We Keep Coding

Handle TLSv1.2 connection with CURL

I am trying to automate the configuration of x IP cameras from their embbeded web server (Self Signed Certificates). So if you try to connect to a camera through a browser in a normal way (no script), you'll have to add an exception, works fine.
I want to automate this, and all my scripts PHP are ran in a Powershell CLI.
I have the following PHP script :
<?php
include('C:\wamp64\bin\php\php7.0.10\run\Librairie\LIB_parse.php');
include('C:\wamp64\bin\php\php7.0.10\run\Librairie\LIB_http.php');
include('C:\wamp64\bin\php\php7.0.10\run\Librairie\LIB_resolve_addresses.php');
$TableauIP = fopen('C:\wamp64\bin\php\php7.0.10\run\x\Ipcamera.txt', 'r');
$count = 0;
while (($URLcamera = fgets($TableauIP, 4096)) !== false){
$IP_unparsed = $URLcamera;
$Ipcamera = return_between($IP_unparsed, "//", "/", EXCL);
echo("Automatic configuration for : ".$Ipcamera."\n");
echo("...............\n\n");
echo("Downloading page : ".$IP_unparsed."\n\n");
$web_page =http_get($IP_unparsed, $ref = "");
echo "ERROR \n";
var_dump($web_page['ERROR']);
$head_section = return_between($string=$web_page['FILE'], $start="<head>", $end="</head>", $type=EXCL);
$meta_tag_array = parse_array($head_section, $beg_tag="<meta", $close_tag=">");
for($xx=0; $xx<count($meta_tag_array); $xx++){
echo $meta_tag_array[$xx]."\n";
}
for($xx=0; $xx<count($meta_tag_array); $xx++){
$meta_attribute = get_attribute($meta_tag_array[$xx], $attribute="http-equiv");
if(strtolower($meta_attribute)=="refresh"){
$new_page = return_between($meta_tag_array[$xx], $start="URL", $end=">", $type=EXCL);
$new_page = trim(str_replace("", "", $new_page));
$new_page = str_replace("=", "", $new_page);
$new_page = str_replace("\"", "", $new_page);
$new_page = resolve_address($new_page, $IP_unparsed);
}
break;
}
echo "HTML Head redirection detected<br>\n\n";
echo "Redirect page = ".$new_page."\n";
$web_page2 = http_get($new_page, $ref = "");
//$web_page = http_get($IP_unparsed.'/login.cs', $ref = "");
echo "FILE CONTENT \n";
var_dump($web_page2['FILE']);
echo "FILE ERROR \n";
var_dump($web_page2['ERROR']);
// for($xx=0; $xx<count($web_page); $xx++){
// echo($web_page[$xx]);
// }
// echo "ERROR \n";
// var_dump($new_page['ERROR']);
//*******************************
// $web_page = file($new_page);
// for($xx = 0; $xx < count($web_page); $xx++)
// echo $web_page[$xx];
//********************************
// $file_handle = fopen($new_page, "r");
// while (!feof($file_handle))
// {
// echo fgets($file_handle, 4096);
// }
// fclose($file_handle);
$count++;
}
?>
(I left the comments, I've tried different way to display the webpage)
As you can see, I am using the engine WampServer_x64 on a basic Windows 7.
I'm following a redirection to the https://x.x.x.x/login.cs page.
The important part is the download of webpage2.
Here the LIB_parse library (just necessary lines), wrapping curl options in PHP functions :
function http_get($target, $ref)
{
return http($target, $ref, $method="GET", $data_array="", EXCL_HEAD);
}
function http($target, $ref, $method, $data_array, $incl_head)
{
# Initialize PHP/CURL handle
$ch = curl_init();
# Prcess data, if presented
if(is_array($data_array))
{
# Convert data array into a query string (ie animal=dog&sport=baseball)
foreach ($data_array as $key => $value)
{
if(strlen(trim($value))>0)
$temp_string[] = $key . "=" . urlencode($value);
else
$temp_string[] = $key;
}
$query_string = join('&', $temp_string);
}
# HEAD method configuration
if($method == HEAD)
{
curl_setopt($ch, CURLOPT_HEADER, TRUE); // No http head
curl_setopt($ch, CURLOPT_NOBODY, TRUE); // Return body
}
else
{
# GET method configuration
if($method == GET)
{
if(isset($query_string))
$target = $target . "?" . $query_string;
curl_setopt ($ch, CURLOPT_HTTPGET, TRUE);
curl_setopt ($ch, CURLOPT_POST, FALSE);
}
# POST method configuration
if($method == POST)
{
if(isset($query_string))
curl_setopt ($ch, CURLOPT_POSTFIELDS, $query_string);
curl_setopt ($ch, CURLOPT_POST, TRUE);
curl_setopt ($ch, CURLOPT_HTTPGET, FALSE);
}
curl_setopt($ch, CURLOPT_HEADER, $incl_head); // Include head as needed
curl_setopt($ch, CURLOPT_NOBODY, FALSE); // Return body
}
curl_setopt($ch, CURLOPT_COOKIEJAR, COOKIE_FILE); // Cookie management.
curl_setopt($ch, CURLOPT_COOKIEFILE, COOKIE_FILE);
curl_setopt($ch, CURLOPT_TIMEOUT, CURL_TIMEOUT); // Timeout
curl_setopt($ch, CURLOPT_USERAGENT, WEBBOT_NAME); // Webbot name
curl_setopt($ch, CURLOPT_URL, $target); // Target site
curl_setopt($ch, CURLOPT_REFERER, $ref); // Referer value
curl_setopt($ch, CURLOPT_VERBOSE, FALSE); // Minimize logs
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); // No certificate
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE); // Follow redirects
curl_setopt($ch, CURLOPT_MAXREDIRS, 4); // Limit redirections to four
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); // Return in string
# Create return array
$return_array['FILE'] = curl_exec($ch);
$return_array['STATUS'] = curl_getinfo($ch);
$return_array['ERROR'] = curl_error($ch);
# Close PHP/CURL handle
curl_close($ch);
# Return results
return $return_array;
}
I do not know how to handle the TLS connection with cURL. I've been trying for hours with different stuff .. I have this issue : encrypted alert :
whireshark capture TCP and TLS exchange
I've add this line to the original library :
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
//curl_setopt($ch, CURLOPT_SSLVERSION, 6);
curl_setopt($ch, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
I can't get the web page.
Apparently, the SSL version is 1.0.2h.
I have tried many different things .. With many different error types, but always around the SSL certificate stuff..
I have no more ideas where to look..
If you guys can give me a trail ! That would be nice

