This field is required."],"name":["This field is required."]}}
There seems to be something wrong with my nesting under the -F flag, as the nested variables work if I post it like this:
curl -X POST -S -H "Content-Type: application/json" -d '{"customer":{"name":"Adriaan","email":"adriaan#adriaan.com","zipcode":"1901ZP","address":"caravan","city":"Verweggistan"}}' http://localhost:8000/api/orders/
Any ideas what I’m doing wrong? Any help would be much appreciated!
Try separate -F flags for each parameter? From the curl manual:
Emulate a fill-in form with -F. Let's say you fill in three fields
in a form. One field is a file name which to post, one field is your
name and one field is a file description. We want to post the file
we have written named "cooltext.txt". To let curl do the posting of
this data instead of your favourite browser, you have to read the
HTML source of the form page and find the names of the input fields.
In our example, the input field names are 'file', 'yourname' and
'filedescription'.
curl -F "file=#cooltext.txt" -F "yourname=Daniel" \
-F "filedescription=Cool text file with cool text inside" \
http://www.post.com/postit.cgi
An API I'm trying to program to requires multipart/form-data content with the HTTP GET verb. From the command line I can make this work like this:
curl -X GET -H "Accept: application/json" -F grant_type=consumer_credentials -F consumer_key=$key -F consumer_secret=$secret https://example.com/api/AccessToken
which seems like a contradiction in terms to me, but it actually works, and from what I see tracing it actually uses GET. I've tried a bunch of things to get this working using PHP's cURL library, but I just can't seem to get it to not use POST, which their servers kick out with an error.
Update to clarify the question: how can I get php's cURL library to do the same thing as that command line?
which seems like a contradiction in terms to me, but it actually
works, and from what I see tracing it actually uses GET
Not exactly. curl uses a feature of the HTTP/1.1. It inserts additional field to the header Expect: 100-continue, on which, if supported by server, server should response by HTTP/1.1 100 Continue, which tells the client to continue with its request. This interim response is used to inform the client that the initial part of the request has been received and has not yet been rejected by the server. The client SHOULD continue by sending the remainder of the request or, if the request has already been completed, ignore this response. The server MUST send a final response after the request has been completed.
Since they are insisting on HTTP GET, then just encode the form elements into query parameters on the URL you are GETing and use cURL's standard get options instead of posting multipart/formdata.
-X will only change the method keyword, everything else will remain acting the same which in this case (with the -F options) means like multipart formpost.
-F is multipart formpost and you really cannot convert that to a query part in the URL suitable for a typical GET so this was probably not a good idea to start with.
I would guess that you actually want to use -d to specify the data to post, and then you use -G to convert that data into a string that gets appended to the URL so that the operation turns out to a nice and clean GET.