I am handling a post request, setting a cookie and then redirecting the user like so:
// (handle post request)
// all fine so set cookie
$ciphertext = Crypto::encrypt($_POST['soulmates_member_id'], Key::loadFromAsciiSafeString($this->encryption_key));
$expires = 60 * 60 * 24 * 30;
setcookie('soulmates_member_id', $ciphertext, $expires, '/', $_SERVER['HTTP_HOST']);
// redirect
header("Location: ".$_POST['soulmates_redirect']);
The following response is returned:
HTTP/1.1 302 Found
Date: Tue, 28 Jun 2016 10:53:21 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.21
X-Powered-By: PHP/5.6.21
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Access-Control-Allow-Origin: http://local.wordpress.com
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Set-Cookie: soulmates_member_id=def5020032ce3903334d3564b22303993dc3bd5923256632200d94785aa9cd09a44091a124848bd4476768eb5027082b01ec4036c4fa366ba41613157d548285d8cbee1b1115b0fc3ec454127e62732db13fb72b4ff385eceeae1b7af7c1; expires=Sat, 31-Jan-1970 00:00:00 GMT; Max-Age=-1464519202; path=/; domain=local.wordpress.com
Location: http://local.wordpress.com/another-page/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
But the cookie doesn't get set. I've tried this in Chrome and Firefox and the cookie just doesn't get set for some reason.
I solved it! It's because the expires time needs to be relative to now so that the expiry date and time is in the future like so:
$expires = time() + 60 * 60 * 24 * 30;
Related
I call an API and the response is like this:
HTTP/1.1 201 Created
Date: Tue, 12 Jun 2018 13:13:34 GMT
Server: Apache/2.4.x (Ubuntu)
Set-Cookie: PHPSESSID=id; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 114
Connection: close
Content-Type: application/json
{"id":"id_code|id_code|id_code","error":{"code":0,"message":"message"}}
What I want to do is take only the json part from final:
{"id":"id_code|id_code|id_code","error":{"code":0,"message":"message"}}
Can I do this using PHP?
Thank you!
You can get the contents of the response with $response->getBody()->getContent(), or you can cast the body to a string. From there if it is in JSON format you can decode it as normal:
// this works
$jsonResults = json_decode($response->getBody()->getContent(), true);
// so does this
$jsonResults = json_decode((string) $response->getBody(), true);
I am using Michas ipn script and I am receiving VERIFIED from PayPal and OK 200 but this part of the script is where it seems to stop. I added //notations
if ($this->use_curl) $this->curlPost($encoded_data);
else $this->fsockPost($encoded_data);
if (strpos($this->response_status, '200') === false) {
throw new Exception("Invalid response status: ".$this->response_status);
}
throw new Exception("status ".$this->response_status);//returns status 200
throw new Exception("status ".$this->response);//see below
if (strpos($this->response, "VERIFIED") !== false) {
return true; throw new Exception("Verified");//nothing returned
} elseif (strpos($this->response, "INVALID") !== false) {
return false; throw new Exception("Invalid");//nothing returned
} else {
throw new Exception("Unexpected response from PayPal.");
}
below here is what is returned by paypal by using throw new Exception("status ".$this->response);
[19-Oct-2015 14:59:53 UTC] HTTP/1.1 200 OK
Server: Apache
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Paypal-Debug-Id: fdea911830b4f
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
DC: slc-b-origin-www-2.paypal.com
Date: Mon, 19 Oct 2015 14:59:47 GMT
Content-Length: 8
Connection: close
Set-Cookie: cwrClyrK4LoCV1fydGbAxiNL6iG=xW6oYJfS6eHsqsgzQsbhMbE7-VbWj_1d-cNcQrxwKKa-56EbhXpjNMeHUi8wgEe_5J_Dtv9ksoVEE-fvmRQgjZzNrt6UX4Vc-vnhF4q-ymaA7GTWHgypoE-4nnN4eGGmxT8ekVletsOzZuSkcpr2uCuZ_o_2qe4gZnucegLPdnP1H6wLCQSh9vAeMUUlKG_TO92-4NA_LvcAtk83p7uwjzB7L8U1c2vvLivfiS-g3j6oKowAWAhOYtwLlLEVvnpXoWAOyGtPZJNbLDF_hub-VCdh9PA_4UhvMQYJyHv3nSzqvDwqhklL1fk87t3lLzyizpPkZweG6mi-iQyBk4PgS_merjRIESmqD0uNeJL_EIqAkBEZilxWwHmMKskh07SYx146nytFFfAKk8kFQ58_uZ6mxeX9EyBPsUg6z2xMC8OrTyPDqaWH8038mUW;
domain=.paypal.com;
path=/; Secure; HttpOnly
Set-Cookie: cookie_check=yes; expires=Thu, 16-Oct-2025 14:59:47 GMT; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: navcmd=_notify-validate; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: navlns=0.0; expires=Wed, 18-Oct-2017 14:59:47 GMT; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: Apache=10.74.8.134.1445266787217963; path=/; expires=Wed, 11-Oct-45 14:59:47 GMT
Set-Cookie: X-PP-SILOVER=name%3DLIVE6.WEB.1%26silo_version%3D880%26app%3Dappdispatcher%26TIME%3D1661281622; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: X-PP-SILOVER=; Expires=Thu, 01 Jan 1970 00:00:01 GMT
Set-Cookie: Apache=10.74.8.69.1445266787199279; path=/; expires=Wed, 11-Oct-45 14:59:47 GMT
Set-Cookie: AKDC=slc-b-origin-www-2.paypal.com; expires=Mon, 19-Oct-2015 15:29:47 GMT; path=/; secure
Strict-Transport-Security: max-age=63072000
VERIFIED
I am not sure where to go from here?
