{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 姐就是有狂的资本 的问题《CURL HTTP Authentication at server side》','https://www.manongdao.com/q-284477.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am building a web service with Zend and i have to authenticate the users before sending them response. The user will send a request to a server page, using curl, passing his credentials in the form of curl_setopt($curl, CURLOPT_USERPWD, 'key:pass');
Iam using Zend framework and so the server side page is denoted like:
http://www.example.com/app_name/public/controller/action/parameter
Here is the total code for user's request (client.php):
<?php
$curl = curl_init('http://www.example.com/app/public/user/add/1');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_USERPWD, 'username:password');
curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($curl, CURLOPT_USERAGENT, 'Sample Code');
$response = curl_exec($curl);
$resultStatus = curl_getinfo($curl);
if($resultStatus['http_code'] == 200) {
echo $response;
} else {
echo 'Call Failed '.print_r($resultStatus);
}
?>
Now what i want is that, i must be able to retrieve the username and password at the server side (in my zend controller), so that i can verify the user credentials from database and send the response accordingly. So how can i do authentication in another page?
You need to set
CURLOPT_HTTPAUTHtoCURLAUTH_BASIC.That way, in the target script,
PHP_AUTH_USERandPHP_AUTH_PW(plain text) will be available.Calling script:
In target.php:
I suggest executing the cURL request over HTTPS since username and password are transmitted plain text.
Zend Framework has a ready-made component for handling HTTP authentication.
Checkout the examples at
If you don't want to use that, you can still go the "old-school" way, as described in
and manually check on
$_SERVER['PHP_AUTH_USER']and$_SERVER['PHP_AUTH_PW']you can send username and password as post fields
you can get the credentials using $_POST