I have a an API I'm using a variety of methods on. GET works fine as do the others I am testing. When using PATCH, it gives errors despite the documentation showing it's enabled.
The errors are:
Warning: file_get_contents(): SSL: Connection reset by peer in upload.php on line 20
Warning: file_get_contents(https://api-domain/answers/331): failed to open stream: HTTP request failed! in oracle_upload.php on line 20
Error
Line 20 is
$response = file_get_contents('https://api-domain/answers/331', FALSE, $content)
As for the $content variable:
$postData = array(
'solution' => 'Testing 123'
);
$context = stream_context_create(array(
'http' => array(
'method' => 'PATCH',
'header' => "Authorization: Basic dXNlcjpwYXNz\r\nContent-Type: application/json\r\n",
'content' => json_encode($postData)
),
"ssl"=>array(
"allow_self_signed"=>true,
"verify_peer"=>false,
"verify_peer_name"=>false
)
));
Please note, https://api-domain is a fake addy
Thanks
In your php.ini file change this line or add.
extension=php_openssl.dll
allow_url_fopen = On
Related
I'm building a personal stock platform (not distributed). A component I would like to have is the EPS graph on this page:
https://eresearch.fidelity.com/eresearch/evaluate/fundamentals/earnings.jhtml?stockspage=earnings&symbols=AAPL&showPriceLine=yes
As you can see, the page is https, so after days of hammering things out, I enabled openssl and now it seems to work for all https pages such as the homepages of facebook and twitter, however it is still not working for the one I need.
file_get_contents('https://facebook.com'); /* works */
file_get_contents('https://twittercom'); /* works */
file_get_contents('https://eresearch.fidelity.com/eresearch/evaluate/fundamentals/earnings.jhtml?stockspage=earnings&symbols=AAPL&showPriceLine=yes');
I'm getting the warning:
Warning: file_get_contents(): SSL: crypto enabling timeout in C:\xampp\htdocs\index.php on line 3
Warning: file_get_contents(): Failed to enable crypto in C:\xampp\htdocs\index.php on line 3
Warning: file_get_contents(https://eresearch.fidelity.com/eresearch/evaluate/fundamentals/earnings.jhtml?stockspage=earnings&symbols=AAPL&showPriceLine=yes): failed to open stream: operation failed in C:\xampp\htdocs\index.php on line 3
Fatal error: Maximum execution time of 30 seconds exceeded in C:\xampp\htdocs\index.php on line 3
The only difference I can see is that the fidelity page has a triangle near the https label.
Ok I have found a solution. The problem is that the site uses SSLv3. And I know that there are some problems in the openssl module. Some time ago I had the same problem with the SSL versions.
<?php
function getSSLPage($url) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSLVERSION,3);
$result = curl_exec($ch);
curl_close($ch);
return $result;
}
var_dump(getSSLPage("https://eresearch.fidelity.com/eresearch/evaluate/analystsOpinionsReport.jhtml?symbols=api"));
?>
When you set the SSL Version with curl to v3 then it works.
Edit:
Another problem under Windows is that you don't have access to the certificates. So put the root certificates directly to curl.
http://curl.haxx.se/docs/caextract.html
here you can download the root certificates.
curl_setopt($ch, CURLOPT_CAINFO, __DIR__ . "/certs/cacert.pem");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
Then you can use the CURLOPT_SSL_VERIFYPEER option with true otherwise you get an error.
Had same problem - it was somewhere in the ca certificate, so I used the ca bundle used for curl, and it worked. You can download the curl ca bundle here: https://curl.haxx.se/docs/caextract.html
For encryption and security issues see this helpful article:
https://www.venditan.com/labs/2014/06/26/ssl-and-php-streams-part-1-you-are-doing-it-wrongtm/432
Here is the example:
$url = 'https://www.example.com/api/list';
$cn_match = 'www.example.com';
$data = array (
'apikey' => '[example api key here]',
'limit' => intval($limit),
'offset' => intval($offset)
);
// use key 'http' even if you send the request to https://...
