I need to determine if a URL exits. I ran across this post.
How can I check if a URL exists via PHP?
$file = 'http://godaddy';
$file_headers = #get_headers($file);
if($file_headers[0] == 'HTTP/1.1 404 Not Found')
{
$exists = false;
}
else
{
$exists = true;
}
And implemented this code and when I tested it as a user who forgot to put in the .com it comes back with true. Which isn't correct because if you go to http://godaddy there is no website.
I tried validating the $file before hand but
filter_var($url, FILTER_VALIDATE_URL);
views http://godaddy as a valid url.
Any idea how to handle this sort of input?
var_dump($file_headers)= array(8) {
[0]=> string(15) "HTTP/1.1 200 OK"
[1]=> string(13) "Server: nginx"
[2]=> string(35) "Date: Mon, 29 Jun 2015 14:23:07 GMT"
[3]=> string(23) "Content-Type: text/html"
[4]=> string(17) "Connection: close"
[5]=> string(21) "Vary: Accept-Encoding"
[6]=> string(38) "Expires: Mon, 29 Jun 2015 14:23:06 GMT"
[7]=> string(23) "Cache-Control: no-cache"
}
Try without the # character. in this way you can see the direct error. I think the error masking cannot permit the correct reading of the response of the get_header
Related
I tried implementing a login via PayPal. Essentially, I just copied this example: How to Implement User Log-in with PayPal.
However, I am getting a 400 - Bad Request error for the second response (in the PayPal login include file). I cannot make much of the error, maybe someone knows whats up. The result:
object(Httpful\Response)#14 (13) {
["body"]=>
string(0) ""
["raw_body"]=>
string(0) ""
["headers"]=>
object(Httpful\Response\Headers)#15 (1) {
["headers":"Httpful\Response\Headers":private]=>
array(10) {
["date"]=>
string(29) "Sun, 23 Jul 2017 13:30:12 GMT"
["server"]=>
string(6) "Apache"
["paypal-debug-id"]=>
string(13) "bcd5c7f1d86b2"
["www-authenticate"]=>
string(255) "Bearer error_description="GET /v1/oauth2/token/userinfo?schema=openidconnect returned a response status of 400 Bad Request",correlation_id="1283a4f54dc2a",error="400",information_link="https://developer.paypal.com/docs/api/#errors",realm="UserInfoService""
["set-cookie"]=>
string(52) "X-PP-SILOVER=; Expires=Thu, 01 Jan 1970 00:00:01 GMT"
["vary"]=>
string(29) "Accept-Encoding,Authorization"
["connection"]=>
string(5) "close"
["http_x_pp_az_locator"]=>
string(11) "sandbox.slc"
["transfer-encoding"]=>
string(7) "chunked"
["content-type"]=>
string(29) "text/html; charset=ISO-8859-1"
}
}
["raw_headers"]=>
string(983) "HTTP/1.1 400 Bad Request
Date: Sun, 23 Jul 2017 13:30:12 GMT
Server: Apache
Paypal-Debug-Id: 1283a4f54dc2a
WWW-Authenticate: Bearer error_description="GET /v1/oauth2/token/userinfo?schema=openidconnect returned a response status of 400 Bad Request",correlation_id="1283a4f54dc2a",error="400",information_link="https://developer.paypal.com/docs/api/#errors",realm="UserInfoService"
Set-Cookie: Apache=10.72.108.11.1500816612903307; path=/; expires=Tue, 16-Jul-47 13:30:12 GMT
Vary: Accept-Encoding,Authorization
Connection: close
HTTP_X_PP_AZ_LOCATOR: sandbox.slc
Paypal-Debug-Id: bcd5c7f1d86b2
Set-Cookie: X-PP-SILOVER=name%3DSANDBOX3.API.1%26silo_version%3D1880%26app%3Didentityspartaweb_api%26TIME%3D3835982937%26HTTP_X_PP_AZ_LOCATOR%3Dsandbox.slc; Expires=Sun, 23 Jul 2017 14:00:12 GMT; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: X-PP-SILOVER=; Expires=Thu, 01 Jan 1970 00:00:01 GMT
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-1"
["request"]=>
object(Httpful\Request)#13 (22) {
["uri"]=>
string(80) "https://api.sandbox.paypal.com/v1/identity/openidconnect/userinfo/?schema=openid"
["method"]=>
string(3) "GET"
["headers"]=>
array(2) {
["Authorization"]=>
string(97) "A23AAHJ_6sujsm8hanJJWRQ8WqIjhbVvxqG-Z3g4Te3QzwkVdw6cLWgCeidGOgPng0kFx24dYlCoWhZNKlhTuDs-_knOqOERQ"
["Content-Length"]=>
int(0)
}
["raw_headers"]=>
string(493) "GET /v1/identity/openidconnect/userinfo/?schema=openid HTTP/1.1
Host: api.sandbox.paypal.com
Expect:
User-Agent: Httpful/0.2.19 (cURL/7.47.0 PHP/7.0.18-0ubuntu0.16.04.1 (Linux) nginx/1.10.0 Mozilla/5.0 (Windows NT 10.0; WOW64; rv:54.0) Gecko/20100101 Firefox/54.0)
Content-Type: application/json
Accept: */*; q=0.5, text/plain; q=0.8, text/html;level=3;
Authorization: A23AAHJ_6sujsm8hanJJWRQ8WqIjhbVvxqG-Z3g4Te3QzwkVdw6cLWgCeidGOgPng0kFx24dYlCoWhZNKlhTuDs-_knOqOERQ
Content-Length: 0
"
["strict_ssl"]=>
bool(false)
["content_type"]=>
string(16) "application/json"
["expected_type"]=>
NULL
["additional_curl_opts"]=>
array(0) {
}
["auto_parse"]=>
bool(true)
["serialize_payload_method"]=>
int(2)
["username"]=>
string(80) "[I removed this.]"