Request-URI Too Long - SMS API

My problem is somehow peculiar. I have this bulksms api from my provider:
http://www.estoresms.com/smsapi.php?username=user&password=1234&sender=##sender##&recipient=##recipient##&m
essage=##message##&
then i wrapped it in PHP and passed it in cURL:
$api = "http://www.estoresms.com/smsapi.php?username=".$sms_user."&password=".$sms_pwd."&sender=".$sender_id."&recipient=".$numbers."&message=".$text."&";
function curl_get_contents($url)
{
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
$send_it = curl_get_contents($api);
ordinarily, it worked fine, but when $recepient (phone numbers) are more than say 300, i get an error:
Request-URI Too Long
The requested URL's length exceeds the capacity limit for this server.
Additionally, a 414 Request-URI Too Long error was encountered while trying to use an ErrorDocument to handle the request.
But BulkSMS should be able to send to thousands of numbers at a time.
From my research, i found out that there's a limit to URL. I'm not the server owner. i working on a shared hosting plan. pls how can i get around this problem. I know there's a solution to it that would not mean buying my own server.
Thanks

Can you try to make the API use POST instead of GET. It would solve the issue.
Edit:
I'm not sure your API check POST, but try that:
$api = "http://www.estoresms.com/smsapi.php";
$data = array('username' => $sms_user, 'password' => $sms_pwd, 'sender' => $sender_id , 'recipient' => $numbers , 'message' => $text);
function curl_get_contents($url)
{
$ch = curl_init($url);
curl_setopt($handle, CURLOPT_POST, true);
curl_setopt($handle, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
$send_it = curl_get_contents($api);

Have a look at this code example (from bulksms.com).
http://developer.bulksms.com/eapi/code-samples/php/send_sms/

