从安全的SSL路径调用和运行此php curl函数的“正确方法”是什么?

时间:2019-08-17 02:01:21

标签: php php-curl

我一直在仔细查看该代码,它不是由我创建的,一旦您从安全SSL路径调用它并在整个过程中使用安全路径,它就会停止工作。我添加了几行来希望解决SSL问题,但是没有成功。无法联系创建此文件的原始人,因此希望我只是遗漏了一些我不了解的内容。

我不使用PHP,所以我希望更多地了解为什么通过SSL路径调用它时不起作用。我确实到处寻找答案,但没有找到解决该问题的方法。

该文件的确使用非SSL路径(即http://www.example.com/sub/filename.php)运行零错误,但是当我通过此URL https://www.example.com/sub/filename.php调用该文件来运行文件时,我得到的只是一个False。

php日志显示了这一点。

[16-Aug-2019 15:05:35 UTC] PHP Deprecated:  Automatically populating $HTTP_RAW_POST_DATA is deprecated and will be removed in a future version. To avoid this warning set 'always_populate_raw_post_data' to '-1' in php.ini and use the php://input stream instead. in Unknown on line 0
[16-Aug-2019 15:05:35 UTC] PHP Deprecated:  Automatically populating $HTTP_RAW_POST_DATA is deprecated and will be removed in a future version. To avoid this warning set 'always_populate_raw_post_data' to '-1' in php.ini and use the php://input stream instead. in Unknown on line 0
[16-Aug-2019 15:05:35 UTC] PHP Deprecated:  Automatically populating $HTTP_RAW_POST_DATA is deprecated and will be removed in a future version. To avoid this warning set 'always_populate_raw_post_data' to '-1' in php.ini and use the php://input stream instead. in Unknown on line 0
[16-Aug-2019 15:05:35 UTC] PHP Deprecated:  Automatically populating $HTTP_RAW_POST_DATA is deprecated and will be removed in a future version. To avoid this warning set 'always_populate_raw_post_data' to '-1' in php.ini and use the php://input stream instead. in Unknown on line 0

在此先感谢您的帮助。 

<?php

error_reporting(0);
ini_set("display_errors", 0);

$DEBUG = false;

if($DEBUG) { echo "<h1>From Data File {$_GET['s']}</h1>"; }

$info = file_get_contents($_SERVER['DOCUMENT_ROOT']."/_tempfiles/_ses/{$_GET['s']}");
list($url,$vars,$header) = explode("||^||",$info);
unlink($_SERVER['DOCUMENT_ROOT']."/_tempfiles/_ses/{$_GET['s']}");

if(preg_match("|\r\n|",$header)) {
    $theaders = explode("\r\n",$header);
    }
else {
    $theaders = explode("\n",$header);
    }
foreach($theaders as $t) {
    if(trim($t) != '') {
        list($field,$value) = explode(':',$t);
        if(trim($field) != 'Host') {
            $headers[] = trim($t);
            }
        }
    }

if($DEBUG) {
    echo "<H1>URL</H1>{$url}";
    echo "<H1>Headers Array (w/Host removed)</H1>";
    var_dump($headers);
    echo "<H1>Vars</H1>{$vars}";
    echo "<H1>Content Length Validation</H1>".strlen($vars);
    echo "<h1>Output From Remote URL below line:</h1>";
    echo "<HR>";
}

$ch = curl_init();

// Configure curl for website
curl_setopt($ch, CURLOPT_URL,$url);

// Turn on SSL certificate verfication
curl_setopt($curl, CURLOPT_CAPATH, "/home/domain/unc/cacert.pem");
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, TRUE);

curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,$vars);
if(isset($headers) && is_array($headers) && count($headers) > 0) {

//curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
}

// 1 second for a connection timeout with curl
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 5);

// Try using this instead of the php set_time_limit function call
curl_setopt($curl, CURLOPT_TIMEOUT, 60);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
$server_output = curl_exec ($ch);
curl_close ($ch);
echo $server_output;

?>

1 个答案:

答案 0 :(得分:0)

我提供的代码似乎正常工作。我只需要检查此软件是否也在传递var字符串的返回路径即可。因此,感谢您的帮助,希望这对遇到相同问题的其他人有所帮助。

相关问题
最新问题