["password"]=>
string(80) "[I removed this.]"
["serialized_payload"]=>
NULL
["payload"]=>
NULL
["parse_callback"]=>
NULL
["error_callback"]=>
NULL
["send_callback"]=>
NULL
["follow_redirects"]=>
bool(false)
["max_redirects"]=>
int(25)
["payload_serializers"]=>
array(0) {
}
["_ch"]=>
resource(4) of type (Unknown)
["_debug"]=>
NULL
}
["code"]=>
int(400)
["content_type"]=>
string(9) "text/html"
["parent_type"]=>
string(9) "text/html"
["charset"]=>
string(10) "ISO-8859-1"
["meta_data"]=>
array(26) {
["url"]=>
string(80) "https://api.sandbox.paypal.com/v1/identity/openidconnect/userinfo/?schema=openid"
["content_type"]=>
string(29) "text/html; charset=ISO-8859-1"
["http_code"]=>
int(400)
["header_size"]=>
int(987)
["request_size"]=>
int(486)
["filetime"]=>
int(-1)
["ssl_verify_result"]=>
int(0)
["redirect_count"]=>
int(0)
["total_time"]=>
float(0.919636)
["namelookup_time"]=>
float(5.1E-5)
["connect_time"]=>
float(0.193331)
["pretransfer_time"]=>
float(0.708154)
["size_upload"]=>
float(0)
["size_download"]=>
float(0)
["speed_download"]=>
float(0)
["speed_upload"]=>
float(0)
["download_content_length"]=>
float(-1)
["upload_content_length"]=>
float(-1)
["starttransfer_time"]=>
float(0.919562)
["redirect_time"]=>
float(0)
["redirect_url"]=>
string(0) ""
["primary_ip"]=>
string(11) "173.0.82.78"
["certinfo"]=>
array(0) {
}
["primary_port"]=>
int(443)
["local_ip"]=>
string(9) "10.0.2.15"
["local_port"]=>
int(50988)
}
["is_mime_vendor_specific"]=>
bool(false)
["is_mime_personal"]=>
bool(false)
["parsers":"Httpful\Response":private]=>
NULL
}
My code: (ppinit.php just defines constants)
require_once(dirname(__FILE__)."/ppinit.php");
$requestData = '?grant_type=authorization_code&code='.getGet("code").'&return_url=http://localhost/paypal/return';
$response = \Httpful\Request::get("https://" . PAYPAL_API_URL . "/v1/identity/openidconnect/tokenservice" . $requestData)
->authenticateWith(PAYPAL_CLIENT_ID, PAYPAL_CLIENT_SECRET)
->send();
$jsonResponse = json_decode($response->raw_body);
if(isset($jsonResponse->error))
{
echo "Fehler bei der Anmeldung mit PayPal.";
echo "<br/>";
exit;
}
//that's the one that does not work.
$response = \Httpful\Request::get("https://" . PAYPAL_API_URL . "/v1/identity/openidconnect/userinfo/?schema=openid")
->contentType("application/json")
->authorization($jsonResponse->access_token)
->authenticateWith(PAYPAL_CLIENT_ID, PAYPAL_CLIENT_SECRET)
->send();
$ppuser = json_decode($response);
Generally speaking, a HTTP 400 Bad Request means that the sent request was malformed i.e. the data stream sent by the client to the server didn't follow the rules - read more.