The problem was PayPal's adherence to SHA-256. I found this script by Wade Schuler that is forked from the original Micah Carrick IPN, here is the link https://github.com/WadeShuler/PHP-PayPal-IPN To get it to work add this G5 crt located https://knowledge.symantec.com/support/ua-support/index?page=content&actp=CROSSLINK&id=SO5624 The one included will throw a handshake error. I hope this helps you too!
I am trying to communicate to an API using cURL. One of the methods require that I pass the value of the ININ-ICWS-CSRF-Token header (ie. WAhtYWxoYXlla1dBY2NvUkRJWCQxZmUxZWFhZS0xZTE0LTQyNGYtYjdhZS0zNmZjN2MxYWJmODBYCjEwLjAuNC4xNjA=) and the Set-Cookie (ie. icws_904586002=bf7c7783-6766-4c4f-862b-48f25a9a3741) so I need to extract them so I can pass them later in my code.
Here is what I did to extract the header and the body from the cURL/API respond:
$respond = curl_exec($ch);
//throw cURL exception
if($respond === false){
$errorNo = curl_errno($ch);
$errorMessage = curl_error($ch);
throw new ApiException($errorMessage, $errorNo);
}
list($header, $body) = explode("\r\n\r\n", $respond, 2);
echo '<pre>';
print_r($header);
echo '</pre>';
This is the content of the $header value:
HTTP/1.1 201 Created
ININ-ICWS-CSRF-Token: WAhtYWxoYXlla1dBY2NvUkRJWCQxZmUxZWFhZS0xZTE0LTQyNGYtYjdhZS0zNmZjN2MxYWJmODBYCjEwLjAuNC4xNjA=
ININ-ICWS-Session-ID: 904586002
Set-Cookie: icws_904586002=bf7c7783-6766-4c4f-862b-48f25a9a3741; Path=/icws/904586002
Location: /icws/904586002/connection
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Type: application/vnd.inin.icws+JSON; charset=utf-8
Date: Wed, 06 May 2015 17:13:44 GMT
Server: HttpPluginHost
Content-Length: 237
I would like to get in return results like this
the value of "ININ-ICWS-CSRF-Token" is "WAhtYWxoYXlla1dBY2NvUkRJWCQxZmUxZWFhZS0xZTE0LTQyNGYtYjdhZS0zNmZjN2MxYWJmODBYCjEwLjAuNC4xNjA="
the value of the "cookie" is "ININ-ICWS-CSRF-Token: WAhtYWxoYXlla1dBY2NvUkRJWCQxZmUxZWFhZS0xZTE0LTQyNGYtYjdhZS0zNmZjN2MxYWJmODBYCjEwLjAuNC4xNjA="
You can use the http_parse_headers function to parse the headers.
$hdr_array = http_parse_headers($header);
foreach ($hdr_array as $name => $value) {
echo "The value of '$name' is '$value'<br>";
}
If you don't have http_parse_headers, you can use the code in Pedro Lobito's answer.
<?php
$myHeader = <<< LOL
HTTP/1.1 201 Created
ININ-ICWS-CSRF-Token: WAhtYWxoYXlla1dBY2NvUkRJWCQxZmUxZWFhZS0xZTE0LTQyNGYtYjdhZS0zNmZjN2MxYWJmODBYCjEwLjAuNC4xNjA=
ININ-ICWS-Session-ID: 904586002
Set-Cookie: icws_904586002=bf7c7783-6766-4c4f-862b-48f25a9a3741; Path=/icws/904586002
Location: /icws/904586002/connection
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Type: application/vnd.inin.icws+JSON; charset=utf-8
Date: Wed, 06 May 2015 17:13:44 GMT
Server: HttpPluginHost
Content-Length: 237
LOL;
preg_match_all('/(.*?Token): (.*?)\s+/', $myHeader, $matches, PREG_PATTERN_ORDER);
$tokenName = $matches[1][0];
$token = $matches[2][0];
echo <<< LOL
the value of "$tokenName" is "$token"
the value of the "cookie" is "$tokenName: $token"
LOL;
?>
I am making a request through Guzzle 3.8.1 for a Jasper report (via the Jasper Server API) that is over 2MB and I'm getting a response with the correct Content-Length header but no response body.