So then, i had to find a way around my own problem. if the API will not allow thousands of numbers at a time, then let's break it into chunks at the point of execution.
function curl_get_contents($url)
{
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
$how_many = count(explode(',', $numbers));
if ($how_many > 250){
$swi = range(0, ceil($how_many/250)-1);
foreach ($swi as $sw){$numbers_a = implode(',', (array_slice(explode(',', $numbers), $sw*250, 250)));
$api = "http://www.estoresms.com/smsapi.php?username=".$sms_user."&password=".$sms_pwd."&sender=".$sender_id."&recipient=".$numbers_a."&message=".$text."&";
$send_it = curl_get_contents($api);
}
}
if ($how_many <= 250){
$api = "http://www.estoresms.com/smsapi.php?username=".$sms_user."&password=".$sms_pwd."&sender=".$sender_id."&recipient=".$numbers."&message=".$text."&";
$send_it = curl_get_contents($api);
}

cURL with PHP - HTTP cURL to HTTPS

I have the following bit of PHP, it works locally (via apache and localhost) but not on my hosting - $response is always empty:
function get_data($url) {
$ch = curl_init();
$timeout = 5;
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_NOBODY, true);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
$api_key = 'my_api_key';
$randomString = generateRandomString(10);
$endLabel = sha1(md5($randomString));
$user_id = $endLabel;
$amount_doge = '5';
$url = "https://dogeapi.com/wow/?api_key=".$api_key."&a=get_new_address&address_label=".$user_id;
$response = get_data($url);
I wondered if this could be because I'm hosted on HTTP (no SSL option) and I'm calling a HTTPS domain? If so, is there a way around this? I've tried curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); but it doesn't seem to do anything :(

try to use echo curl_error($ch) after $data = curl_exec($ch); to see what curl says
it wil lreport you what happened

Login to gmail from my site

There are lot of similar questions, but none of them answered properly.
Issue : I have gmail username(email id) and password, I want to login to gmail with out redirecting the page to gmail.com
I tried :
a. Fetched the source code (View source from browser), and copied it in a html page,
onload I added username and password to this form and submitted this page with javascript
=> It works fine.
But, I need to fetch the source dynamically, using PHP.
So, I tried with `file_get_contents` => Here I am not able to get full source code some of the js code and some hidden fields are missing => When I tired to login with this code, it is not logging in, it simply redirects to gmail.com login page.
Then I tried to get the source code using cURL, This also gave me incomplete source, and I am not able to login.
b. I tried to login using cURL.
I was able to get the gmail feed using following code.
$email = 'username#gmail.com';
$password = 'password';
$curl = curl_init('https://mail.google.com/mail/feed/atom');
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_USERPWD, $email.':'.$password);
echo $content = curl_exec($curl);
But, When tired the code to login to https://accounts.google.com/ServiceLogin it is not loging in.
$email = 'username#gmail.com';
$password = 'password';
$curl = curl_init('https://accounts.google.com/ServiceLogin');
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_USERPWD, $email.':'.$password);
echo $content = curl_exec($curl);
Question : 1. Is it possible to login to gmail, from mysite ?
I don't want to use open ID - Here I need to enter username and password again. My username and password in already stored in DB (I know this is not secure.). So my requirement is while clicking a link automatically login to gmail.
Question : 2. Is it possible to take take the complete (Which we can see in browser "view source") source code of gmail(Login page of gmail), either using php or javascript or jQuery ?

It's not possible to login to gmail using curl - obvious security issues. At least I'm not sure how. You'll have to use oauth. Please refer to google oauth documentation. It's a fairly standard process requiring a three way handshake.

