This is my code. Am trying get information from a server.
But I got stuck in the middle. Please help me.
Am getting error such as
[errors] => Array ( [0] => error:14094410:SSL
routines:SSL3_READ_BYTES:sslv3 alert handshake failure ) )
Below is the code that I have written please check and help me.
Will appreciate any help.
public function get_quotes(){
$reservation_obj->source = "test";
$reservation_obj->location_code = "test";
$reservation_obj->start_date = "2010-06-01 19:00";
$reservation_obj->end_date = "2010-06-04 13:50";
$reservation_obj->action = "get_quotes";
$json = json_encode($reservation_obj);
$curl_opts = array(
CURLOPT_HEADER => false,
CURLOPT_HTTPHEADER => array('Content-Type: text/json', 'Content-length: '.strlen($json)),
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => $json,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_URL => "https://myserver/test.php",
CURLOPT_VERBOSE => false,
CURLOPT_SSLCERT => getcwd()."/newfile.crt.pem",
CURLOPT_SSLCERTTYPE => "PEM",
CURLOPT_SSLKEY=> getcwd()."/newfile.key.pem",
CURLOPT_SSLKEYTYPE => "PEM",
CURLOPT_SSL_VERIFYHOST => false,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSLVERSION => 3
);
$curl = curl_init();
curl_setopt_array($curl, $curl_opts);
if(!$response = curl_exec($curl)){
$response->errors[] = curl_error($curl);
}
curl_close($curl);
if(count($response ->errors)){
print_r($response);
}else{
print_r($response);
}
}
comment out the CURLOPT_SSLVERSION => 3 line and try again.
They say the SSL v3 is vulnerable (idk much about that, sorry), so many of the servers do not allow it using the v3.
Here is an article if you are interested. https://access.redhat.com/articles/1232123
Please let me know the result after you try it. thanks.
Related
I am trying to submit a php response to the following PlayFab API: https://learn.microsoft.com/en-us/rest/api/playfab/admin/account-management/reset-password?view=playfab-rest
This is my first ever php script and I have been working with this for quite some time and being able to run my script without errors but it seems like I have no payload.
The echo in the code:
echo ' The resp: ' .$resp;
...response from the above echo is:
The resp: string(0) ""
Unfortunately I really do not know what is wrong and how to fix it as there is not error messages. I have tried to echo $options array to control if there is a payload but not succeeded. I realise I need help and would really appreciate that.
$url = "https://titleId.playfabapi.com/Admin/ResetPassword/json/";
$data = array('Password' => $pw1, 'Token' => $params['token']);
$options = array(
'http' => array(
'method' => 'POST',
'content' => http_build_query($data),
'header' => 'X-SecretKey: xxxxxxxxxxxx\r\n',
'ignore_errors' => true
)
);
$context = stream_context_create($options);
$resp = file_get_contents($url, false, $context);
echo ' The resp: ' .$resp;
var_dump($resp);
Ok here is the solution. I was able to get this to work in Postman and when I test the code it works.
Here is the snippet that work:
echo '>>>>>>>>>> TEST <<<<<<<<<<';
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://99999.playfabapi.com/Admin/ResetPassword?Password=pekapeka&Token=1B5A9C01EFD5DB69',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_HTTPHEADER => array(
'X-SecretKey: xxxxxxx',
'Content-Type: application/json\\'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
print_r($response);
echo '<br>========== END ==========';
I'm running PHP 5.6.36 running on windows server 12R2 under IIS 8.5
Whenever I call this code I get an "error code: 6" echoed and an empty $responseText, although I'm able to reach this address with the browser.