$options = array(
'http' => array(
'header' => "Content-type: application/x-www-form-urlencoded\r\n",
'method' => 'POST',
'content' => http_build_query($data)
)
, 'ssl' => array(
'verify_peer' => true,
'cafile' => [path to file] . "cacert.pem",
'ciphers' => 'HIGH:TLSv1.2:TLSv1.1:TLSv1.0:!SSLv3:!SSLv2',
'CN_match' => $cn_match,
'disable_compression' => true,
)
);
$context = stream_context_create($options);
$response = file_get_contents($url, false, $context);
Hope that helps
A workaround that works for me is to disable peer verification. Be careful when you use it because it shouldn't be use in production.
$arrContextOptions = array(
"ssl" => array(
"verify_peer" => false,
"verify_peer_name" => false,
)
);
$context = stream_context_create($arrContextOptions);
$contents = file_get_contents($url,false,$context);
I use PHP wamp with php_open_ssl.dll (version: OpenSSL 1.0.1d 5 Feb 2013).
When I tried to access https URL like this:
$result = file_get_contents($url, null, stream_context_create(array(
'http' => array(
'protocol_version' => 1.1,
'user_agent' => 'PHP-MCAPI/2.0',
'method' => 'POST',
'header' => "Content-type: application/json\r\n".
"Connection: close\r\n" .
"Content-length: " . strlen($json_data) . "\r\n",
'content' => $json_data,
),
)));
I get the following warning:
file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac
Some say that this is caused because of bad version of SSL dll. Do you guys have any tips of how to resolve this?
Thanks in advance!
I'm developing a web application (using GAE for PHP) that notifies android clients (via GCM - Google Cloud Messaging) when some content are available for download.
The following PHP script should do job:
$json = array(
'data' => array( ... ),
'registration_ids' => array( ... )
);
$data = json_encode( $json );
$context = array(
'http' => array(
'method' => 'post',
'header' => 'Authorization: key=MY_SECRET_KEY' . "\r\n" .
'Content-Type: application/json' . "\r\n",
'content' => $data
)
);
$context = #stream_context_create($context);
$result = #file_get_contents("https://android.googleapis.com/gcm/send", false, $context);
The above code runs correctly when the app is deployed, but do not when running on my local development environment.
On local development environment $result is null and the file_get_contents "echo" the following warning failed to open stream: HTTP request failed! HTTP/1.0 405 Method Not Allowed.
I finally figured out what was happening.
The HTTP/1.0 405 Method Not Allowed was related with the 'method' => 'post'.
Belive me, simply changing it to 'method' => 'POST' (note the uppercase!) did the trick.
I'm trying to understand how to use oAuth2 with the twitter application only auth so i can display a feed on my web site but i'm stuck at the token acquisition step. I'm probably not doing it right, i can't really get my head around oAuth at all so here's my code, can you guys tell me what i did wrong?
//Expired, request a bearer access token
define('TWITTER_CONSUMER_KEY', 'xyz');
define('TWITTER_CONSUMER_SECRET', 'abc');
$encodedAccessToken = base64_encode(TWITTER_CONSUMER_KEY.':'.TWITTER_CONSUMER_SECRET);
$options = array(
'http' => array(
'method' => 'POST',
'header' => 'Authorization: Basic '.$encodedAccessToken."\nContent-Type: application/x-www-form-urlencoded;charset=UTF-8",
'content' => 'grant_type=client_credentials',
'protocol_version' => 1.1,
),
);
$context = stream_context_create($opts);
$result = file_get_contents('https://api.twitter.com/oauth2/token', false, $context);
var_dump($result);
Then i keep getting a 403 error:
Warning: file_get_contents(https://api.twitter.com/oauth2/token)
[function.file-get-contents]: failed to open stream: HTTP request
failed! HTTP/1.0 403 Forbidden in ...
