i want to post an xml document to a url, using simple php code.
i have a javascript code but the javascript will not support cross domain, so i just want to do it with php.
does any one have a code for this to support me...
Take a look at SimpleXML: http://us2.php.net/simplexml
Handling HTTP messaging in PHP is quite straightforward using the PECL HTTP classes.
In your instance you want to issue an HTTP request (that's a client->server message). Thankfully the HttpRequest::setPostFiles simplifies the process of including file content in an HTTP request. Refer to the PHP manual page (previous link) for specifics.
Unfortunately the manual pages for the HTTP classes are a bit sparse on details and it's not fully clear what the arguments for HttpRequest::setPostFiles should be, but the following code should get you started:
$request = new HttpRequest(HttpMessage::HTTP_METH_POST);
$request->setPostFiles(array($file));
$response = $request->send(); // $response should be an HttpMessage object
The manual for HttpRequest::setPostFiles states that the single argument of this method is an array of files to post. This is unclear and may mean an array of local file names, an array of file handles or an array of file contents. It shouldn't take long to figure out which is correct!
Here's an example that uses streams and does not rely on PECL.
// Simulate server side
if (isset($_GET['req'])) {
echo htmlspecialchars($_POST['data']);
exit();
}
/**
* Found at: http://netevil.org/blog/2006/nov/http-post-from-php-without-curl
*/
function do_post_request($url, $data, $optional_headers = null)
{
$params = array('http' => array('method' => 'POST',
'content' => $data));
if ($optional_headers !== null) {
$params['http']['header'] = $optional_headers;
}
$ctx = stream_context_create($params);
$fp = #fopen($url, 'rb', false, $ctx);
if (!$fp) {
throw new Exception("Problem with $url, $php_errormsg");
}
$response = #stream_get_contents($fp);
if ($response === false) {
throw new Exception("Problem reading data from $url, $php_errormsg");
}
return $response;
}
// Example taken from: http://en.wikipedia.org/wiki/XML
// (Of course, this should be filled with content from an external file using
// file_get_contents() or something)
$xml_data = <<<EOF
<?xml version="1.0" encoding='ISO-8859-1'?>
<painting>
<img src="madonna.jpg" alt='Foligno Madonna, by Raphael'/>
<caption>This is Raphael's "Foligno" Madonna, painted
in <date>1511</date>-<date>1512</date>.</caption>
</painting>
EOF;
// Request is sent to self (same file) to keep all data
// for the example in one file
$ret = do_post_request(
'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['SCRIPT_NAME'] . '?req',
'data=' . urlencode($xml_data));
echo $ret;
Related
I would like to stop a simplexml_load_file if it takes too long to load and/or isn't reachable (occasionally the site with the xml goes down) seeing as I don't want my site to completely lag if theirs aren't up.
I tried to experiment a bit myself, but haven't managed to make anything work.
Thank you so much in advance for any help!
You can't have an arbitrary function quit after a specified time. What you can do instead is to try to load the contents of the URL first - and if it succeeds, continue processing the rest of the script.
There are several ways to achieve this. The easiest is to use file_get_contents() with a stream context set:
$context = stream_context_create(array('http' => array('timeout' => 5)));
$xmlStr = file_get_contents($url, FALSE, $context);
$xmlObj = simplexml_load_string($xmlStr);
Or you could use a stream context with simplexml_load_file() via the libxml_set_streams_context() function:
$context = stream_context_create(array('http' => array('timeout' => 5)));
libxml_set_streams_context($context);
$xmlObj = simplexml_load_file($url);
You could wrap it as a nice little function:
function simplexml_load_file_from_url($url, $timeout = 5)
{
$context = stream_context_create(
array('http' => array('timeout' => (int) $timeout))
);
$data = file_get_contents($url, FALSE, $context);
if(!$data) {
trigger_error("Couldn't get data from: '$url'", E_USER_NOTICE);
return FALSE;
}
return simplexml_load_string($data);
}
Alternatively, you can consider using the cURL (available by default). The benefit of using cURL is that you get really fine grained control over the request and how to handle the response.
You should be using a stream context with a timeout option coupled with file_get_contents
$context = stream_context_create(array('http' => array('timeout' => 5))); //<---- Setting timeout to 5 seconds...
and now map that to your file_get_contents
$xml_load = file_get_contents('http://yoururl', FALSE, $context);
$xml = simplexml_load_string($xml_load);
I am using the example function given in this post:
<?php
function do_post_request($url, $data, $optional_headers = null)
{
$params = array('http' => array(
'method' => 'POST',
'content' => $data
));
if ($optional_headers !== null) {
$params['http']['header'] = $optional_headers;
}
$ctx = stream_context_create($params);
$fp = #fopen($url, 'rb', false, $ctx);
if (!$fp) {
throw new Exception("Problem with $url, $php_errormsg");
}
$response = #stream_get_contents($fp);
if ($response === false) {
throw new Exception("Problem reading data from $url, $php_errormsg");
}
return $response;
}
?>
I also tried a similar approach using file_get_contents(), like this:
$options = array(
'http'=>array(
'method'=>"POST",
'header'=>
"Accept-language: en\r\n".
"Content-type: application/x-www-form-urlencoded\r\n",
'content'=>http_build_query(
array(
'arg1'=>'arg_data_1',
'oper'=>'get_data',
'arg2'=>'arg_data_2',
'id_number'=>'7862'
),'','&'
)
));
$context = stream_context_create($options);
$refno = file_get_contents('/path/to/script/script.php',false,$context);
var_dump($refno);
With both these scripts, the response from the server script is the same, and it is the TEXT of the script.php. The code of the server script is never begin executed, and the text content (the PHP code) of the script is being returned to the original script.
