I have some working cURL scripts but have been relying on the remote server for SS validation. I want to add some validation to our cURL scripts so that if they aren't filled out correctly the request won't get sent. I have client side JS validation, but want to duplicate with SS validation.
Here is an example of my cURL script:
<?php
$url = 'https://remoteserver.com/POST.svc/Foo';
$Field1 = $_POST["Field1"];
//other input data
$fields = array(
'Field1'=>urlencode($Field1),
//other input data
);
foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
$fields_string = rtrim($fields_string,'& ');
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$output = curl_exec($ch);
echo $output;
curl_close($ch);
?>
Can I just create an if/else statement like:
<?php
if(empty($_POST['Field1']))) {
echo "Error";
die();
} else {
$url = 'https://remoteserver.com/POST.svc/Foo';
$Field1 = $_POST["Field1"];
//other input data
$fields = array(
'Field1'=>urlencode($Field1),
//other input data
);
foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
$fields_string = rtrim($fields_string,'& ');
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$output = curl_exec($ch);
echo $output;
curl_close($ch);
}
I have ajax stuff that is displayed if the return is "Error". This can't be that easy, is it?
thx
Instead of just returning 'Error', why not return some useful stuff? A PHP structure such as
$request_status = array(
'error' => 1,
'error_msg' => 'Form was not completed properly'
'error_details' => array(
0 => 'Name field not completed',
1 => 'Invalid state specified',
2 => 'Password1 and Password 2 do not match'
)
)
echo json_encode($request_status);
would be of far more use. Your client-side ajax code can simply look for the 'error' parameter in there and either go "Hey, it worked!" or do further based on the error_details you supplied, such as highlighting the form fields that weren't completed correctly.
This also allows you to send back other types of error messages as well, such as saying "hey, the place we're CURLing your form to isn't responding" and the like.
Related
I want to know final url just before executing curl to check all parameters passing as desired. how to view that.
<?PHP
function openurl($url) {
$ch=curl_init();
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch,CURLOPT_POSTFIELDS,$postvars);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_TIMEOUT, '3');
$content = trim(curl_exec($ch));
curl_close($ch);
echo $content;
}
$postvars = array('user' => "user123",'password' => "user#user!123",'Text' => "Test");
$sms_url ="http://remoteserver/plain";
openurl($sms_url);
?>
desired output to check all params and its values passing correct..
http://remoteserver/plain?user=user123&password=user#user!123&Text=TESThere
You forgot to add the $postvars as parameter to your function.
function openurl($url, $postvars) {
$ch=curl_init();
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch,CURLOPT_POSTFIELDS,$postvars);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_TIMEOUT, '3');
$content = trim(curl_exec($ch));
curl_close($ch);
echo $content;
}
$postvars = array('user' => "user123",'password' => "user#user!123",'Text' => "Test");
$sms_url ="http://remoteserver/plain";
// create a test var which we can display on screen / log
$test_url = sms_url . http_build_query($postvars);
// either send it to the browser
echo $test_url;
// or send it to your log (make sure loggin is enabled!)
error_log("CURL URL: $test_url", 0);
openurl($sms_url, $postvars);
I'm trying to write some PHPUnit tests for ajax endpoints. I can do this no sweat when the user doesn't have to be logged in. But to test the endpoint in question, the user does have to be logged in and I want to get the cookie programmatically as part of the test. Basically the test I want to run looks like:
$url = "https://example.com/ajax/endpoint";
$fields = array(
'name'=>'test '.rand(),
'host'=>rand(0,255).'.'.rand(0,255).'.'.rand(0,255).'.'.rand(0,255),
'port'=>rand(1,1000)
);
$fields_string = "";
foreach ($fields as $key=>$value) {
$fields_string .= $key.'='.$value.'&';
}
$fields_string = rtrim($fields_string, '&');
ob_start();
$ch = curl_init();
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
curl_setopt($ch, CURLOPT_COOKIE, $userCookie);
curl_setopt($ch, CURLOPT_URL, $url);
$response = curl_exec($ch);
$this->assertEquals(true, $response);
$json = ob_get_contents();
$return = json_decode($json);
$this->assertEquals('false', $return->success);
$this->assertEquals('', $return->data);
ob_end_clean();
But I don't know a good way to get $userCookie other than opening a browser, logging in, and then reading PHPSESSID from the cookies in the browser. How can I get the cookie for this without grabbing it manually? I'd like to be able to get it from a curl request to the login endpoint:
$url = "https://example.com/ajax/login";
$fields = array(
'username'=>$username,
'password'=>$password
);
$fields_string = "";
foreach ($fields as $key=>$value) {
$fields_string .= $key.'='.$value.'&';
}
$fields_string = rtrim($fields_string, '&');
$ch = curl_init();
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
curl_setopt($ch, CURLOPT_URL, $url);
$response = curl_exec($ch);
Does anything stop you to grab it programmatically?
$ch = curl_init('https://example.com/login');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "login=root&password=toor");
curl_setopt($ch, CURLOPT_HEADER, 1);
$result = curl_exec($ch);
preg_match_all('/^Set-Cookie: PHPSESSID=(.*?);/mi', $result, $matches);
$userCookie = $matches[1];
You're halfway there with your login cURL request. What you need to do is retrieve the cookie from the response headers to get the PHPSESSID.
How to get response headers with cURL has been asked in another question you can find here.
Once you've got the response headers, you'll have to parse it to get the Set-Cookie header. Using the content of that header for your subsequent tests should work from there.
