How to set the PHP_AUTH_PW and PHP_AUTH_USER parameters in php curl.
At the server end its checking for:
if(!isset($_SERVER['PHP_AUTH_PW']))
{
print "Authorization error"
}
Any help would be appreciated
Thanks
It is called basic-auth, and works with most browsers including curl on command line:
curl --user name:password http://www.example.com
and in PHP you set two options on your curl connection ($curl_conn):
curl_setopt($curl_conn, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($curl_conn, CURLOPT_USERPWD, 'username:password');
Related
For many requests I am getting access denied errors when using curl from php, my code is:
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0);
curl_setopt($ch, CURLOPT_URL, 'https://www.vueling.com/en');
curl_setopt($ch, CURLOPT_TIMEOUT, '2');
curl_setopt($ch, CURLOPT_VERBOSE, 1);
$data = curl_exec($ch);
curl_close($ch);
echo $data;
which returns this:
<H1>Access Denied</H1>
However if I run it directly on the command line:
curl -v https://www.vueling.com/en
I get the full response, my ip is not blocked, im not sure why CLI works but PHP doesnt? Anyone have any ideas?
The CLI version of curl probably sends an user agent that is accepted by this website, but the PHP version of curl may send an user agent that is rejected.
So you have to check that the headers sent by curl are similar in both ways.
I have the following bash curl command which returns the api results i want
curl -v -H 'Accept-Encoding:gzip,deflate,sdch' http://api.blabla.com?search_id=my_id --compressed
I am writing a PHP sdk for this API but i can not convert this curl command into php curl.
This is what i have tried so far:
curl_setopt($ch1, CURLOPT_URL, $resultsURL);
curl_setopt($ch1, CURLOPT_HTTPHEADER, 'Connection: Keep-Alive');
curl_setopt($ch1, CURLOPT_ENCODING, 'gzip,deflate');
curl_setopt($ch1, CURLOPT_CONNECTTIMEOUT, 0);
curl_setopt($ch1, CURLOPT_TIMEOUT, 15); // number of seconds to allow curl to execute
$results = curl_exec($ch1);
echo(json_encode($results));
curl_close($ch1);
I get some results but they are inconsistent. The usual response is around 9MB of json (from the cli curl) and i get everything from 1.46KB to 900KB. All this happen on the same api call...
What can be wrong with this code or how can i get this done? I am out of ideas about it
Edit: after a long debug i found out that bash curl and php curl send the same request and it must be the servers (apache in my case) fault that it doesnt fetch everything back to me in the response.
I will edit again and post an answer when i find exaclty what it is.
php curl manual says for CURLOPT_ENCODING
The contents of the "Accept-Encoding: " header. This enables decoding
of the response. Supported encodings are "identity", "deflate", and
"gzip". If an empty string, "", is set, a header containing all
supported encoding types is sent.
So use empty there to support any encoding.
curl_setopt($ch1, CURLOPT_ENCODING, '');
I am trying to send a REST request. The example I have been given by the system docs is this:
$ curl --digest -u admin:<passwd> http://1.2.3.4/r/users/12345/calls/recent
{"data": [
{"state_msg": "Finished",
"code": 200,
"dst_codecs": "PCMU,PCMA,iLBC,telephone-event",
"src_codecs": "PCMU,PCMA,telephone-event,iLBC",
"pid": 1250018007,
"url": "\/r\/users\/12345\/calls\/1250018007:16739",
[...]
}
[...]
]}
what is this example trying to tell me? what is the data information there? Is that what i need to send. If so, how would i send it? I have read this post: Call a REST API in PHP but I am still unsure of how to structure my call. would it be something like this?
$data = array('state_msg' => 'state_msg','code'=>'200'.....);
curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($curl, CURLOPT_USERPWD, "admin:<password>");
curl_setopt($curl, CURLOPT_URL, "http://1.2.3.4/r/users/12345/calls/recent");
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
I start with the beginning of the example:
$ curl
The $ sign denotes a unix shell prompt with standard user privileges.
Then a space separates the command which is curl here.
Each command has (normally) a manual page, you get it with the man command:
$ man curl
That should explain all the rest to you, as those man-pages explain all of the commands switches and options.