It's hard to tell the exact source for such errors since there could be many, but I suggest you to wrap your HTTP calls in try/catch blocks and track down the cause of the error. So in this case you can replace your code with this:
try {
$response = \Httpful\Request::get("https://" . PAYPAL_API_URL . "/v1/identity/openidconnect/tokenservice" . $requestData)
->authenticateWith(PAYPAL_CLIENT_ID, PAYPAL_CLIENT_SECRET)
->send();
} catch (Exception $e) {
var_dump($e->getMessage());
exit(1);
}
If you are using namespace put a \ before Exception -> \Exception
Replacing the second request with the code below works.
try
{
$params = array('access_token' => $jsonResponse->access_token);
$userInfo = OpenIdUserinfo::getUserinfo($params, $paypal);
} catch (Exception $ex)
{
echo $ex;
exit(1);
}
I have this code:
$url = 'http://www.bgelectronics.eu/image/cache/data/cantell kabeli /14222-228x228.jpg';
$headers = get_headers($url, true);
var_dump($headers);
this returns error for missing file because of the whitespace in the file name:
array(6) { [0]=> string(34) "HTTP/1.1 500 Internal Server Error" ["Date"]=>
string(29) "Tue, 24 Mar 2015 16:11:18 GMT" ["Server"]=> string(6) "Apache"
["Content-Length"]=> string(3) "677" ["Connection"]=> string(5) "close"
["Content-Type"]=> string(29) "text/html; charset=iso-8859-1" } file size:677
Any suggestions please?
The problem is that file_exists() is for the file system, not http. You need to use server directory path. If it is on the same server as your code, it should rather look like:
if(file_exists('image/cache/data/cantell kabeli /202441-500x500.jpg')){
....
if on remote server, try:
if(file_get_contents('http://www.bgelectronics.eu/image/cache/data/cantell kabeli /202441-500x500.jpg')){
...
You can find many other ways here: How can one check to see if a remote file exists using PHP?
Try with this :
copy('http://www.bgelectronics.eu/image/cache/data/cantell kabeli /202441-500x500.jpg', '/image.jpeg');
if not, use file_get_contents
//Get the file
$content = file_get_contents("http://www.bgelectronics.eu/image/cache/data/cantell kabeli /202441-500x500.jpg");
//Store in the filesystem.
$fp = fopen("/location/to/save/image.jpg", "w");
fwrite($fp, $content);
fclose($fp);
I need only to authenticate Reddit users in to my website (in php). I'm using simple file_get_contents with stream_context_create for headers. I have already implemented Facebook user authentication.
For Reddit, I can successfully get an access_token. But when I GET request /api/v1/me with that access_token, I'm always getting HTTP/1.1 403 Forbidden.
Please Help.
This is the php code I'm using after I receive access_token
$opts = array('http' =>
array(
'method' => 'GET',
'header' => 'Authorization: bearer '.$result->access_token)
);
$context = stream_context_create($opts);
$result = file_get_contents('https://oauth.reddit.com/api/v1/me', false, $context);
Is there anything I'm missing..
Here is the var_dump
array(7) {
[0]=> string(22) "HTTP/1.1 403 Forbidden"
[1]=> string(24) "Server: cloudflare-nginx"
[2]=> string(35) "Date: Sun, 23 Nov 2014 06:XX:XX GMT"
[3]=> string(38) "Content-Type: text/html; charset=UTF-8"
[4]=> string(17) "Connection: close"
[5]=> string(139) "Set-Cookie: __cfduid=XXXXXXXX; expires=Mon, 23-Nov-15 06:XX:XX GMT; path=/; domain=.reddit.com; HttpOnly"
[6]=> string(28) "CF-RAY: XXXXXXXXX-XXX"
}
Per the reddit API rules, you need to send a unique User-Agent with your request.
Change your client's User-Agent string to something unique and descriptive, preferably referencing your reddit username.
Example: User-Agent: flairbot/1.0 by spladug
Many default User-Agents (like "Python/urllib" or "Java") are drastically limited to encourage unique and descriptive user-agent strings.
I'm trying to drop invalid URLs from my flash games site.
Here is my code:
function valid($URL1) {
$headers = get_headers($URL1);
$headers = substr($headers[8],38,5);//leaves only flash word
if ($headers=='flash')
return true; else return false;
}
$URL1='http://www.ht83.com/medias/media-16/ht83com-cde-house-decoration.swf';
if(valid($URL1))
echo 'SWF are word>' ;
that code return true even Content-Type are not swf .
by the way I already tried
$headers=$headers['Content-Type'];
but give me no result .