A little strange that it doesn't return all the text, but just certain pieces... I tried making a test script (test.php) that just contains:
<?php
echo '{"a":1,"b":2,"c":3,"d":4,"e":5}';
?>
but that doesn't return anything from the POST request, so I didn't include that. The script.php is a must longer script that does a lot of logic and MySQL queries then returns a JSON object.
The desired output will be to have the PHP code execute and return a JSON object (the way it works with ajax).
What am I doing wrong?
You are trying access script localy.
You must call it like any other external script like
$refno = file_get_contents('http://yourhost/path/to/script/script.php',false,$context);
I'm trying to use PHP to authenticate to a web service by posting to an authentication method with a .txt file containing my username and password formatted in JSON.
It's not working and I'm having a hard time figuring out why not.
Here's the code I'm trying to use. First there's a function I'm using to do the posting. Then I create a variable for my data file and another for my URL for the AUTH service.
<?php
function do_post_request($url, $data, $optional_headers = null)
{
$params = array('http' => array(
'method' => 'POST',
'content' => $data
));
if ($optional_headers !== null) {
$params['http']['header'] = $optional_headers;
}
$ctx = stream_context_create($params);
$fp = #fopen($url, 'rb', false, $ctx);
if (!$fp) {
throw new Exception("Problem with $url, $php_errormsg");
}
$response = #stream_get_contents($fp);
if ($response === false) {
throw new Exception("Problem reading data from $url, $php_errormsg");
}
return $response;
}
// Let's get logged in and get an authkey
$url = 'http://service.com/auth';
$data= 'creds.txt';
$authkey = do_post_request($url, $data);
print_r($authkey);
?>
The text of my creds.txt file:
{
"auth": {
"username": "myusername",
"password": "mypassword"
}
}
What am I doing wrong? I'm getting an invalid data error. Do I need to use a full URL to the text file? Is the textfile not formatted properly?
The docs for the service only say that I need:
"a JSON-formatted text file with your username and password"
$data= 'creds.txt'; should be like:
$data= file_get_contents('creds.txt');
I don't see you open the creds.txt anywhere, I believe you should send in jSON format.
Without disclosing "service.com" or more details about the website itself it'll be hard to figure out a solution since it can be a number of things but you're never passing the actual data (only the file path).
Try:
$authkey = do_post_request($url, file_get_contents($data));
I'm using the php mail function and I have a form with the name field, phone field, email field and message field which is a text area. The email field (along with the name and phone field) displays in the message and isn't used to send an email to that address. The To: fields and subject: fields and From: header are static in the script and is designed to always be the same.
I was recently trying to try email injection to my own script so I can then know if my preventative measures are working or not.
I've tried putting in the fields
%0ATo:mysecondemailaddress#provider.com and also %0ACc:mysecondemailaddress#provider.com, but the email doesn't even send to the proper email address at all. I was just wondering what is the correct method to do this, and also when I am using preventative methods such as identifying strings and either removing them or denying the email from being sent what characters such as % should I also be on the look out for?
It doesn't look like using the form to directly enter the injection works very well. I'm using the following to test out a mailer I'm putting together, it posts the data from the script. The $postData will have to be modified to suit your form. This just BCCs a 'victim':
<?php
$postData =
'contactname=Lord+Sauron&'.
'email=darklord#ciplit.com.au%0ABcc:frodo#ciplit.com.au'.
'&message=Sorry+about+that+whole+ring+thing.+No+hard+feelings%3F';
$url = 'http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']).'/onetrueformmailer.php';
$result = do_post_request($url, $postData);
echo($result);
// http://wezfurlong.org/blog/2006/nov/http-post-from-php-without-curl/
function do_post_request($url, $data, $optional_headers = null) {
$params = array('http' => array(
'method' => 'POST',
'content' => $data
));
if ($optional_headers !== null) {
$params['http']['header'] = $optional_headers;
}
$ctx = stream_context_create($params);
$fp = #fopen($url, 'rb', false, $ctx);
if (!$fp) {
throw new Exception("Problem with $url, $php_errormsg");
}
$response = #stream_get_contents($fp);
if ($response === false) {
throw new Exception("Problem reading data from $url, $php_errormsg");
}
return $response;
}
?>
I'm trying to send an XML file to a server as part of the POST method for an internal API.
All the PHP documentation points to using the $postVars['file']='#/path/to/file.xml' to actually send the file.
I want to send the file from a string, but it still needs to be sent as a file upload, not a string.
Help?
Take a look at this thread it deals with what you want to do I think: http://www.webmasterworld.com/php/3164561.htm
The last entry might be of help (reformatted by me):
function do_post_request($url, $data, $optional_headers = null) {
$params = array('http' => array(
'method' => 'post',
'content' => $data
));
if ($optional_headers!== null)
$params['http']['header'] = $optional_headers;
$ctx = stream_context_create($params);
$fp = #fopen($url, 'rb', false, $ctx);
if (!$fp)
throw new Exception("Problem with $url, $php_errormsg");
$response = #stream_get_contents($fp);
if ($response === false)
throw new Exception("Problem reading data from $url, $php_errormsg");
return $response;
}
Basically the solution is to make use of the built-in php stream handling for urls.
http://www.sematopia.com/?p=153 and http://www.daniweb.com/forums/thread150772.html might help.