Use Imap to get this thing working
<?php
$hostname = '{imap.gmail.com:993/imap/ssl}INBOX';
$username = 'yourmail#gmail.com';
$password = 'yourpass';
$inbox = imap_open($hostname,$username,$password) or die('Cannot connect to Gmail: ' . imap_last_error());
//If connected search for unread mails or do your stuff using imap functions
$emails = imap_search($inbox,'UNSEEN');
if(count($emails) > 0) {
foreach($emails as $email)
$status = imap_setflag_full($inbox, $email, "\\Seen \\Flagged");
echo gettype($status) . "\n";
echo $status . "\n";
}
imap_close($inbox);
?>
For Imap reference check imap functions

Here is the answer which i got :
<?php
$USERNAME = 'user#gmail.com';
$PASSWORD = 'pass#gmail';
$COOKIEFILE = 'cookies.txt';
$ch = curl_init();
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_COOKIEJAR, $COOKIEFILE);
curl_setopt($ch, CURLOPT_COOKIEFILE, $COOKIEFILE);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 120);
curl_setopt($ch, CURLOPT_TIMEOUT, 120);
curl_setopt($ch, CURLOPT_URL, 'https://accounts.google.com/ServiceLogin');
$data = curl_exec($ch);
//echo $data;
$formFields = getFormFields($data);
//print_r($formFields);
$formFields['Email'] = $USERNAME;
$formFields['Passwd'] = $PASSWORD;
unset($formFields['PersistentCookie']);
$post_string = '';
foreach($formFields as $key => $value) {
$post_string .= $key . '=' . urlencode($value) . '&';
}
$post_string = substr($post_string, 0, -1);
curl_setopt($ch, CURLOPT_URL, 'https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/&ss=1&scc=1&ltmpl=default&ltmplcache=2');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_REFERER, 'https://mail.google.com/');
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_string);
$result = curl_exec($ch);
/*
if (strpos($result, '<title>Redirecting') === false) {
die("Login failed");
var_dump($result);
} else {*/
curl_setopt($ch, CURLOPT_URL, 'https://mail.google.com/mail/h/jeu23doknfnj/?zy=e&f=1');
curl_setopt($ch, CURLOPT_POST, 0);
curl_setopt($ch, CURLOPT_POSTFIELDS, null);
$result = curl_exec($ch);
//header('Location:https://mail.google.com/mail/h/jeu23doknfnj/?zy=e&f=1');
var_dump($result);
//}
function getFormFields($data)
{
if (preg_match('/(<form.*?id=.?gaia_loginform.*?<\/form>)/is', $data, $matches)) {
$inputs = getInputs($matches[1]);
return $inputs;
} else {
die('didnt find login form');
}
}
function getInputs($form)
{
$inputs = array();
$elements = preg_match_all('/(<input[^>]+>)/is', $form, $matches);
if ($elements > 0) {
for($i = 0; $i < $elements; $i++) {
$el = preg_replace('/\s{2,}/', ' ', $matches[1][$i]);
if (preg_match('/name=(?:["\'])?([^"\'\s]*)/i', $el, $name)) {
$name = $name[1];
$value = '';
if (preg_match('/value=(?:["\'])?([^"\'\s]*)/i', $el, $value)) {
$value = $value[1];
}
$inputs[$name] = $value;
}
}
}
return $inputs;
}
?>
It will show you the first page the gmail mails=> but if you click any link there it will again ask for login =>Because cookies are not set for domain mail.google.com (And can not be done - Same origin policy)

how to get contents of site use HTTPS

ex of site using ssl ( HTTPs ) : https://www.eb2a.com
1 - i tried to get its content using file_get_contents, but not work and give error
ex :
<?php
$contents = file_get_contents("https://www.eb2a.com/");
echo $contents;
?>
2 - i tried to use fopen, but not work and give error
ex:
<?php
$url = 'https://www.eb2a.com/';
$contents = fopen($url, 'r');
echo "$contents";
?>
3 - i tried to use CURL, but not work and give BLANK PAGE
ex :
function cURL($url, $ref, $header, $cookie, $p){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($ch, CURLOPT_REFERER, $ref);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
if ($p) {
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $p);
}
$result = curl_exec($ch);
curl_close($ch);
if ($result){
return $result;
}else{
return '';
}
}
$file = cURL('https://www.eb2a.com/','https://www.eb2a.com/',0,0,null);
echo $file
any one have any idea ??

To fetch the contents from secure protocal https, you need to have openssl extenstion enabled from php.ini file and the authentication for that matter.

web site redirect 301
change url
from
https://www.eb2a.com/
to
https://www.eb2a.com
or if still not working or need use it with /
loook at LINK
use curl redirect rules