I am trying to design an Application which can create folder and retrieve that folder from box.com using PHP, I have tried lots of APIs but fail.
Also I want to create the folder with automatic authentication.
I have tried https://developers.box.com/docs/ but can't do automatic authentication.
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://api.box.com/oauth2/token");
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_ENCODING,"Content-Type:application/x-www-form-urlencoded");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST,"POST");
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded", 'Accept: application/json'));
curl_setopt($ch, CURLOPT_POSTFIELDS,array('client_id=MY_CLIENT_ID&client_secret=MY_CLIENT_SECRET_KEY&grant_type=urn:box:oauth2:grant-type:provision&username=MY_EMAIL'));
$result = curl_exec($ch);
curl_close($ch);
print_r($result);
here i use my client id, secret key and my email id which are register in box.com
IT Gives Some Kind of error:
{"error":"invalid_client","error_description":"The client credentials
are invalid"}
I would recommend using this BoxPHPAPI. I have used it on a big enterprise app. You have to make sure first that you have a app created at developers.box.com.
Once that is done you can pass all that info to the BoxPHPAPI Class and it should handle your login and authentication.
If you plan on doing many API calls at once or rapid succession I recommended you use curl pooling. It speeds it up quite a bit. From about 4 seconds to under 1 (for 5+ API calls). You can see an example of the pooling in this fork of the BoxPHPAPI.
I hope this helps!
Related
I'm trying to record data from Philippine Stock Exchange website. I have found that they have an endpoint which is http://www.pse.com.ph/stockMarket/companyInfo.html?method=fetchHeaderData&company=29&security=146
I can clearly access it using any browsers except when I go into incognito mode where I'm being shown with a content saying Access Denied and it never stops loading. When I try to access it using PHP I'm quite sure that what is happening is the same as the later.
I'm trying to access it using PHP to no avail, here are the attempts I tried:
file_get_contents
cURL with user agent
cURL with temporary cookies
Tried all in localhost and in live server.
Code:
$c = tempnam ("/tmp", "CURLCOOKIE");
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://www.pse.com.ph/stockMarket/companyInfo.html");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_COOKIESESSION, true );
curl_setopt($ch, CURLOPT_COOKIEJAR, $c);
curl_setopt($ch, CURLOPT_COOKIEFILE, $c);
curl_setopt($ch, CURLOPT_POSTFIELDS, "method=fetchHeaderData&ajax=true&company=29&security=146");
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
var_dump(curl_exec($ch));
curl_close ($ch);
I don't have any clear idea on why and how does this happen. Can someone explain to me why it happens and what are the possible solutions (PHP only if possible)
I have reviewed other developer's approach on this API (They all implemented it using Java) and it is just a simple POST request and it is done. I have not verified though if their code is still working. I can't post links to their repository (limited).
SOLUTIONS:
Problem 1. Can't access API
$posts = array(
"method"=>"fetchHeaderData",
"ajax"=>"true",
"company"=>29,
"security"=>146
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://www.pse.com.ph/stockMarket/companyInfo.html");
curl_setopt($ch, CURLOPT_POSTFIELDS,$posts);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
var_dump(curl_exec($ch));
curl_close ($ch);
It seems I have two different problems. I can now access and use the API using the code above. No need for other options. Turning the post data into array fixed the problem.
Problem 2. Access Denied
On the problem about the Access Denied, it is cookie related. Answered below by #Wayne.
Unfortunately, I can't accept two answers.
Try this solution. convert your post data in array then pass this array in CURLOPT_POSTFIELDS
$posts = array(
"method"=>"fetchHeaderData",
"ajax"=>"true",
"company"=>29,
"security"=>146
);
$c = tempnam ("/tmp", "CURLCOOKIE");
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://www.pse.com.ph/stockMarket/companyInfo.html");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_COOKIESESSION, true );
curl_setopt($ch, CURLOPT_COOKIEJAR, $c);
curl_setopt($ch, CURLOPT_COOKIEFILE, $c);
curl_setopt($ch, CURLOPT_POSTFIELDS,$posts);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
var_dump(curl_exec($ch));
curl_close ($ch);
It is because they have their server setup to stop you from doing that. They are securing the data with a cookie.
Cookie details
When you visit the site http://www.pse.com.ph/stockMarket/companyInfo.html it gives you a cookie as it knows you are a human visitor.
In your browser tools enter
document.cookie
to see your cookie. It will provide you an individual the data because you have the cookie.
Remove the cookie
document.cookie = "JSESSIONID=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/;";
and visit
http://www.pse.com.ph/stockMarket/companyInfo.html?method=fetchHeaderData&company=29&security=146
without going to get a cookie http://www.pse.com.ph/stockMarket/companyInfo.html first you will get the 403 (Forbidden)
Also they do not have jsonp with a callback so an ajax request will violate the cross domain security. Requests for the JSON must be from pages that originate from their domain or an approved domain.
Why would they do that.
Likely their licence to the information does not allow them to give it to other websites, or they need/want to get paid to provide the information to other websites. Or they have terms of use for the information.
Where can you get the data ... data wants to be free
I don't see anyplace on their site http://www.pse.com.ph where they have API information and how to request permission to access it.
Programable web has been the number one source for finding APIs, they have 96 stock APIs listed ... Obviously I can not just copy their data and past it here, but one of these API may work for you?
Is it possible to make phone call using PHP and voice modem?
PHP will run on local server (XAMPP).
I have found some solutions for asp.net (using 3rd party api and software which is fine IMO), but PHP is required for this project.
You said a 3rd Party is okay, so this might be interesting for you.
Please note that you will need to signup for an account with Sonetel in order to use the api. While this is free, making phone calls cost few cents.
