I'm using a php client written by a company for accessing their web service.
The client is very comprehensive and includes classes that get populated from XML responses that the web service endpoint generates.
when I run it on a proper web server, it works. But, when I use it locally with wamp it's throwing an error that no data was received.
I've already checked all around StackOverflow, I usually find answers to my questions but this one has drived me crazy!
here is the httpPost function (written as part of the php client they provide):
private function _httpPost(array $parameters)
{
$query = $this->_getParametersAsString($parameters);
$url = parse_url ($this->_config['ServiceURL']);
$scheme = '';
switch ($url['scheme']) {
case 'https':
$scheme = 'https://';
$port = $port === null ? 443 : $port;
break;
default:
$scheme = '';
$port = $port === null ? 80 : $port;
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $scheme . $url['host'] . $url['path']);
curl_setopt($ch, CURLOPT_PORT, $port);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_USERAGENT, $this->_config['UserAgent']);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $query);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
if ($_config['ProxyHost'] != null && $_config['ProxyPort'] != -1)
{
curl_setopt($ch, CURLOPT_PROXY, $_config['ProxyHost'] . ':' . $_config['ProxyPort']);
}
$response = "";
$response = curl_exec($ch);
$response = str_replace("HTTP/1.1 100 Continue\r\n\r\n", "", $response);
curl_close($ch);
list($other, $responseBody) = explode("\r\n\r\n", $response, 2);
$other = preg_split("/\r\n|\n|\r/", $other);
list($protocol, $code, $text) = explode(' ', trim(array_shift($other)), 3);
return array ('Status' => (int)$code, 'ResponseBody' => $responseBody);
}
By the way, my curl extension is active and I even made a simple test to fetch google.com with success.
My guess is that it's related to the VERIFYPEER option you have on, usually curl on wamp isn't configured by default to support it (CA certificate bundle), So by default it'll reject all SSL certificates as unverifiable.
try to replace it with (only when testing on your localhost, you want this to be ON when using a server):
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
good luck.
EDIT:
This is taken from curl's "Details on Server SSL Certificates":
If the remote server uses a self-signed certificate, if you don't
install a CA cert bundle, if the server uses a certificate signed by a
CA that isn't included in the bundle you use or if the remote host is
an impostor impersonating your favorite site, and you want to transfer
files from this server, do one of the following:
1) Tell libcurl to not verify the peer. With libcurl you disable this
with curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE); With
the curl command line tool, you disable this with -k/--insecure.
2) Get a CA certificate that can verify the remote server and use the proper option to point out this CA cert for verification when
connecting. For libcurl hackers: curl_easy_setopt(curl,
CURLOPT_CAPATH, capath); With the curl command line tool: --cacert
[file]
Shay, you are right, the issues is because CA cert bundle is not available in Windows distribution of WAMP.
To fix the issue without disabling ssl verification (which is not secure and not recommended for production)
download CA bundle. For example from official crul site: http://curl.haxx.se/ca/cacert.pem save to c:/wamp
open php.ini inside your apache. in my case: c:\wamp\bin\apache\apache2.4.9\bin\php.ini
set curl.cainfo="c:/wamp/cacert.pem"
restart Apache
Done)
Related
I am running PHP Wampserver 3.2.6 under Windows 11 with Avast Antirus Free edition.
And PHP Version 8.1.0.
Now I have setup a simple curl script to fetch data from a remote host. But this returns nothing.
When I put the entire thing online on a server it works just fine. But from a local machine it doesn't work.
I have tried running the entire thing under postman. And there it works just fine.
private function __curl($url, $decode = true){
// * create curl resource
$ch = curl_init();
// * set url
curl_setopt($ch, CURLOPT_URL, $this->api_url.$url);
// * return the transfer as a string
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
// * set headers
$headers = array('X-IM-API-KEY: '.$this->api_key);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_HEADER, true);
// * if any postdata set
if(!empty($this->postdata)){
// * initialize post
$this->__post();
// * set postdata
curl_setopt($ch, CURLOPT_POST, count($this->postdata));
curl_setopt($ch, CURLOPT_POSTFIELDS, $this->postfieldstr);
}
// $output contains the output string
$output = curl_exec($ch);
// close curl resource to free up system resources
curl_close($ch);
// * if no decode
if(!$decode) return $output;
// * return result
return json_decode($output, true);
}
When I just use file_get_contents it works fine.
file_get_contents($this->api_url.$url);
The result :
{"success":false,"error":true,"message":"fields
missing","data":{"email":"not set","password":"not
set","app_version":"1.1"}}
Of course it will give an error because it expects POST parameters with the username and password.
