PHP cURL: GET POST SSL AUTH

From The Uniform Server Wiki
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

 

MPG UniCenter

UniServer 5-Nano
PHP cURL.

cURL GET POST SSL and Authentication

This page contains no new material what it provides are examples using our test simulation server to accesses a verification server over SSL to submit a form.

It takes the examples from the previous page and adds authentication and SSL.

Preperation

Our verification server curl_2 has already been configured

  • A default server certificate and key have been generated
  • Appropriate lines in C:\curl_2\UniServer\ssl\.htaccess are enabled

All that remains is to copy C:\curl_2\UniServer\www\remote_form.php to folder C:\curl_2\UniServer\ssl

Perhaps add a line to distinguish the form see last line:

<?php
 print "<p><b>Method GET</b><br />";
 if(isset($_GET['Name']))       $Name     = $_GET['Name'];
 if(isset($_GET['Password']))   $Password = $_GET['Password'];
 if(isset($_GET['Message']))    $Message  = $_GET['Message'];
 print "Name = $Name<br />";
 print "Password = $Password<br />";
 print "Message = $Message</p>";

 print "<p><b>Method POST</b><br />";
 if(isset($_POST['Name']))       $Name     = $_POST['Name'];
 if(isset($_POST['Password']))   $Password = $_POST['Password'];
 if(isset($_POST['Message']))    $Message  = $_POST['Message'];
 print "Name = $Name<br />";
 print "Password = $Password<br />";
 print "Message = $Message</p>";
 print "<p>SSL TEST FORM</p>";
?>

Example 12 - cURL GET

Using example 10 add the appropriate target page, password and SSL functions:

  • curl_setopt($ch, CURLOPT_URL,'https://localhost:446/remote_form.php');
  • curl_setopt($ch, CURLOPT_USERPWD, "root:root");
  • curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // no verify

Create a new text file in folder C:\curl_1\UniServer\www and name it test12.php add the following content

<?php
$name_val     = urlencode('MPG RIC');
$password_val = urlencode('fred 123');
$message_val  = urlencode('This is a test & = ?');

$str= "?Name=".$name_val."&Password=".$password_val."&Message=".$message_val;

print $str;

 $ch=curl_init();
 curl_setopt($ch, CURLOPT_URL,'https://localhost:446/remote_form.php'.$str);
 curl_setopt($ch, CURLOPT_USERPWD, "root:root");
 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);   // no verify
 curl_exec($ch);
 curl_close($ch);
?>

 

  • First three lines URL encode the values we wish to send.
  • Full string $str is assembled into correct format name value pairs.
  • This string is concatenated with the URL (tacked onto the end)
  • Added new URL remember is https and the port must be included
  • Added CURLOPT_USERPWD again defaults are root root
  • CURLOPT_SSL_VERIFYPEER disabled

Test:

  • Run both servers
  • Type http://localhost/test12.php into your browser
  • Result: Shown below

Results:

?Name=MPG+RIC&Password=fred+123&Message=This+is+a+test+%26+%3D+%3F

Method GET
Name = MPG RIC
Password = fred 123
Message = This is a test & = ?

Method POST
Name = MPG RIC
Password = fred 123
Message = This is a test & = ?

SSL TEST FORM

 

  • Note 1: The encoding of & = ? as %26+%3D+%3F (+ is a special character if we used that it would have been encoded)


  • Note 2: Although we used GET to send data for some reason PHP has mapped the variables in both GET and POST super-globals (I think this is incorrect!).


  • Note 3: SSL TEST FORM displayed hence correct form picked-up

Top

Example 13 - cURL POST

Using example 11 again add the appropriate target page, password and SSL functions:

  • curl_setopt($ch, CURLOPT_URL,'https://localhost:446/remote_form.php');
  • curl_setopt($ch, CURLOPT_USERPWD, "root:root");
  • curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // no verify

Create a new text file in folder C:\curl_1\UniServer\www and name it test13.php add the following content

<?php
$name_val     = urlencode('MPG RIC');
$password_val = urlencode('fred 123');
$message_val  = urlencode('This is a test & = +');

$str= "Name=".$name_val."&Password=".$password_val."&Message=".$message_val;

print $str;

 $ch=curl_init();
 curl_setopt($ch, CURLOPT_URL,'https://localhost:446/remote_form.php');
 curl_setopt($ch, CURLOPT_USERPWD, "root:root");
 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);   // no verify
 curl_setopt($ch, CURLOPT_POST, 1);
 curl_setopt($ch, CURLOPT_POSTFIELDS, $str);

 curl_exec($ch);
 curl_close($ch);
?>

 

  • First three lines URL encode the values we wish to send.
  • Full string $str is assembled into correct format name value pairs.
  • Added new URL remember is https and the port must be included
  • Added CURLOPT_USERPWD again defaults are root root
  • CURLOPT_SSL_VERIFYPEER disabled
  • CURLOPT_POST Switches to POST operation
  • CURLOPT_POSTFIELDS Informs Curl we are using a value of $str
  • This string has been URL encoded.

Note: I have included print $str to show what the encoded string looks like

Test:

  • Run both servers
  • Type http://localhost/test13.php into your browser
  • Result: Shown below

Results:

Name=MPG+RIC&Password=fred+123&Message=This+is+a+test+%26+%3D+%2B

Method GET
Name =
Password =
Message =

Method POST
Name = MPG RIC
Password = fred 123
Message = This is a test & = +

SSL TEST FORM

 

  • Note 1: The encoding of & = + as %26+%3D+%2B (+ is a special character hence encoded as %2B)


  • Note 2: Results in POST section as expected (no values in GET which is correct).


  • Note 3: SSL TEST FORM displayed hence correct form picked-up

Top

Summary

The example so far run scripts on a server.

The next page covers how to configure cURL on Uniform Server for portable operation using PHP in CLI mode.

Top