Here's an example code to use their api. The api is initiating two phone calls, one to you and one to the person you are calling. It will first ring the number provided first and if this call is picked up, it will ring the second number and then connects both together.
$url='https://call.sonetel.com';
$data = array('email' => 'abc#xyz.com','password' => 'XXXXXXXXX','call1' => 'XXXXXXXXXX','call2' => 'XXXXXXXXXXXXX');
$data_to_send = http_build_query($data);
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,$data_to_send);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
$result = curl_exec($ch);
I'm a bit confused about API vs WebService. But anyway, which one will you follow to.. lets say to provide simple string or xml or json data return.
Currently i have implemented something like:
Server:
echo json_encode("hello, ".$_POST["q"]);
Client:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $server_url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, array('q' => 'world!'));
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER , 1);
$response = curl_exec($ch);
curl_close($ch);
Normally as the standard way, how do we even call/name it? Shall i name it API? Or WebService?
And in normal way (whenever we need to provide some data out of Server, like above) which one do we implement?
I've got NTLM (Active Directory) based service, and I need to write a PHP application. Normally, users are logging in to website with Activre Directory credentials, and it's ok.
But what I want to do, is to let them type in their credentials to PHP-written site, which in next step will use cURL to authenticate users to that Active Directory based site where they normally log in.
And this part is hard. I need then to keep session of users that through PHP cURL script authenticated to Active Directory based site in order to use them again later
(CRON querying site to determine that it has changed and automatically do some operations when this happens, which normally user has do manually).
In order to NOT store their credentials to authenticate again when this change happens, I somehow need to store NTLM session in PHP cURL site to every user that authenticated to
that site through this PHP cURL site.
My question is: Is that even possible?
Thanks in advance.
#Willem Mulder
The code you've posted actually does cookie-storing, but that is not my point becouse I've already done that (sorry for not writing it before). What I got so far is:
$cookie_file_path = dirname(__FILE__) . '/cookies.txt';
$ch = curl_init();
//==========================================================================
curl_setopt($ch, CURLOPT_USERPWD, $username. ':' . $password);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
curl_setopt($ch, CURLOPT_FAILONERROR, 0);
curl_setopt($ch, CURLOPT_MAXREDIRS, 100);
//==========================================================================
$ret = curl_exec($ch);
By using options CURLOPT_COOKIEFILE and CURLOPT_COOKIEJAR, cURL does the cookie storing in local file "cookies.txt". The problem is, that when I comment CURLOPT_USERPWD option (after authenticating and storing cookie, so theoretically I have session), I cannot authorize to website. Perhaps it reinitializes NTLM Handshake authorisation and is expecting username and password, which I don't want to store.
I want to store session info only, to provide service this session info and omit second authentication, but cURL seems to not take this data from cookie file, and REWRITES it with not relevant data send to me from service as response to NOT AUTHRORISED access request.
Well, yes you could
$ch = curl_init('http://www.google.com/');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
// Get headers too with this line
curl_setopt($ch, CURLOPT_HEADER, 1);
$result = curl_exec($ch);
// Get cookie
preg_match('/^Set-Cookie:\s*([^;]*)/mi', $result, $m);
var_dump(parse_url($m[1]));
// And then of course store it somewhere :-)
As seen here how to get the cookies from a php curl into a variable
I've spent hours troubleshooting this utilizing PHP documentation, the API documentation, as well as other posts on stackoverflow, and am finally asking for help.
I am attempting to write an interface utilizing the new pbSmartConnections API: API Documentation
I have been having challenges with both fsockopen and cURL, however I seem to be able to get farther in the process utilizing cURL, so that's what I'm presenting here. Here's the challenge:
Per my understanding of the documentation, I should be passing the ApiKey as part of the header. When I do this, regardless of the different ways I've attempted to structure the code, I ALWAYS receive the following response:
{
"ErrorCode": 10,
"Message": "Unauthorized"
}
I'm hoping a fellow SO member can see something in my code below (please offer any criticisms and/or suggestions, too!):
(NOTE: The API key below IS valid. It's connected to an account with nothing of value in it, so feel free to use it in your testing)
<?php
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://rest.pbsyscontrol.com/v1/Ping");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type"=>"application/json", "Accept"=>"application/json", "ApiKey"=>"41460b3f-8f35-4878-b78d-49ca7f29c071"));
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_HTTPGET, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
$response = curl_exec($ch);
$http_status = curl_getinfo($ch, CURLINFO_HTTP_CODE);
?>
In case you are wondering, while I would like this to work as part of the header, I HAVE tried passing it as a part of the URL as well:
<?php
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://rest.pbsyscontrol.com/v1/Ping?ApiKey=41460b3f-8f35-4878-b78d-49ca7f29c071");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type"=>"application/json", "Accept"=>"application/json", "ApiKey"=>"41460b3f-8f35-4878-b78d-49ca7f29c071"));
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_HTTPGET, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
$response = curl_exec($ch);
$http_status = curl_getinfo($ch, CURLINFO_HTTP_CODE);
?>
The PHP documentation says:
An array of HTTP header fields to set, in the format array('Content-type: text/plain', 'Content-length: 100')
You thus want to use the following line instead of the original:
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/json", "Accept: application/json", "ApiKey: 41460b3f-8f35-4878-b78d-49ca7f29c071"));
This does not however, solve the problem that the ApiKey probably isn't valid.
I finally heard back from support, and what they indicated was that I was using the incorrect url (although at this time, it IS the url in their API Documentation)
The URL in the API documentation was their STAGING, not PRODUCTION. Amazing what switching the URL to the correct one that they sent in their reply - rest.api.pbsmartconnections.com does for the connection. That one change and everything began working properly.
THANK YOU all who took a look, and to #mvdnes for the recommendations on how to set headers.