I have the following configuration visible under PHPinfo :
I hope someone can tell me what my mistake would be.
EDIT
When I add :
curl_error($ch);
I get the following error :
SSL certificate problem: unable to get local issuer certificate
But when viewing the address in FireFox I get no error at all.
(letscrypt)
EDIT : Answer added by : #codenathan
Adding the following code to disable host and peer verification does the trick actually.
I think in combination with the local firewall the letscrypt certificate simply didn't get through in the way it was supposed to.
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
Since I need this for developement purposes this actually does the trick for me.
curl_setopt($this->ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($this->ch, CURLOPT_SSL_VERIFYPEER, 0);
However it is not ideal to switch this off : https://www.saotn.org/dont-turn-off-curlopt_ssl_verifypeer-fix-php-configuration/
I'm trying to connect my WordPress website to my jobs Jenkins via the Jenkins API. Even if I saw a lot of posts and tried them I still don't manage to make my Jenkins API working.
So I have a Jenkins running in http://localhost:9090 with the job Test.
I configured the HTTP proxy of Jenkins at proxy:8080 with my username and password. When I validate the proxy in Jenkins, it's a success.
Jenkins tells me as well that my token was never used.
Now about my API, I have:
function getLastBuildStatus($url, $jobName, $username, $api_token){
$password = 'xxxxx';
$ch = initCurl($username, $api_token); //see function downside
curl_setopt($ch, CURLOPT_URL, $url . '/job/' . $jobName . '/lastBuild/api/json');
curl_setopt($ch, CURLOPT_PROXY, 'http://proxy:8080');
curl_setopt($ch, CURLOPT_USERPWD, $username . ":" . $password);
$result = executeCurl($ch);
$json = json_decode($result);
var_dump ($result);
if($json){
return $json->result;
}
else {
return -1;
}
function initCurl($username, $api_token){
$ch = curl_init();
curl_setopt ( $ch, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt ( $ch, CURLOPT_SSL_VERIFYHOST, false );
curl_setopt($ch, CURLOPT_USERPWD, $username . ":" . $api_token);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
return $ch;
}
With or without proxy I have an Access Denied error. Am I missing something?
Edit 1
I've add in the httpd.conf rules for the Jenkins proxy reverse. Still the same error but probably something to look deeper..
ProxyPass / http://localhost:9090/ nocanon
ProxyPassReverse / http://localhost:9090/
ProxyRequests Off
AllowEncodedSlashes NoDecode
<Proxy http://localhost:9090/*>
Order deny,allow
Allow from all
</Proxy>
Edit 2
OK! So I could make it work via command line. When I enter that command, I can access the data:
curl -v --noproxy localhost, http://localhost:9090/job/Test/api/json --user username:token
I don't get why because when I put curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, false); in my PHP file, I still get the 403 error.
However, when I put curl_setopt($ch, CURLOPT_PROXY, '');, I get a Error:Failed to connect to localhost port 9090: Connection refused
I have a Flask app, with a basic function, where I have exposed app.run() to a public ip, so that it is accessible from an external server;[ using Flask - Externally Visible Dev Server ]
#app.route('/')
def hello_world():
return 'Hello World!'
if __name__ == '__main__':
app.run(host = '0.0.0.0', port = 8080)
The curl request I have written in my php code is:
$signed_url = "http://my-ip-address:8080/";
$ch = curl_init($signed_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, 0);
$data= curl_exec($ch);
echo $data;
I can do a curl request :
curl http://my-ip-address:8080/
from command line. However, when the curl request is embedded within my PHP code, it gives me an error "Connection refused".
Kindly help!
If the PHP code is on another server, but your command line cURL request is on the same server, then you aren't comparing apples to apples.
Two things that might be wrong:
Your Flask server has a firewall that doesn't allow external connections.
You are connecting using an private network IP address rather than a public IP address.