I've tried toggling the CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST to true settings and using https:// addresses, but to no avail. Don't get why I can reach these addresses through the browser, but not from the command line.
function genericGet($url,$userName,$passWord){
//overriding $url for the purposes of test
$url = "http://www.google.com";
$reqDefaults = array(
CURLOPT_URL => $url,
CURLOPT_POST => false,
CURLOPT_HEADER => false,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYHOST => false,
CURLOPT_HTTPAUTH => CURLAUTH_BASIC,
CURLOPT_USERNAME => $userName,
CURLOPT_PASSWORD => $passWord
);
$curlReq = curl_init();
$responseText = curl_exec($curlReq);
echo "error code:".curl_errno($curlReq)."\r\n";
curl_close($curlReq);
return $responseText;
}
Ok so I finally worked this out. There was an application proxy running on the server. I checked the internet settings in Firefox and found the proxy address then added the CURLOPT_PROXY setting to my setopt array and it worked. Final code looked like this:
function genericGet($url,$userName,$passWord){
//overriding $url for the purposes of test
$url = "http://www.google.com";
$reqDefaults = array(
CURLOPT_URL => $url,
CURLOPT_POST => false,
CURLOPT_HEADER => false,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYHOST => false,
CURLOPT_HTTPAUTH => CURLAUTH_BASIC,
CURLOPT_USERNAME => $userName,
CURLOPT_PASSWORD => $passWord,
CURLOPT_PROXY => 'proxyaddress:8080'
);
$curlReq = curl_init();
$responseText = curl_exec($curlReq);
echo "error code:".curl_errno($curlReq)."\r\n";
curl_close($curlReq);
return $responseText;
}
I appreciate this has been asked a number of times but after looking through the answers I'm still getting the following error:
Curl error: Peer certificate cannot be authenticated with known CA certificates
I have the below code, which works on a non-https version of the site (different server), however, it won't work on the live site running https. My assumption is that it's trying to verify against the SSL certificate on the site, rather than the .pem file specified in $cert_path.
I'll be honest, I'm a bit confused between SSLCERT and the CAINFO however I have added the following to my php.ini file and checked to make sure they're set correctly, which they are.
// php.ini
curl.cainfo = "/path/to/.pem";
openssl.cafile = "/path/to/.pem";
As I said before, the following works on the stage version of the site, just not the live one. Any help would be greatly appreciated.
// php curl snippet
$cert_path = '/path/to/.pem';
$options = array(
CURLOPT_SSL_VERIFYHOST => true,
CURLOPT_SSL_VERIFYPEER => true,
CURLOPT_SSLCERT => $cert_path,
CURLOPT_SSLCERTPASSWD => $password,
CURLOPT_CAINFO => $cert_path,
CURLOPT_HTTPAUTH => CURLAUTH_ANY,
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => $xml_post_string,
CURLOPT_HTTPHEADER => $headers
);
curl_setopt_array( $ch, $options );
If I set VERIFYPEER to false it does connect but my assumption is that this wouldn't be passing the data securely?
Thank you.
I've managed to get this working however there are a few things to note which may help someone in the future.
The site was hosted with 123reg and I was informed by their support that third-party SSL certificates are not accepted. Although I was told this ultimately my code below did work.
I regenerated my .pem file so this too could have worked in my favour.
My final code as as follows: I also stripped out the php.ini code entirely.
// These two variables will differ depending on your payload for Curl
$xml_post_string = '...';
$headers = array();
// This will differ based on your endpoint
$url = 'endpoint.url';
$password = 'password';
$cert_path = '/path/to/.pem';
$ch = curl_init();
$options = array(
CURLOPT_SSL_VERIFYHOST => 2,
CURLOPT_SSL_VERIFYPEER => true,
CURLOPT_SSLCERT => $cert_path,
CURLOPT_SSLCERTTYPE => "PEM",
CURLOPT_SSLCERTPASSWD => $password,
CURLOPT_HTTPAUTH => CURLAUTH_ANY,
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => $xml_post_string,
CURLOPT_HTTPHEADER => $headers
);
curl_setopt_array( $ch, $options );
$response = curl_exec($ch);
curl_close($ch);
I am trying to charge the customer using eway payment method. I am implementing the procedure through curl and here is the code to the function.
