How to get info on sent PHP curl request
If you set CURLINFO_HEADER_OUT to true, outgoing headers are available in the array returned by curl_getinfo(), under request_header key:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://foo.com/bar");
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "someusername:secretpassword");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
curl_exec($ch);
$info = curl_getinfo($ch);
print_r($info['request_header']);
This will print:
GET /bar HTTP/1.1
Authorization: Basic c29tZXVzZXJuYW1lOnNlY3JldHBhc3N3b3Jk
Host: foo.com
Accept: */*
Note the auth details are base64-encoded:
echo base64_decode('c29tZXVzZXJuYW1lOnNlY3JldHBhc3N3b3Jk');
// prints: someusername:secretpassword
Also note that username and password need to be percent-encoded to escape any URL reserved characters (/, ?, &, : and so on) they might contain:
curl_setopt($ch, CURLOPT_USERPWD, urlencode($username).':'.urlencode($password));
PHP, cURL, and HTTP POST example?
<?php
//
// A very simple PHP example that sends a HTTP POST to a remote site
//
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"http://www.example.com/tester.phtml");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,
"postvar1=value1&postvar2=value2&postvar3=value3");
// In real life you should use something like:
// curl_setopt($ch, CURLOPT_POSTFIELDS,
// http_build_query(array('postvar1' => 'value1')));
// Receive server response ...
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$server_output = curl_exec($ch);
curl_close ($ch);
// Further processing ...
if ($server_output == "OK") { ... } else { ... }
?>
PHP cURL GET request and request's body
CURLOPT_POSTFIELDS as the name suggests, is for the body (payload) of a POST request. For GET requests, the payload is part of the URL in the form of a query string.
In your case, you need to construct the URL with the arguments you need to send (if any), and remove the other options to cURL.
curl_setopt($ch, CURLOPT_URL, $this->service_url.'user/'.$id_user);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_HEADER, 0);
//$body = '{}';
//curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
//curl_setopt($ch, CURLOPT_POSTFIELDS,$body);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
How to Retrieve cURL Data within the URL Endpoint
You can access to these data via the $_SERVER superglobal.
Endpoint :
<?php
$user = $_SERVER['PHP_AUTH_USER']; // alex
$password = $_SERVER['PHP_AUTH_PW']; // password123
How to get and post information in a single cURL request?
So a bit of an intro of what's going on.
form_key seems to be used as a form of CSRF protection specifically it is a synchronizer token.
In short what happens is, a user visits a web page, the web page creates a session for the user and generates a unique token. The server then attaches that unique token to the form as a hidden field. When a user submits that form then it is submitted with that hidden field and the server can cross-reference that the token received is the same as the one that was sent.
However the critical part is that the server needs to be aware of who the user is, and that is done through the session. The session is maintained via a session cookie, which is why the session cookie is necessary.
To correctly simulate a real user you need to store the cookies the server sends you on first visit, this is done using the CURLOPT_COOKIEJAR :
$ch2 = curl_init();
curl_setopt($ch2, CURLOPT_URL, "https://b2b.chiemsee.com/customer/account/login/");
curl_setopt($ch2, CURLOPT_FOLLOWLOCATION, true); // to allow redirections
//curl_setopt($ch2, CURLOPT_SSL_VERIFYPEER, FALSE); // to avoid error
curl_setopt($ch2, CURLOPT_POST, true); // to send info
curl_setopt($ch2, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch2, CURLOPT_COOKIEJAR, 'cookie.txt'); // to save session cookie
curl_setopt($ch2, CURLOPT_RETURNTRANSFER, true); // to get the html
$response2 = curl_exec($ch2);
curl_close($ch2);
after you've done this and retrieved the CSRF token by scraping the page you need to submit this along with the corresponding cookies:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://b2b.chiemsee.com/customer/account/loginPost/"); //Make sure you have the correct URL
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); // to allow redirections
//curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); // to avoid error
curl_setopt($ch, CURLOPT_POST, true); // to send info
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt'); // to read cookie data
curl_setopt($ch2, CURLOPT_COOKIEJAR, 'cookie.txt'); // optional, this will update existing cookies and add new ones if needed.
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); // to get the html
$response = curl_exec($ch);
if (curl_error($ch)) {
$error_msg = curl_error($ch);
var_dump($error_msg);
exit;
}
curl_close($ch);
echo $response;
This should allow the server to load the correct session for which the CSRF token was created in the first place and then verify that token you're sending.