For now your PHP code looks correct, so I would narrow down the problem a little bit. Ignore that PHP code and try to connect using cURL on the command line from the same server you are running your PHP code on.
try to set your port with curl options like this:
curl_setopt($ch, CURLOPT_PORT, 8080);
so your signed url will be:
$signed_url = "http://my-ip-address";
I use this code for my work and worked :)
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://localhost:5000/spmi/api/1');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "{\"teks_analysis\":\"tidak ada skor nol\"}");
curl_setopt($ch, CURLOPT_POST, 1);
$headers = array();
$headers[] = 'Content-Type: application/json';
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$result = curl_exec($ch);
if (curl_errno($ch)) {
echo 'Error:' . curl_error($ch);
}
curl_close($ch);
the key is CURLOPT_POSTFIELDS
Hi I'm doing a website right now. Both of these files is in one server and domain and I'm using cloudflare to boost the loading. I'm using Full SSL option on cloudflare because I bought my own SSL Geotrust on my server. I already upgraded my curl on the server to 7.41.0.
One php file consist of the function
Function File:
<?php
function get_content($session){
$endpoint = "https://sample.ph/php/resource.php";
// Use one of the parameter configurations listed at the top of the post
$params = array(
"yel" => $session
);
$curl = curl_init();
curl_setopt($curl,CURLOPT_URL,$endpoint);
$strCookie = 'PHPSESSID='.$_COOKIE['PHPSESSID'];
curl_setopt($curl, CURLOPT_COOKIE, $strCookie);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_VERBOSE, true);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);
$postData = "";
//This is needed to properly form post the credentials object
foreach($params as $k => $v)
{
$postData .= $k . '='.urlencode($v).'&';
}
$postData = rtrim($postData, '&');
curl_setopt($curl, CURLOPT_POSTFIELDS, $postData);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 60);
curl_setopt($curl, CURLOPT_HEADER, 0); // Don’t return the header, just the html
curl_setopt($curl, CURLOPT_CAINFO,"/home/sample/public_html/php/cacert.pem"); // Set the location of the CA-bundle
session_write_close();
$response = curl_exec($curl);
if ($response === FALSE) {
return "cURL Error: " . curl_error($curl);
}
else{
// evaluate for success response
return $response;
}
curl_close($curl);
}
?>
Resource File
<?php
session_start();
if(isset($_POST['yel'])){
$drcyt_key = dcrypt("{$_POST['yel']}");
if($drcyt_key == $_SESSION['token']){
echo "Success";
}
}
?>
How do you think will I fix this?
The SSL Verification error. Upon debugging sometimes I got cURL Error: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Sometimes I got cURL Error: SSL peer certificate or SSH remote key was not OK
When I put curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true); to FALSE, which is not a good idea; There comes a second problem for the SESSION COOKIE becoming blank on first load.
I HOPE YOU CAN HELP ME. THANK YOU.
This issue looks to be an outdated certificate bundle or outdated OpenSSL version on the server. You should both ensure you have the latest root certificates on your computer and also ensure that you have the latest versions of OpenSSL (including the PHP OpenSSL module).
In order to resolve my project, I installed tor and privoxy on my virtual station (Debian).
I found how to use curl and Tor proxy, but I can't change Ip adress at each curl_init().
here is my code:
#!/usr/bin/env php
<?php
function get_url($url)
{
// ensure PHP cURL library is installed
if(function_exists('curl_init'))
{
$timestart=microtime(true);
$ip = '127.0.0.1';
$port = '9050';
$auth = 'rebootip';
$command = 'signal NEWNYM';
$fp = fsockopen($ip,$port,$error_number,$err_string,10);
if(!$fp)
{
echo "ERROR: $error_number : $err_string";
return false;
}
else
{
fwrite($fp,"AUTHENTICATE \"".$auth."\"\n");
$received = fread($fp,512);
fwrite($fp,$command."\n");
$received = fread($fp,512);
}
fclose($fp);
$ch = curl_init();
curl_setopt($ch,CURLOPT_FOLLOWLOCATION,true);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_PROXY, "127.0.0.1:9050");
curl_setopt($ch, CURLOPT_PROXYTYPE, 7);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_VERBOSE, 0);
$response = curl_exec($ch);
$error = curl_error($ch);
print_r($response."\n");
print_r($error."\n");
}
else // PHP cURL library not installed
{
echo 'Please install PHP cURL library';
}
}
echo get_url('http://ipinfo.io/');
is this-I need to change the configuration of "tor" and "privoxy" in order to change ip address ?
thanks in advance :)
To get a different exit node IP address, setup multiple Tor clients listening on port 9050, 9051, ... etc. Then on curl_init, change the proxy port to another available Tor client.
Once you have exhausted your current list of Tor clients, you can restart them to get another exit node. You can even send simple telnet commands directly to your Tor client to change the exit node.