Im trying my hand at using curl to post some data, I am not reciving my post content and can not find the source of the problem
curl.php
<?php
$data = array("user_email" => "22" , "pass" => "22" );
$string = http_build_query($data);
$ch = curl_init("http://localhost:8888/290_project/test.php"); //this is where post data goes too, also starts curl
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_exec($ch);
curl_close($ch) //ends curl
?>
test.php
<?php
if(isset($_POST['user_email'], $_POST['pass'])) {
$name = $_POST['user_email'];
$pass = $_POST['pass'];
echo $name;
echo $pass;
} else {
echo "error";
} ?>
Every time I get my error response meaning the post data is not going through. I have tried everything I could think of to trouble shoot;I must be over looking something I am simply not yet familiar with?
Please set CURLOPT_URL to http://localhost:8888.....
<?php
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://localhost:8888/290_project/test.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_exec($ch);
if(!curl_errno($ch)){
$info = curl_getinfo($ch);
} else {
echo 'Curl error: ' . curl_error($ch);
}
curl_close($ch) //ends curl
?>
With curl_getinfo() - Gets information about the last transfer.
For more detail read below link:- http://php.net/manual/en/function.curl-getinfo.php
I have edited the answer, The reason for error is not curl.
http_build_query($data, '', '&');
Following is working example. Please try this.
$postData = array(
'user_name' => 'abcd',
'password' => 'asdfghj',
'redirect' => 'yes',
'user_login' => '1'
);
$url='http://localhost:8888/290_project/test.php';
$ch = curl_init();
//Set the URL to work with
curl_setopt($ch, CURLOPT_URL, $url);
// ENABLE HTTP POST
curl_setopt($ch, CURLOPT_POST, 1);
//Set the post parameters
curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
//execute the request
$store = curl_exec($ch);
print_r($store);
curl_close($ch)
You have an error in your php code:
edit:
if(isset($_POST['user_email'], $_POST['pass'])) {
to:
if(isset($_POST['user_email']) && isset($_POST['pass'])) {
I'm not able to post values to field and process further steps to download a file. Could anyone suggest where I'm going wrong?
extract($_POST);
$url=header("Location: http://gis.lntecc.com/bwssblnt/Scada.aspx? field1=Kathriguppe%2cSW2DM0402%2c235505H073%2c450");
$fields =array(
"TextBoxFromDate" => urlencode("2014-10-01"),
"TextBoxToDate" => urlencode("2014-10-09")
);
foreach($fields as $key => $value)
$fields_string .= $key.'='.$value.'&';
rtrim($fields, '&');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, count($fields));
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec($ch);
echo $result;
curl_close($ch);
Where did I make a mistake since I'm not able to post values to the field?
Simply remove that huge space in your URL:
$url=header("Location: http://gis.lntecc.com/bwssblnt/Scada.aspx? field1=Kathriguppe%2cSW2DM0402%2c235505H073%2c450");
Becomes:
$url=header("Location: http://gis.lntecc.com/bwssblnt/Scada.aspx?field1=Kathriguppe%2cSW2DM0402%2c235505H073%2c450");
I have the following php Curl code, to submit a form and get the tables of result
<?php
function httpPost($url,$params)
{
//echo 1;
$postData = '';
//create name value pairs seperated by &
foreach($params as $k => $v)
{
$postData .= $k . '='.$v.'&';
}
rtrim($postData, '&');
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
curl_setopt($ch,CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_POST, count($postData));
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
$output=curl_exec($ch);
curl_close($ch);
//return $params;
return $output;
}
$params = array(
"form_hf_0"=>null,
"searchMode:edit"=>"Births",
"searchSwitch:birthContainer:regNumber:regNumber"=>null,
"searchSwitch:birthContainer:regNumber:regYear"=>null,
"searchSwitch:birthContainer:subjectName:familyName:edit"=>"smith",
"searchSwitch:birthContainer:subjectName:givenName:edit"=>null,
"searchSwitch:birthContainer:subjectName:otherNames:edit"=>null,
"searchSwitch:birthContainer:fatherGivenName:edit"=>null,
"searchSwitch:birthContainer:fatherOtherNames:edit"=>null,
"searchSwitch:birthContainer:motherGivenName:edit"=>null,
"searchSwitch:birthContainer:motherOtherNames:edit"=>null,
"searchSwitch:birthContainer:dateOfEvent:range:edit"=>true,
"searchSwitch:birthContainer:dateOfEvent:switchGroup:range:dateFrom:day"=>01,
"searchSwitch:birthContainer:dateOfEvent:switchGroup:range:dateFrom:month"=>01,
"searchSwitch:birthContainer:dateOfEvent:switchGroup:range:dateFrom:year"=>1788,
"searchSwitch:birthContainer:dateOfEvent:switchGroup:range:dateTo:day"=>31,
"searchSwitch:birthContainer:dateOfEvent:switchGroup:range:dateTo:month"=>12,
"searchSwitch:birthContainer:dateOfEvent:switchGroup:range:dateTo:year"=>1913,
"searchSwitch:birthContainer:district:edit"=>null,
"search-button"=>"Search"
);
$param1 = array("username"=>"sa","password"=>"1");
echo httpPost("https://lifelink.bdm.nsw.gov.au/lifelink/familyhistory/search?0-2.IFormSubmitListener-mainContent-form",$params);
?>
The form link is here:https://lifelink.bdm.nsw.gov.au/lifelink/familyhistory/search?0
I have nothing printed.
Can anyone pointed where is wrong?
The result is here http://ec2-54-213-181-25.us-west-2.compute.amazonaws.com/htdocs/lib/CURL/curl.php
Nothing in the table as normal search with family name "smith", range date 1788 to 1914.