curl problem

[andy1212]

I'm trying to grab xml data from a url that I pass get variables through and I get this error when trying to echo out the results.

 

org.xml.sax.SAXParseException: Premature end of file.

 

I'd also like to parse the xml data once it is recognized but the first priority is to recognize or at least let me know that the code is working. Here is the code I have below and I'm trying to get a shipping cost for an item and the necessary information that needs to be passed through the url to the shipping company's custom shipping rate calculator uses the get variables to calculate the exact shipping cost. When I use an example link and just add in some get variables manually and then enter it into the browser's url bar, the xml data shows up fine and there is the total amount for shipping but I don't understand why I can't get curl to do it. Thanks for your time!

$xml = 'weight_system="IMPERIAL" shipper_number="000222000" destination_postal_code="'.$data5['zip'].'" service_type="1"
';


$xml2 = '
total_pieces="'.$value.'" total_weight="'.$weight.'"
'; 


$token = 'KFSSAFD4DSE'; 
$base_url = 'https://www.shippingco.com/XML/RatingXML.jsp'; 


$request_url = $base_url . '?'.htmlentities('shipment=<shipment ' . $xml . '><total ' . $xml2 . '/></shipment>&token=' . $token);


// Get cURL resource
$curl = curl_init();
// Set some options - we are passing in a useragent too here
curl_setopt_array($curl, array(
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => 2,
CURLOPT_CAINFO => '/home/website/public_html/cacert/cacert.pem',
     CURLOPT_RETURNTRANSFER => 1,
     CURLOPT_URL => $request_url,
CURLOPT_USERAGENT, 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)',
CURLOPT_FAILONERROR => false
));
// Send the request & save response to $resp
$result = curl_exec($curl);
echo curl_error($curl);
echo $result;
// Close request to clear up some resources
curl_close($curl);

[andy1212]

When I take out these to lines of code,

 

CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => 2,

 

I get this error

 

error setting certificate verify locations: CAfile: /home/website/public_html/cacert/cacert.pem CApath: none

[.josh]

If I had to take a guess, I'd say that you should be urlencoding $request_url, not htmlentitying it. echo out $request_url and compare it to how you would enter it in, in your browser url bar.

[andy1212]

Yeah I did that already, when urlencoding it, I echoed out $request_url and tried copy and pasting that url manually into the url bar in the browser and it have an error and no xml data would be produced. So I tried htmlentities and did the process again and xml was produced so if I encode the variables, they won't be passed through the url properly to generate the xml data I need so that I can grab that data and parse it to get the total shipping cost. The problem I'm having is that the curl code gives me those errors that I listed above and it's really frustrating because I've looked all over the internet to find a solution to this problem and have had no luck. So I must be doing something wrong with the curl code but I'm not sure what. I'm no expert at php btw but I'm learning as I go. Any help with this is appreciated so I can figure this out! Thanks

Edited July 22, 2013 by andy1212

[kicken]

Change

$request_url = $base_url . '?'.htmlentities('shipment=<shipment ' . $xml . '><total ' . $xml2 . '/></shipment>&token=' . $token);

to this:

$request_url = $base_url . '?' . http_build_query(array(
    'shipment' => '<shipment ' . $xml . '><total ' . $xml2 . '/></shipment>'
    , 'token' => $token
));

See if that helps.

[andy1212]

Ok so that works for the request_url variable I tried echoing it and copy and pasting the url into the browser url bar and it worked to pull up the xml data. Now to get curl to bring back the xml data is I guess what's not happening. I echoed out,

 

echo curl_error($curl);

 

and have this message,

 

error setting certificate verify locations: CAfile: /home/website/public_html/cacert/cacert.pem CApath: none

Edited July 22, 2013 by andy1212

[.josh]

The URL you are requesting is https.. do you care about it being SSL? If so then you are going to need to set the SSL settings properly. If not, then keep this one:

 

CURLOPT_SSL_VERIFYPEER => false,

 

and remove this one:

 

CURLOPT_SSL_VERIFYHOST => 2,

[.josh]

note that the target server may require you to identify yourself with a certificate, so ignoring cert validation may not be an option for you and you will have to properly set that up

[andy1212]

If I don't use https I get this error on the url page

 

https protocol must be used

 

So i think I have to go with https. So in that case, how would I set up the SSL settings.

Edited July 22, 2013 by andy1212

[.josh]

See this comment in the manual for the settings to use.  In addition, you will need to actually setup an SSL cert on the server running the code.  You may possibly get away with a self-signed certificate, so I'd try that first, as it's the free option.  Setting up an SSL cert is a bit lengthy but fairly straight forward; there are lots of tuts out there for it. 

