这是我的php脚本调用远程restful api,用户名密码是硬编码的源代码,
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"http://localhost/m1/m1apiserver/public/api/login");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,
"email=elson%40bla.com&password=bla");
// receive server response ...
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$json = curl_exec ($ch);
curl_close ($ch);
$j = json_decode($json);
// further processing ....
if ($j->token) {
//echo $j->token;
$output = file_get_contents("http://localhost/m1/m1apiserver/public/api/product?token=".$j->token);
echo $output;
}
但有没有任何技术可以保护用户名密码?