search
HomeBackend DevelopmentPHP Tutorialphp curl access https implementation code

  1. /**

  2. * curl POST
  3. *
  4. * @param string url
  5. * @param array data
  6. * @param int request timeout
  7. * @param bool Whether to perform strict authentication during HTTPS
  8. * @return string
  9. */
  10. function curlPost($url, $data = array(), $timeout = 30, $CA = true){
  11. < ;p> $cacert = getcwd() . '/cacert.pem'; //CA root certificate
  12. $SSL = substr($url, 0, 8) == "https://" ? true : false;
  13. $ch = curl_init();

  14. curl_setopt($ch, CURLOPT_URL, $url);
  15. curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
  16. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout- 2);
  17. if ($SSL && $CA) {
  18. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); // Only trust certificates issued by CA
  19. curl_setopt($ch, CURLOPT_CAINFO, $cacert); // CA root certificate ( Check whether the website certificate used to verify is issued by CA)
  20. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); // Check whether the domain name is set in the certificate and whether it matches the provided host name
  21. } else if ($SSL && !$CA ) {
  22. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // Trust any certificate
  23. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1); // Check whether the domain name is set in the certificate
  24. }
  25. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  26. curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect:')); //Avoid the problem of too long data
  27. curl_setopt($ch, CURLOPT_POST, true);
  28. curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
  29. / /curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data)); //data with URLEncode
  30. $ret = curl_exec($ch);

  31. //var_dump(curl_error($ch)) ; //View error message
  32. curl_close($ch);

  33. return $ret;
  34. }
Copy code

If the URL address starts with https , then use SSL, otherwise use ordinary HTTP protocol. Is it safe to use HTTPS? In fact, SSL also has different levels of verification. For example, do you need to verify the common name in the certificate? (BTW: Common Name generally means filling in the domain name (domain) or subdomain (sub domain) for which you are going to apply for an SSL certificate.) Need to verify hostname? Do you trust any certificate or only those issued by the CA? If the website's SSL certificate is purchased from a CA (usually more expensive), then you can use stricter authentication when accessing, that is:

  1. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); // Only trust certificates issued by CA
  2. curl_setopt($ch, CURLOPT_CAINFO, $cacert); // CA root certificate (used to verify whether the website certificate is issued by CA)
  3. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); // Check whether the domain name is set in the certificate and whether it matches the provided host name
Copy the code

If the website’s certificate is generated by itself, or If you apply for it from a small online institution, if you use strict authentication when accessing, it will not pass and false will be returned directly. (By the way, when false is returned, you can print curl_error($ch) to view the specific error message.) At this time, you can reduce the verification level according to the situation to ensure normal access, for example:

  1. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // Trust any certificate
  2. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1); // Check whether the domain name is set in the certificate (0 is okay, that is, the domain name exists Whether it is or not is not verified)
Copy the code

When you usually use a browser to access various https websites, you sometimes encounter a prompt that the certificate is not trusted. In fact, this is because the certificates of these websites are not issued by formal CA organizations. Various browsers on the market have built-in CA root certificate list information. When visiting websites with CA-issued certificates, the certificates of these websites will be verified based on the root certificate, so this prompt will not appear.

Regarding the CA root certificate file, it actually contains the public key certificates of each major CA organization, which is used to verify whether the website's certificate is issued by these organizations. This file comes from mozilla's source tree and is converted into a PEM format certificate file. (Download http://curl.haxx.se/ca/cacert.pem) Finally, let’s talk about something unrelated to SSL: curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect:')); Mainly to solve the problem of too long data during POST.



Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
11 Best PHP URL Shortener Scripts (Free and Premium)11 Best PHP URL Shortener Scripts (Free and Premium)Mar 03, 2025 am 10:49 AM

Long URLs, often cluttered with keywords and tracking parameters, can deter visitors. A URL shortening script offers a solution, creating concise links ideal for social media and other platforms. These scripts are valuable for individual websites a

Working with Flash Session Data in LaravelWorking with Flash Session Data in LaravelMar 12, 2025 pm 05:08 PM

Laravel simplifies handling temporary session data using its intuitive flash methods. This is perfect for displaying brief messages, alerts, or notifications within your application. Data persists only for the subsequent request by default: $request-

Build a React App With a Laravel Back End: Part 2, ReactBuild a React App With a Laravel Back End: Part 2, ReactMar 04, 2025 am 09:33 AM

This is the second and final part of the series on building a React application with a Laravel back-end. In the first part of the series, we created a RESTful API using Laravel for a basic product-listing application. In this tutorial, we will be dev

Simplified HTTP Response Mocking in Laravel TestsSimplified HTTP Response Mocking in Laravel TestsMar 12, 2025 pm 05:09 PM

Laravel provides concise HTTP response simulation syntax, simplifying HTTP interaction testing. This approach significantly reduces code redundancy while making your test simulation more intuitive. The basic implementation provides a variety of response type shortcuts: use Illuminate\Support\Facades\Http; Http::fake([ 'google.com' => 'Hello World', 'github.com' => ['foo' => 'bar'], 'forge.laravel.com' =>

cURL in PHP: How to Use the PHP cURL Extension in REST APIscURL in PHP: How to Use the PHP cURL Extension in REST APIsMar 14, 2025 am 11:42 AM

The PHP Client URL (cURL) extension is a powerful tool for developers, enabling seamless interaction with remote servers and REST APIs. By leveraging libcurl, a well-respected multi-protocol file transfer library, PHP cURL facilitates efficient execution of various network protocols, including HTTP, HTTPS, and FTP. This extension offers granular control over HTTP requests, supports multiple concurrent operations, and provides built-in security features.

12 Best PHP Chat Scripts on CodeCanyon12 Best PHP Chat Scripts on CodeCanyonMar 13, 2025 pm 12:08 PM

Do you want to provide real-time, instant solutions to your customers' most pressing problems? Live chat lets you have real-time conversations with customers and resolve their problems instantly. It allows you to provide faster service to your custom

Announcement of 2025 PHP Situation SurveyAnnouncement of 2025 PHP Situation SurveyMar 03, 2025 pm 04:20 PM

The 2025 PHP Landscape Survey investigates current PHP development trends. It explores framework usage, deployment methods, and challenges, aiming to provide insights for developers and businesses. The survey anticipates growth in modern PHP versio

Notifications in LaravelNotifications in LaravelMar 04, 2025 am 09:22 AM

In this article, we're going to explore the notification system in the Laravel web framework. The notification system in Laravel allows you to send notifications to users over different channels. Today, we'll discuss how you can send notifications ov

See all articles

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
2 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
Repo: How To Revive Teammates
1 months agoBy尊渡假赌尊渡假赌尊渡假赌
Hello Kitty Island Adventure: How To Get Giant Seeds
4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

SAP NetWeaver Server Adapter for Eclipse

SAP NetWeaver Server Adapter for Eclipse

Integrate Eclipse with SAP NetWeaver application server.

MinGW - Minimalist GNU for Windows

MinGW - Minimalist GNU for Windows

This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.

VSCode Windows 64-bit Download

VSCode Windows 64-bit Download

A free and powerful IDE editor launched by Microsoft

MantisBT

MantisBT

Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.

mPDF

mPDF

mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),