public function testing_direct() {
$url = 'https://api.sandbox.ewaypayments.com/DirectPayment.json'; // PROD
$postData = array(
'Method' => 'TokenPayment',
'TransactionType' => 'Recurring',
'TokenCustomerID' => '918549937032',
'TotalAmount' => '1995',
'InvoiceNumber' => '123',
'InvoiceDescription' => 'testing'
);
$ch = curl_init($url);
$api_authentication = base64_encode('####;****');
curl_setopt_array($ch, array(
CURLOPT_POST => TRUE,
CURLOPT_RETURNTRANSFER => TRUE,
CURLOPT_HTTPHEADER => array(
'Content-Type: application/json','Authorization:####'
),
CURLOPT_POSTFIELDS => json_encode($postData)
));
$response = curl_exec($ch);
// Check for errors
if ($response === FALSE) {
die(curl_error($ch));
}
$responseData = json_decode($response, TRUE);
print_r($responseData);
die;
}
This code doesnot print anything at all...Nothing in the error log either...any ideas that why it is not working??
Thanks
There are a few things that need to be fix to get that script working, particularly around the authentication which is the most immediate cause of a problem.
There needs to be a check of the HTTP status of the request since curl_exec only returns FALSE if there is an error - e.g. a 404 (page not found) or 401 (unauthorized) is still treated as a successful request.
// Check for errors
if ($response === FALSE) {
die(curl_error($ch));
}
$code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
if ($code != 200) {
die('HTTP error: '.$code);
}
The actual authentication appears to suffer from 2 main issues: there is a semicolon instead of a colon between the username (API key) and password, and the Basic part of the authentication is missing:
$api_authentication = base64_encode('####:****');
CURLOPT_HTTPHEADER => array(
'Content-Type: application/json','Authorization: Basic '.$api_authentication
),
This could be simplified by just using CURLOPT_USERPWD:
CURLOPT_USERPWD => '####:****',
Apart from that, note that the $postData array needs some extra nesting: TokenCustomerID should be a child of Customer and TotalAmount and the Invoice fields should be children of Payment:
$postData = array(
'Method' => 'TokenPayment',
'TransactionType' => 'Recurring',
'Customer' => array(
'TokenCustomerID' => '911058757297',
),
'Payment' => array(
'TotalAmount' => '1900',
'InvoiceNumber' => '123',
'InvoiceDescription' => 'testing',
),
);
Check out the example in the documentation for a complete example request.
Good luck!
I'm new to php and I'm trying to create a simple example for calling our company api. I got NetBeans IDE 7.1.2 to work last night (yay) but I cannot seem to get the following code to show me anything. I can run it in the debugger. I can step through it. I even get to the end without errors, but the curl_exec returns just 0. I have added the CURLOPT_PROXYPORT so that I can get fiddler to see the traffic, but fiddler sees nothing. I am also trying to run this as a php command line (if that has any bearing).
I know I'm doing something stupid... but that's the problem with stupid.
<?php
$url = 'https://target.boomerang.com/api/JobCreate';
$authToken = 'phptest';
$data = array(
"emailHTML" => "Howdy",
"jobKind" => "email",
"senderEmail" => "bob#boomerang.com",
"subject" => "My howdy email"
);
$data_string = json_encode($data);
$headers = array(
'Content-type: application/json',
'auth_token: ' . $authToken,
'Accept: application/json',
'Expect:'
);
$ch = curl_init();
$args = array(
CURLOPT_URL => $url,
CURLOPT_FOLLOWLOCATION => TRUE,
CURLOPT_RETURNTRANSFER => TRUE,
CURLOPT_POST => TRUE,
CURLOPT_POSTFIELDS => $data_string,
CURLOPT_HTTPHEADER => $headers,
CURLOPT_PROXYPORT => "localhost:8888"
);
curl_setopt_array($ch, $args);
$res = curl_exec($ch);
$res_data = json_decode($res, true);
print($res_data);
?>
Thanks for any help.
So the problem was caused by SSL certificate mismatch? I suppose it can be solved by adding this...
CURLOPT_SSL_VERIFYHOST => 0,
CURLOPT_SSL_VERIFYPEER => 0,
...into $args array.