If you don't have such a shell prompt at hand and you do not like to consider installing one, many commands have their man pages as well in the internet. Here for curl:
http://curl.haxx.se/docs/manpage.html
After you've understood what that concrete command does, you just look-up the related options in the PHP manual on the curl_setopt page. How this works is demonstrated in the following example:
Convert command line cURL to PHP cURL
Example:
$ curl --digest -u admin:<passwd> http://1.2.3.4/r/users/12345/calls/recent
########
This switch relates to the CURLAUTH_DIGEST value of the CURLOPT_HTTPAUTH setting.
$handle = curl_init($url);
curl_setopt_array($handle, [
...
CURLOPT_HTTPAUTH => CURLAUTH_DIGEST, // --digest
...
]);
Compare with the Curl C-API which is just wrapped by PHP:
How to post http request using digest authentication with libcurl
UPDATED THANKS TO ANSWERS:
Can someone point out the difference between:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $api_root);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, "xml"); // tried http_build_query also
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); // Added this, still no good
return curl_exec($ch); // returns false
and:
$curl = "curl -X POST -d 'xml' {$api_root}";
return `$curl`; // returns expected xml from server
AND/OR
More generally, are there any good breakdowns out there for conversion/reference between php's libcurl default values/headers and those of curl on the command line?
I know this is almost a dupe of curl CLI to curl PHP and CLI CURL -> PHP CURL but I'm hoping for something more definitive.
When you use backticks then PHP invokes a shell. This can be dangerous, especially when you include variables in the command. If someone has a way to influence the value of $api_root they would be able to invoke any command on your system.
Using the API is much safer and probably faster as well as the curl libraries are loaded into PHP.
As for why it's not working it seems others have answered that question :)
curl_exec returns true or false by default. You need to specify CURLOPT_RETURNTRANSFER:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
Since curl_exec is returning false (not NULL as indicated in the original question), try using curl_error() to determine why it's returning false.
TFM (read it): curl_exec(), curl_setopt()
Edit for posterity's sake:
The OP discovered that an SSL issue was the hindrance. The both libcurl (as called through PHP) and the curl command-line do SSL peer verification for every transaction, unless the user explicitly disables it.
The likely scenario is that the shell environment is using a different CA bundle than PHP's libcurl implementation. To remedy this, set CURLOPT_CAINFO to be the same as the shell's CURL_CA_BUNDLE environment variable and then peer verification should work.
#OP: I'd be curious to know if the above suggestion is confirmed working in your case, or if there is something else different with the SSL configuration.
in your php example you are missing
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
from php manual:
curl_exec
Returns TRUE on success or FALSE on failure. However, if the CURLOPT_RETURNTRANSFER option is set, it will return the result on success, FALSE on failure.
Add this line:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
To match the CLI version:
$curl = "curl -X POST -d 'xml' {$api_root}";
return `$curl`; // returns expected xml from server
I also needed:
// Thanks to all the answers
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// This appears to default false on CLI, true in libcurl
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
I am doing an HTTP POST using cURL
$url = "http://localhost:8080/~demo/cgi-bin/execute/100";
//open connection
$ch = curl_init();
//set the url, number of POST vars, POST data
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_POST,count($data));
curl_setopt($ch,CURLOPT_POSTFIELDS,$data);
//execute post
$result = curl_exec($ch);
echo("$result");
//close connection
curl_close($ch);
The post gets executed, but the response is shown with the error:
The requested URL /~demo/100 was
not found on this server.
The above URL, obviously, does not exist not the server because (somehow) cURL has changed the URL.
It should have been /~demo/cgi-bin/execute/100 . This URL works in browser.
Please tell me why does it do that?
AND how can i stop this, for what I want?
Install Fiddler.
Enable debugging.
Visit the site in the browser.
Execute php cURL code.
Fiddler will tell you exactly what the web server is receiving and sending. since you are running locally, you can see exactly what php is sending as well. Compare the two and that will tell you the problem.
Maybe cURL tries to access default http port 80? Try to use
curl_setopt($ch, CURLOPT_PORT, 8080)
It may not be cURL that is changing the URL, rather that the web server is sending a redirect header to cURL, pointing at a different location. Perhaps the following would help:
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
where is?
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);