[andy1212]

Oh ok, ya I was hoping I wouldn't have to purchase an ssl and dedicated ip again but i guess i'll have to. so I got this code from your link and I'm wondering about where I would put certain things,

 

 

curl_setopt($curl, CURLOPT_VERBOSE, '1');

curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, '1');

curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, '1');

// for this line, what would go here?

curl_setopt($curl, CURLOPT_CAINFO,  getcwd().'/cacert/cacert.pem');

 

// for this line, does the path to my free or purchased ssl certificate go here?

curl_setopt($curl, CURLOPT_SSLCERT, getcwd().'/cacert/cacert.pem');

curl_setopt($curl, CURLOPT_SSLCERTPASSWD, 'password');

 

I found certificate here, http://curl.haxx.se/ca/cacert.pem that I thought I might be able to use as a certificate but I'm wondering if it's even working the way I have it setup. I just copied the whole cert and pasted it into notepad, saved it as .pem and put it in it's own directory on the server called cacert. So then I was just calling the path in CURLOPT_CAINFO, 'home/website/public_html/cacert/cacert.pem'; but I guess that wasn't working. Where can I find a free self-signed cert, just type free ssl certs in google search? Would a password come with it too. Thanks again for your help

Edited July 22, 2013 by andy1212

[andy1212]

Ok I ended up purchasing an SSL and dedicated IP because I'm scared to use one of the free SSL certs encase they decide that I need to upgrade and start paying for one so I just purchased one with the hosting company I have a reseller account with. So I still am not sure about a couple things with the code I added above.

[.josh]

Well you could have generated your own self-signed certificate on your server (assuming you have access to do so).  Also FYI, modern browsers don't require a dedicated IP for SSL, though it probably wouldn't have been an option for you on a shared hosting plan anyways (but you can blame your host for that, not technology). 

 

Anyways, basically your next step would be to setup your server to handle SSL requests. This involves placing the certificate somewhere on your box and updating some Apache files (or whatever your server is).  The exact steps will vary depending on your OS, Server, Server config, etc.. though, so I'm afraid I don't have any canned instructions for you.. but my thought is if you are using a hosting company and got the SSL cert from them and have a reseller account.. do they manage the box or are you paying for a dedicated server and have full root access?  If they are involved in management, shouldn't they be setting that up for you? I mean because normally the the process for purchasing an SSL Cert involves you generating a certificate request file on your server to give to the SSL Authority to sign and then they give you the signed certificate.  If you just went to your hosting account page and threw money at it and are now paying for it and didn't do any of that stuff, then either you got scammed or they set all that up for you on your server.  

[andy1212]

They setup the ssl cert and I set up the redirects in the .htaccess to allow certain pages to be secured including the shopping cart page. So Now that the shopping cart page is ssl secured or has the https in the url do I still need to put the path to the certificate in the curl code I posted above or will curl be able to grab the xml data now without an ssl error. no I don't have dedicated hosting it is shared so they control the box, but I'm wondering where I'd find the path to the ssl cert now, if I need that to put in the curl. Thanks!

[andy1212]

also do I need to put the ssl password in the curl code like they have in this example?

 

curl_setopt($curl, CURLOPT_SSLCERTPASSWD, 'password'); or is that unsafe to do that

[andy1212]

Ok so this is what my host said when I tried asking for the absolute path to the ssl cert,

 

I am afraid that you do not have access to the SSL certificate files installed for your account in a shared server environment.

 

So I'm not sure what to do now..

[andy1212]

Ok I have this code now and I'm getting the following error,

 

code

// Get cURL resource
			$curl = curl_init();
			// Set some options - we are passing in a useragent too here
			curl_setopt($curl, CURLOPT_URL, $request_url);
			curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);
			curl_setopt($curl, CURLOPT_VERBOSE, '1');
			curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, '1');
			curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, '1');
			curl_setopt($curl, CURLOPT_CAINFO,  getcwd().'//public_html/cert/cabundle.txt');
			curl_setopt($curl, CURLOPT_SSLCERT, '/public_html/cert/sslkey.txt');
			// Send the request & save response to $resp
			$result = curl_exec($curl);
			echo curl_error($curl);
			// Close request to clear up some resources
			curl_close($curl);

error,

unable to use client certificate (no key found or wrong pass phrase?)

 

Is it because I don't specify the password in the curl code?

Edited July 23, 2013 by andy1212

[.josh]

Yeah i thought that would be the case...basically you're out of luck, since your script can't point to the certificate files.  That's how it usually is on shared hosting.  If you really really need to make this script work, you need to move to a dedicated box where you get full access and can point your script to the certificate files. 

[andy1212]

well they gave me a path to the certs and they put them on my server but now I have that error described above. or will that code not work even if I have the password for this line of code

 

curl_setopt($ch, CURLOPT_SSLCERTPASSWD, 'password');

Edited July 23, 2013 by andy1212

[andy1212]

I'm waiting for them to reply to my ticket to get that path to the password so I can test it out. Hopefully that is the issue and I can have it working and move on to parsing the xml data. I hope I don't have to buy a dedicated hosting account can't really afford that...

[andy1212]

I wonder if I purchased an external ssl I'd be able to have more control over the paths and certs and stuff but hopefully I can get this working the way I have it setup right now. I'll post back here once I've tested out the password line of code when they send me the path to that, if they do.

[andy1212]

for this code,

 

curl_setopt($ch, CURLOPT_SSLCERTPASSWD, 'password');

 

is it a path I need to the file with the password, or a filename or the actual password.

[.josh]

It's an actual password

[andy1212]

oh ok, what's the likelihood they'll give that to me in your opinion lol. it's taking forever for them to respond to that inquiry.

[andy1212]

and also what's the big deal that they don't give that info once buying an ssl on a shared host account