How To Use cURL (in PHP) For Authentication And SSL Communication
By Angsuman Chakraborty, Gaea News NetworkThursday, June 8, 2006
Using cURL (in PHP) to access https url is often not as simple as using the proper url. Using it for authentication is also not very clearly documented. This is a mini tutorial for both accessing https url’s as well as for http authentication.
The following is a simple example which show the most common options you will ever need to use to access https url’s as well as for http authentication.
// The usual - init a curl session and set the url
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $base_url);
// Set your login and password for authentication
curl_setopt($ch, CURLOPT_USERPWD, ‘login:pasword’);
// You can use CURLAUTH_BASIC, CURLAUTH_DIGEST, CURLAUTH_GSSNEGOTIATE,
// CURLAUTH_NTLM, CURLAUTH_ANY, and CURLAUTH_ANYSAFE
//
// You can use the bitwise | (or) operator to combine more than one method.
// If you do this, CURL will poll the server to see what methods it supports and pick the best one.
//
// CURLAUTH_ANY is an alias for CURLAUTH_BASIC | CURLAUTH_DIGEST |
// CURLAUTH_GSSNEGOTIATE | CURLAUTH_NTLM
//
// CURLAUTH_ANYSAFE is an alias for CURLAUTH_DIGEST | CURLAUTH_GSSNEGOTIATE |
// CURLAUTH_NTLM
//
// Personally I prefer CURLAUTH_ANY as it covers all bases
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
// This is occassionally required to stop CURL from verifying the peer’s certificate.
// CURLOPT_SSL_VERIFYHOST may also need to be TRUE or FALSE if
// CURLOPT_SSL_VERIFYPEER is disabled (it defaults to 2 - check the existence of a
// common name and also verify that it matches the hostname provided)
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
// Optional: Return the result instead of printing it
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
// The usual - get the data and close the session
$data = curl_exec($ch);
curl_close($ch);
Use the above as a template for your code to simplify your data access using cURL.
PS. The challenge with cURL documentation in PHP is that it is hard to find what you need from hundreds of available options and without enough examples of common use cases. What is needed is a series of How-To’s like the mini-tutorial above.
Tags: Cases
|
May 26, 2010: 11:24 am
Thanks a ton for this! I was wondering how to do with https and got my answer from here! Thanks again |
 Waseem |
February 14, 2010: 6:04 pm
in the line 2 , there is a variable $base_url Thanks |
|
Waseem |
February 14, 2010: 6:02 pm
in the line 2 , there is a variable $base_url |
 Kasper |
September 8, 2009: 9:46 am
Heya, looks nice and all but I would like to know how to get the the html content of the page? Regards |
|
August 24, 2009: 6:31 pm
Many thanks, that was exactly what I was looking for: |
 alex |
August 19, 2009: 6:44 pm
Yes! Exactly what I was looking for - CURLOPT_HTTPAUTH was the option I was missing. Thank you |
 davide |
|
March 9, 2009: 4:01 pm
Thanks for this tutorial man! It works perfectly! Thanks again! |
|
October 31, 2008: 12:16 am
I am happy to know you liked it. However please don’t copy it as that would violate my copyrght on the content. You wouldn’t like that now, would you? |
|
October 29, 2008: 6:47 pm
this is wonderful tutorial .. i read it 3 times and get a fantastic results and sure i put a |
|
October 2, 2008: 9:11 am
Curl options in PHP manual are pretty OK defined and explained but as you said, there are hundreds of them and there are too few examples in PHP manual. |
 Rahul |
May 7, 2008: 9:00 am
hello, Thanks and regards, |
|
March 29, 2008: 6:22 am
// CURLAUTH_ANYSAFE is an alias for CURLAUTH_DIGEST | CURLAUTH_GSSNEGOTIATE | problem pls check it… |
|
January 15, 2008: 2:46 pm
Thanks for the info. One small thing: curl_exec() should have $ch as the parameter:
|
|
November 28, 2007: 12:02 pm
Thank you for this article and all of the information you’ve provided. After I had my prototype remote log-in system working, I moved it to a secure server, and nothing worked anymore. Then I Googled for a couple of hours, until I found this page. Awesome! Everything is working again. Yes, you are absolutely right: It’s a jungle out there when you’re trying to find which CURL options are applicable and will actually work with any given situation. Hats off to you! You made my day! |
|
October 31, 2006: 10:06 pm
[...] Let’s take a PHP script that does a number of CURL calls as an example. PHP gives you access to libcurl a really powerful tool for calling up other web pages, web services, RSS feeds, and whatever else you can dream up, right in your PHP code. This article is not a general introduction to CURL, so I won’t go into detail, but basically the CURL functions allow your code to make requests and get responses from web sites just like a browser. You can then parse the results use the data on your site. [...] |
Jeff Graber