Guzzle request:
GET /jasperserver/rest_v2/reports/projects/i3app_suite/Resource/BulkShiftExport.csv?ACCOUNT_ID=2&START_DATETIME=2015-01-01&END_DATETIME=2015-01-31 HTTP/1.1
Host: jasper.i3app:8080
User-Agent: Guzzle/3.8.1 curl/7.19.7 PHP/5.5.8
Authorization: Basic ***=
Response:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: private
Expires: Wed, 31 Dec 1969 17:00:00 MST
P3P: CP="ALL"
Set-Cookie: JSESSIONID=F0B0F72B65A8145B45DA9DB2BACE53D8; Path=/jasperserver/; HttpOnly, userLocale=en_US;Expires=Fri, 13-Feb-2015 18:56:44 GMT;HttpOnly
Content-Disposition: attachment; filename="BulkShiftExport.csv"
output-final: true
Content-Type: application/vnd.ms-excel
Content-Length: 2173897
Date: Thu, 12 Feb 2015 18:57:02 GMT
If I make this request through curl on the command line (or request it in a browser) I get the report as expected
GET /jasperserver/rest_v2/reports/projects/i3app_suite/Resource/BulkShiftExport.csv?ACCOUNT_ID=2&START_DATETIME=2015-01-01&END_DATETIME=2015-01-30 HTTP/1.1
Authorization: Basic ***=
User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
Host: jasper.i3app:8080
Accept: */*
< HTTP/1.1 200 OK
< Server: Apache-Coyote/1.1
< Cache-Control: private
< Expires: Wed, 31 Dec 1969 17:00:00 MST
< P3P: CP="ALL"
< Set-Cookie: JSESSIONID=AF1BF885354AF3E352DD9E18FA044A4B; Path=/jasperserver/; HttpOnly
< Set-Cookie: userLocale=en_US;Expires=Fri, 13-Feb-2015 19:03:42 GMT;HttpOnly
< Content-Disposition: attachment; filename="BulkShiftExport.csv"
< output-final: true
< Content-Type: application/vnd.ms-excel
< Content-Length: 2113902
< Date: Thu, 12 Feb 2015 19:03:49 GMT
<
{ [data not shown]
The only difference I could see was Accept: */* in the curl request. I tried adding that header to the guzzle request and got the same result.
When making the request through the Guzzle client it appears to take the same amount of time (5-6 seconds) to receive the response, and it sets the Content-Length header, but the response body is empty. Why am I getting an empty response body though Guzzle which is using curl but not when using curl on the command line? Is there an option I need to set to make this work?
$request = $this->getGuzzleClient()->createRequest('GET');
$config = $this->getConfig();
$url = new Url(
$config['scheme'],
$config['host'],
$config['user'],
$config['pass'],
$config['port'],
$config['path'] . $reportPath . '.' . $format,
new QueryString($parameters)
);
$request->setUrl($url);
$response = $request->send();
...
public function getGuzzleClient()
{
if (!$this->restClient) {
$client = new GuzzleClient();
$this->setRestClient($client);
}
return $this->restClient;
}
In my case, I was using MockHandler mistakenly.
In Safari and Firefox, the response part of the code is not working (i.e. from PHP-->Ajax-->jQuery). The variables definitely make it to the PHP fine (tested using mail() ), so it's probably some small error on my behalf!
jQuery:
$.ajax({
type: "POST",
dataType: "json",
data: postData,
url: "http://www.kudiclub.com/test/login/?loginsub",
success: function(data){
if(data.success==false){
$("#login .error").html(data.reply).show();
$("#login-email").val(data.email);
$("#password").val("");
}else{
window.location = data.ref;
}
}
});
PHP:
$data = array('success' => false, 'reply' => 'Username and password did not match.', 'email' => $email);
print json_encode($data);
return;
Hoping somebody can help. Thanks, Nick.
SOLUTION
After much fiddling about, it turns out that it doesn't see a full URL as a relative path. Changing the url to '/test/login/?loginsub' did the trick.
The server says: Content-Type: text/html. Is not a json document (application/json).
http://www.kudiclub.com/test/login/?loginsub
GET /test/login/?loginsub HTTP/1.1
Host: www.kudiclub.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20100101 Firefox/13.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: es-es,es;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=060b8210adfb3c67ff792b9471c7fa1c
Cache-Control: max-age=0
HTTP/1.1 200 OK
Date: Thu, 02 Aug 2012 22:12:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.17
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=2, max=200
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html