PHP cURL: GET POST SSL AUTH

From The Uniform Server Wiki
Revision as of 20:03, 11 September 2009 by Ric (talk | contribs) (New page: {{Nav PHP cURL}} '''cURL GET POST SSL and Authentication''' This page contains no new material what it provides are examples using our test simulation server to accesses a verification se...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

 

MPG UniCenter

UniServer 5-Nano
PHP cURL.

cURL GET POST SSL and Authentication

This page contains no new material what it provides are examples using our test simulation server to accesses a verification server over SSL to submit a form.

It takes the examples from the previous page and adds authentication and SSL.

Preperation

Our verification server curl_2 has already been configured

  • A default server certificate and key have been generated
  • Appropriate lines in C:\curl_2\UniServer\ssl\.htaccess are enabled

All that remains is to copy C:\curl_2\UniServer\www\remote_form.php to folder C:\curl_2\UniServer\ssl

Perhaps add a line to distinguish the form see last line:

<?php
 print "<p><b>Method GET</b><br />";
 if(isset($_GET['Name']))       $Name     = $_GET['Name'];
 if(isset($_GET['Password']))   $Password = $_GET['Password'];
 if(isset($_GET['Message']))    $Message  = $_GET['Message'];
 print "Name = $Name<br />";
 print "Password = $Password<br />";
 print "Message = $Message</p>";

 print "<p><b>Method POST</b><br />";
 if(isset($_POST['Name']))       $Name     = $_POST['Name'];
 if(isset($_POST['Password']))   $Password = $_POST['Password'];
 if(isset($_POST['Message']))    $Message  = $_POST['Message'];
 print "Name = $Name<br />";
 print "Password = $Password<br />";
 print "Message = $Message</p>";
 print "<p>SSL TEST FORM</p>";
?>

Example 12 - cURL GET

Using example 10 add the appropriate target page, password and SSL functions:

  • curl_setopt($ch, CURLOPT_URL,'https://localhost:446/remote_form.php');
  • curl_setopt($ch, CURLOPT_USERPWD, "root:root");
  • curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // no verify

Create a new text file in folder C:\curl_1\UniServer\www and name it test12.php add the following content

<?php
$name_val     = urlencode('MPG RIC');
$password_val = urlencode('fred 123');
$message_val  = urlencode('This is a test & = ?');

$str= "?Name=".$name_val."&Password=".$password_val."&Message=".$message_val;

print $str;

 $ch=curl_init();
 curl_setopt($ch, CURLOPT_URL,'https://localhost:446/remote_form.php'.$str);
 curl_setopt($ch, CURLOPT_USERPWD, "root:root");
 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);   // no verify
 curl_exec($ch);
 curl_close($ch);
?>

 

  • First three lines URL encode the values we wish to send.
  • Full string $str is assembled into correct format name value pairs.
  • This string is concatenated with the URL (tacked onto the end)
  • Added new URL remember is https and the port must be included
  • Added CURLOPT_USERPWD again defaults are root root
  • CURLOPT_SSL_VERIFYPEER disabled

Test:

  • Run both servers
  • Type http://localhost/test12.php into your browser
  • Result: Shown below

Results:

?Name=MPG+RIC&Password=fred+123&Message=This+is+a+test+%26+%3D+%3F

Method GET
Name = MPG RIC
Password = fred 123
Message = This is a test & = ?

Method POST
Name = MPG RIC
Password = fred 123
Message = This is a test & = ?

SSL TEST FORM

 

  • Note 1: The encoding of & = ? as %26+%3D+%3F (+ is a special character if we used that it would have been encoded)


  • Note 2: Although we used GET to send data for some reason PHP has mapped the variables in both GET and POST super-globals (I think this is incorrect!).


  • Note 3: SSL TEST FORM displayed hence correct form picked-up

Top

Example 13 - cURL POST

Using example 11 again add the appropriate target page, password and SSL functions:

  • curl_setopt($ch, CURLOPT_URL,'https://localhost:446/remote_form.php');
  • curl_setopt($ch, CURLOPT_USERPWD, "root:root");
  • curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // no verify

Create a new text file in folder C:\curl_1\UniServer\www and name it test13.php add the following content

<?php
$name_val     = urlencode('MPG RIC');
$password_val = urlencode('fred 123');
$message_val  = urlencode('This is a test & = +');

$str= "Name=".$name_val."&Password=".$password_val."&Message=".$message_val;

print $str;

 $ch=curl_init();
 curl_setopt($ch, CURLOPT_URL,'https://localhost:446/remote_form.php');
 curl_setopt($ch, CURLOPT_USERPWD, "root:root");
 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);   // no verify
 curl_setopt($ch, CURLOPT_POST, 1);
 curl_setopt($ch, CURLOPT_POSTFIELDS, $str);

 curl_exec($ch);
 curl_close($ch);
?>

 

  • First three lines URL encode the values we wish to send.
  • Full string $str is assembled into correct format name value pairs.
  • Added new URL remember is https and the port must be included
  • Added CURLOPT_USERPWD again defaults are root root
  • CURLOPT_SSL_VERIFYPEER disabled
  • CURLOPT_POST Switches to POST operation
  • CURLOPT_POSTFIELDS Informs Curl we are using a value of $str
  • This string has been URL encoded.

Note: I have included print $str to show what the encoded string looks like

Test:

  • Run both servers
  • Type http://localhost/test13.php into your browser
  • Result: Shown below

Results:

Name=MPG+RIC&Password=fred+123&Message=This+is+a+test+%26+%3D+%2B

Method GET
Name =
Password =
Message =

Method POST
Name = MPG RIC
Password = fred 123
Message = This is a test & = +

SSL TEST FORM

 

  • Note 1: The encoding of & = + as %26+%3D+%2B (+ is a special character hence encoded as %2B)


  • Note 2: Results in POST section as expected (no values in GET which is correct).


  • Note 3: SSL TEST FORM displayed hence correct form picked-up

Top

Summary

The example so far run scripts on a server.

The next page covers how to configure cURL on Uniform Server for portable operation using PHP in CLI mode.

Top