When I tried
var_dump($headers);
return this for valid SWF URL
http://www.ht83.com/medias/media-16/ht83com-spongebob-squarepants-gone-fishing.swf
array(9) { [0]=> string(15) "HTTP/1.1 200 OK" [1]=> string(35) "Date:
Sat, 01 Feb 2014 01:36:35 GMT" [2]=> string(144) "Server:
Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8m DAV/2
mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
mod_fcgid/2.3.5" [3]=> string(20) "Accept-Ranges: bytes" [4]=>
string(22) "Content-Length: 342771" [5]=> string(39) "Cache-Control:
max-age=62208000, public" [6]=> string(38) "Expires: Mon, 03 Mar 2014
01:36:35 GMT" [7]=> string(17) "Connection: close" [8]=> string(43)
"Content-Type: application/x-shockwave-flash" }
AND this for the Invalid SWF URL
http://www.ht83.com/medias/media-16/ht83com-cde-house-decoration.swf
array(12) { [0]=> string(15) "HTTP/1.1 200 OK" [1]=> string(35) "Date:
Sat, 01 Feb 2014 01:40:06 GMT" [2]=> string(144) "Server:
Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8m DAV/2
mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
mod_fcgid/2.3.5" [3]=> string(24) "X-Powered-By: PHP/5.2.16" [4]=>
string(38) "Expires: Thu, 19 Nov 1981 08:52:00 GMT" [5]=> string(77)
"Cache-Control: no-store, no-cache, must-revalidate, post-check=0,
pre-check=0" [6]=> string(16) "Pragma: no-cache" [7]=> string(62)
"Set-Cookie: PHPSESSID=359cf391842876b3cc79066dcc3a08f4; path=/" [8]=>
string(21) "Vary: Accept-Encoding" [9]=> string(52) "Cache-Control:
max-age=600, private, must-revalidate" [10]=> string(17) "Connection:
close" [11]=> string(23) "Content-Type: text/html" }
So their is any easier way to get correct Content-Type of URL .
Looks like I used get_headers() in numeric only . this code from Sean Johnson works
function valid($URL) {
$headers = get_headers($URL, 1);//
return stripos($headers['Content-Type'],"application/x-shockwave-flash")!==false;
}
According to the very first example of the get_headers documentation you need to use the second argument if you want to be able to access the header by it's key value.
Try this:
function valid($URL) {
$headers = get_headers($URL,1);
return stripos($headers['Content-Type'],"flash")!==false;
}
Your code is assuming that the Content-Type header will always be the 9th header returned by the server, which is not the case.
You will need to loop through the headers and examine only the correct one (that is, the one that starts with Content-Type:).
Here is my code;
<?php $url = #$_POST["ekleme"];
if (filter_var($url,FILTER_VALIDATE_URL) === FALSE) {
die("Geçersiz link!");
}
$cparams = array('http'=>array('method'=>"GET",'Accept'=>'image/jpg,image/gif,image/png'));
$context = stream_context_create($cparams);
$fp = #fopen($url, 'rb', false, $context);
if (!$fp) die("Problem with url");
$meta = stream_get_meta_data($fp);
var_dump($meta);
I am giving it an url for an pdf file. I expect it to give some kind of http error. But this is what I got;
array(10) {
["wrapper_data"]=>
array(9) {
[0]=>
string(15) "HTTP/1.1 200 OK"
[1]=>
string(35) "Date: Wed, 02 Jan 2013 14:16:02 GMT"
[2]=>
string(14) "Server: Apache"
[3]=>
string(44) "Last-Modified: Wed, 19 Dec 2012 13:53:09 GMT"
[4]=>
string(34) "ETag: "1c80e53-f5a7-4d134ef3b7b40""
[5]=>
string(20) "Accept-Ranges: bytes"
[6]=>
string(21) "Content-Length: 62887"
[7]=>
string(29) "Content-Type: application/pdf"
[8]=>
string(17) "Connection: close"
}
It continues to show other unrelated things. Did I get how Accept header works wrong, or am I doing something wrong? Is there a way to ask a server only send data if content type is something spesific?
The Accept header lets a client tell the server what types of data it can handle.
The server may ignore it completely (this is normal if a resource only exists in one format) or it may use it to pick the format best suited to the client (it might respond with a 406 Not Acceptable error if it doesn't have the data in a suitable format).
You are experiencing the former behaviour. The URL points to a PDF file. The server isn't set up to decide between PDF and other formats, so it doesn't pay attention to the Accept header and it returns the PDF.
Is there a way to ask a server only send data if content type is something spesific?
The accept header is as close as you can get.
If you want to avoid downloading large files that you might not be able to process, make a HEAD request and check the Content-Type of the response before you make a GET request.
When receiving a file, you are responsible for checking the content type. The accept header is just for telling the server which content type you prefer, not which one you demand.
Here is an example on how to check the returned content type.
$meta = stream_get_meta_data($fp);
$allowed = array("image/jpg", "image/gif", "image/png");
foreach($meta['wrapper_data'] as $header) {
if(preg_match('/content-type: (.*)/i', $header, $matches)) {
if(!in_array(strtolower($matches[1], $allowed)) {
die("Invalid content type");
}
}
}