PHP-带有curl,如何在htpasswd的弹出窗口中发送用户名密码?
[英]PHP - with curl, how to send username password in a popup of htpasswd?
问题描述
I have to submit POST method using curl, but while opening $URL it has a popup window with username/password to submit (like with htpasswd). 
我必须使用curl提交POST方法,但是在打开$ URL时,它会弹出一个带有用户名/密码的提交窗口(例如htpasswd)。
For some reason the following code is not working i get from server 由于某些原因,以下代码无法正常工作,我从服务器获取
HTTP/1.1 401 Unauthorized and HTTP/1.1 404 Not Found ( https://www.httpwatch.com/httpgallery/authentication/ ) HTTP/1.1 401 Unauthorized and HTTP/1.1 404 Not Found ( https://www.httpwatch.com/httpgallery/authentication/ )
// For Debug server response details
$curlOptions = array(
CURLOPT_RETURNTRANSFER => TRUE,
CURLOPT_FOLLOWLOCATION => TRUE,
CURLOPT_VERBOSE => TRUE,
CURLOPT_STDERR => $verbose = fopen('php://temp', 'rw+'),
CURLOPT_FILETIME => TRUE,
);
// Real meat
$ch = curl_init();
curl_setopt_array($ch, $curlOptions);
curl_setopt($ch, CURLOPT_URL,$URL);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
// is this the right way here in POST method???
curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");// is this correct way to enter username/password in the popup?
$status_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$result=curl_exec ($ch);
// Pretty print the debug logs
echo '<pre>',
!rewind($verbose),
stream_get_contents($verbose),
"\n",
'</pre>';
curl_close ($ch);
echo $result;
How can i make sure my POST method submission is really submitting the username/password? 我如何确定我的POST方法提交确实是在提交用户名/密码? (debug log i do not see if i have submitted correctly, server is also not maintained by me, as its third-party service providers API) (调试日志我看不到我是否已正确提交,服务器也不由我维护,因为它是第三方服务提供商的API)
EDIT: 编辑:
TRY1: FAILED TRY1:失败
// For Debug server response details
$curlOptions = array(
CURLOPT_RETURNTRANSFER => TRUE,
CURLOPT_FOLLOWLOCATION => TRUE,
CURLOPT_VERBOSE => TRUE,
CURLOPT_STDERR => $verbose = fopen('php://temp', 'rw+'),
CURLOPT_FILETIME => TRUE,
);
// Real meat
$ch = curl_init();
curl_setopt_array($ch, $curlOptions);
//
//
//
//
// STACK-OVERFLOW EXPERT SAID UPDATE THE $URL WITH USER:PASS@ THIS
//
//
//
//
$URL = "http://$username:$password@site.com/postblabla";
curl_setopt($ch, CURLOPT_URL, $URL);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
//
//
//
//
// STACK-OVERFLOW EXPERT SAID REMOVE THIS
//
//
//
//
//curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");
$status_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$result=curl_exec ($ch);
// Pretty print the debug logs
echo '<pre>',
!rewind($verbose),
stream_get_contents($verbose),
"\n",
'</pre>';
curl_close ($ch);
echo $result;
1 个解决方案
解决方案1
2 已采纳 2016-07-07 06:40:15
With HTTP Auth, you send a username and a password as a part of the URL: 使用HTTP Auth,您可以发送用户名和密码作为URL的一部分:
<schema>://<username>:<password>@<url>
Also see this SO question and answer . 另请参阅此SO问答 。
However, the CURLOPT_USERPWD should have worked as well as both methods only set HTTP Authorization header. 但是, CURLOPT_USERPWD应该可以正常工作,并且这两种方法都只能设置HTTP Authorization标头。 as mentioned here . 如这里提到的 。 This is also safer as your credentials will not be transferred as plaintext in URL and with potential use of SSL/TLS they will not be visible out in the open. 这也更安全,因为您的凭据将不会以纯文本格式在URL中传输,并且可能会使用SSL / TLS,因此不会在公开位置显示。
Also, setting HTTP Basic auth may help. 另外,设置HTTP基本身份验证可能会有所帮助。
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.