As a sidenote: The reason for the token is simple. If I make a webpage which tricks users to post directly to another webpage this token is a piece of data that I can never have access to as it is only shared with the user directly so 3rd parties can't access it. It might make automations such as yours harder to implement but it is very effective for user security.
How to process POST in php file sent by curl
Try to replace this, direct send array not json
curl_setopt($curl, CURLOPT_POSTFIELDS,$data_string );
With
curl_setopt($curl, CURLOPT_POSTFIELDS,$fields );
Check this : http://php.net/manual/en/function.curl-setopt.php
How to post data using curl and get reponse based on posted data
The function on this link will work.
<?php
function post_to_url($url, $data) {
$fields = '';
foreach ($data as $key => $value) {
$fields .= $key . '=' . $value . '&';
}
rtrim($fields, '&');
$post = curl_init();
curl_setopt($post, CURLOPT_URL, $url);
curl_setopt($post, CURLOPT_POST, count($data));
curl_setopt($post, CURLOPT_POSTFIELDS, $fields);
curl_setopt($post, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec($post);
curl_close($post);
return $result;
}
$data = array(
"name" => "new Name",
"website" => "http://bavotasan.com",
"twitterID" => "bavotasan"
);
$surl = 'http://mydomain.com/curl.php';
echo post_to_url($surl, $data);
?>
Whereas, on curl.php
<?php
file_put_contents('abc.text', "here is my data " . implode('->', $_POST));
if ($_POST['name']):
print_r($_POST['name']);
endif;
?>
How to get data from API - php - curl
A good way to try and debug this would be to check the curl info array, or curl error.
<?php
/**
* Handles making a cURL request
*
* @param string $url URL to call out to for information.
* @param bool $callDetails Optional condition to allow for extended
* information return including error and getinfo details.
*
* @return array $returnGroup cURL response and optional details.
*/
function makeRequest($url, $callDetails = false)
{
// Set handle
$ch = curl_init($url);
// Set options
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// Execute curl handle add results to data return array.
$result = curl_exec($ch);
$returnGroup = ['curlResult' => $result,];
// If details of curl execution are asked for add them to return group.
if ($callDetails) {
$returnGroup['info'] = curl_getinfo($ch);
$returnGroup['errno'] = curl_errno($ch);
$returnGroup['error'] = curl_error($ch);
}
// Close cURL and return response.
curl_close($ch);
return $returnGroup;
}
$url = /* some url */
$response = makeRequest($url, true);
// Check your return to make sure you are making a successful connection.
echo '<pre>';
print_r($response);
?>
Seeing if you are successfully making the connection, and then also exactly what you are getting back in the response should give you a better idea of how to handle parsing it.
EDIT
It looks like there is some non-JSON string data that is preventing the json_decode function from working. This is less than ideal, but it happens. Following method should help in this specific case, but is just a workaround to an issue involving bad data.
// continuing from above :) formatted for readability
/**
* Separates JSON string from unnecessary data, parses into
* an object and returns.
*
* @param string $curlResult String returned from cURL call.
*
* @return object $jsonObject Parsed JSON object.
*/
function cleanJsonString($curlResult) {
// Separates result string into array at " = ".
$responseChunks = explode(" = ", $curlResult);
// Removes semicolon from end of JSON string.
$jsonString = substr($responseChunks[1], -1);
// Parse JSON string into object.
$jsonObject = json_decode($jsonString);
return $jsonObject;
}
// Clean result.
$jsonObject = cleanJsonString($response['curlResult']);
// Print image object property.
echo $jsonObject->image;
Related Topics
How to Check If Directory Contents Has Changed with PHP
How to Store JavaScript Variable Output into a PHP Variable
Xml Creation Using Codeigniter
Recursive Function to Get All the Child Categories
Designing a Secure Auto Login Cookie System in PHP
How to Loop Through a Multidimensional Array Without Knowing It's Depth
PHP Shell_Exec() Command Is Not Working
The Requested Url /Projectname/Users Was Not Found on This Server. Laravel
Composer Running Out of Memory on Every Project, MAC Os X
PHP - How to Implement Password Reset and Token Expiry
PHP Session Ids -- How Are They Generated
Php: Check Who Had Read Sent Email
Sending Correct File Size with PHP Download Script
Parsing JavaScript (Not JSON) in PHP
How to Set for Specific Directory Open_Basedir
Premature End of Script Headers: Index.Php, Mod_Fcgid: Read Data Timeout in 61 Seconds