PHP - with curl, how to send username password in a popup of htpasswd?
Question
I have to submit POST method using curl, but while opening $URL it has a popup window with username/password to submit (like with htpasswd).
For some reason the following code is not working i get from server
HTTP/1.1 401 Unauthorized and HTTP/1.1 404 Not Found ( https://www.httpwatch.com/httpgallery/authentication/ )
// For Debug server response details
$curlOptions = array(
CURLOPT_RETURNTRANSFER => TRUE,
CURLOPT_FOLLOWLOCATION => TRUE,
CURLOPT_VERBOSE => TRUE,
CURLOPT_STDERR => $verbose = fopen('php://temp', 'rw+'),
CURLOPT_FILETIME => TRUE,
);
// Real meat
$ch = curl_init();
curl_setopt_array($ch, $curlOptions);
curl_setopt($ch, CURLOPT_URL,$URL);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
// is this the right way here in POST method???
curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");// is this correct way to enter username/password in the popup?
$status_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$result=curl_exec ($ch);
// Pretty print the debug logs
echo '<pre>',
!rewind($verbose),
stream_get_contents($verbose),
"\n",
'</pre>';
curl_close ($ch);
echo $result;
How can i make sure my POST method submission is really submitting the username/password? (debug log i do not see if i have submitted correctly, server is also not maintained by me, as its third-party service providers API)
EDIT:
TRY1: FAILED
// For Debug server response details
$curlOptions = array(
CURLOPT_RETURNTRANSFER => TRUE,
CURLOPT_FOLLOWLOCATION => TRUE,
CURLOPT_VERBOSE => TRUE,
CURLOPT_STDERR => $verbose = fopen('php://temp', 'rw+'),
CURLOPT_FILETIME => TRUE,
);
// Real meat
$ch = curl_init();
curl_setopt_array($ch, $curlOptions);
//
//
//
//
// STACK-OVERFLOW EXPERT SAID UPDATE THE $URL WITH USER:PASS@ THIS
//
//
//
//
$URL = "http://$username:$password@site.com/postblabla";
curl_setopt($ch, CURLOPT_URL, $URL);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
//
//
//
//
// STACK-OVERFLOW EXPERT SAID REMOVE THIS
//
//
//
//
//curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");
$status_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$result=curl_exec ($ch);
// Pretty print the debug logs
echo '<pre>',
!rewind($verbose),
stream_get_contents($verbose),
"\n",
'</pre>';
curl_close ($ch);
echo $result;
1 answers
solution1
2 ACCPTED 2016-07-07 06:40:15
With HTTP Auth, you send a username and a password as a part of the URL:
<schema>://<username>:<password>@<url>
Also see this SO question and answer .
However, the CURLOPT_USERPWD should have worked as well as both methods only set HTTP Authorization header. as mentioned here . This is also safer as your credentials will not be transferred as plaintext in URL and with potential use of SSL/TLS they will not be visible out in the open.
Also, setting HTTP Basic auth may help.
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.