Ok, as an answer :)
You need to pass $options, not the undefined $opts to stream_context_create.
I'm building a personal stock platform (not distributed). A component I would like to have is the EPS graph on this page:
https://eresearch.fidelity.com/eresearch/evaluate/fundamentals/earnings.jhtml?stockspage=earnings&symbols=AAPL&showPriceLine=yes
As you can see, the page is https, so after days of hammering things out, I enabled openssl and now it seems to work for all https pages such as the homepages of facebook and twitter, however it is still not working for the one I need.
file_get_contents('https://facebook.com'); /* works */
file_get_contents('https://twittercom'); /* works */
file_get_contents('https://eresearch.fidelity.com/eresearch/evaluate/fundamentals/earnings.jhtml?stockspage=earnings&symbols=AAPL&showPriceLine=yes');
I'm getting the warning:
Warning: file_get_contents(): SSL: crypto enabling timeout in C:\xampp\htdocs\index.php on line 3
Warning: file_get_contents(): Failed to enable crypto in C:\xampp\htdocs\index.php on line 3
Warning: file_get_contents(https://eresearch.fidelity.com/eresearch/evaluate/fundamentals/earnings.jhtml?stockspage=earnings&symbols=AAPL&showPriceLine=yes): failed to open stream: operation failed in C:\xampp\htdocs\index.php on line 3
Fatal error: Maximum execution time of 30 seconds exceeded in C:\xampp\htdocs\index.php on line 3
The only difference I can see is that the fidelity page has a triangle near the https label.
Ok I have found a solution. The problem is that the site uses SSLv3. And I know that there are some problems in the openssl module. Some time ago I had the same problem with the SSL versions.
<?php
function getSSLPage($url) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSLVERSION,3);
$result = curl_exec($ch);
curl_close($ch);
return $result;
}
var_dump(getSSLPage("https://eresearch.fidelity.com/eresearch/evaluate/analystsOpinionsReport.jhtml?symbols=api"));
?>
When you set the SSL Version with curl to v3 then it works.
Edit:
Another problem under Windows is that you don't have access to the certificates. So put the root certificates directly to curl.
http://curl.haxx.se/docs/caextract.html
here you can download the root certificates.
curl_setopt($ch, CURLOPT_CAINFO, __DIR__ . "/certs/cacert.pem");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
Then you can use the CURLOPT_SSL_VERIFYPEER option with true otherwise you get an error.
Had same problem - it was somewhere in the ca certificate, so I used the ca bundle used for curl, and it worked. You can download the curl ca bundle here: https://curl.haxx.se/docs/caextract.html
For encryption and security issues see this helpful article:
https://www.venditan.com/labs/2014/06/26/ssl-and-php-streams-part-1-you-are-doing-it-wrongtm/432
Here is the example:
$url = 'https://www.example.com/api/list';
$cn_match = 'www.example.com';
$data = array (
'apikey' => '[example api key here]',
'limit' => intval($limit),
'offset' => intval($offset)
);
// use key 'http' even if you send the request to https://...
$options = array(
'http' => array(
'header' => "Content-type: application/x-www-form-urlencoded\r\n",
'method' => 'POST',
'content' => http_build_query($data)
)
, 'ssl' => array(
'verify_peer' => true,
'cafile' => [path to file] . "cacert.pem",
'ciphers' => 'HIGH:TLSv1.2:TLSv1.1:TLSv1.0:!SSLv3:!SSLv2',
'CN_match' => $cn_match,
'disable_compression' => true,
)
);
$context = stream_context_create($options);
$response = file_get_contents($url, false, $context);
Hope that helps
A workaround that works for me is to disable peer verification. Be careful when you use it because it shouldn't be use in production.
$arrContextOptions = array(
"ssl" => array(
"verify_peer" => false,
"verify_peer_name" => false,
)
);
$context = stream_context_create($arrContextOptions);
$contents = file_get_contents($url,false,$context);