andy1212

Hey, I'm trying to pass get variables through an https ssl secured url to generate xml data so I can parse it and I'm not sure how to get it working. I have the following code, I have the url set up like this, $xml = ' weight_system="IMPERIAL" shipper_number="000222000" destination_postal_code="'.$data5['zip'].'" service_type="1" '; $xml2 = ' total_pieces="'.$value.'" total_weight="'.$weight.'" '; $token = 'token'; $base_url = 'https://www.shippingco.com/XML/RatingXML.jsp'; $request_url = $base_url . '?' . http_build_query(array( 'shipment' => '<shipment ' . $xml . '><total ' . $xml2 . '/></shipment>', 'token' => $token )); and I have an example of the xml data here, <rating xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.shippingco.com/XML/rating.xsd"> <rate weight="5.0" weight_unit="lb" zone="3" transit_time="1" transit_time_guaranteed="false" estimated_delivery_date="2013-07-26" base_charge="11.05" freight_charge="11.05"residential_address_charge="2.75" net_charge="13.80" fuel_surcharge_rate="15.8" fuel_surcharge="1.75" subtotal_charge="15.55" on_hst_charge="2.02" total_charge="17.57"/> </rating> I have an RSA key, SSL cert, CA bundle and a password and need to use that information to authenticate with the https url. What is the best working way to accomplish this?

Anybody?

?

?

Awesome! I ended up putting all pages that need the https:// in the url in their own directory called "secure" and putting in the .htaccess file, RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} ^/secure/?.*$ RewriteRule ^(.*)$ https://www.website.com/$1 [R=301,L] Now if it's not too much trouble, can I direct you guys over to this thread where I really need help, this issue here wasn't to hard to figure out but the real problem is here, and started a new thread to see if there is a better way to do it here. Thanks!

Oh ok awesome!

Ok I'm not very familiar with PDO and it looks like you're trying to accomplish this using PDO queries. I laid out how I would set up the functions, dropdown menu, grabbing the data from the database to show which option the user has selected and how to allow the user to send whatever option they choose to the database, which will update the option selected in the dropdown. I'm sure you can take the code I've shown and get an idea of how it should function and change some things to PDO where needed. in your user.func.php file or where ever you're putting your functions, (remember if you're function is on a separate page, to include it on the page you want to use the function on.) function user_data($id){ $args = func_get_args(); unset($args[0]); $fields = '`'.implode('`, `', $args).'`'; $query = mysql_query("SELECT $fields FROM `user_optionsc0nf` WHERE `id`=".$_SESSION['id']) or die(mysql_error()); $query_result = mysql_fetch_assoc($query); foreach ($args as $field) { $args[$field] = $query_result[$field]; } return $args; } on the page where the user chooses a privacy option, this code will select what option they chose so be it, select, public or friendsonly $id = $_SESSION['id']; $data = user_data($id, 'privacy_opt'); on the page where the user can choose which privacy option they want in the form. <select name="privacydrop"> <option value="select" <?php if ($data['privacy_opt'] == 'select') echo 'selected="selected"' ?>>Select a privacy option</option> <option value="public" <?php if ($data['privacy_opt'] == 'public') echo 'selected="selected"' ?>>Public</option> <option value="friendsonly" <?php if ($data['privacy_opt'] == 'friendsonly') echo 'selected="selected"' ?>>Friends Only</option> </select> on user.func.php page or seperate page function update_user($privacy_opt) { $privacy_opt = mysql_real_escape_string($privacy_opt); mysql_query("UPDATE `user_optionsc0nf` SET `privacy_opt`='$privacy_opt' WHERE `id`=".$_SESSION['id']); } Code to perform the task of sending the chosen privacy option to the database to the field privacy_opt. if (isset($_POST['privacydrop'])) { $privacydrop = $_POST['privacydrop']; $errors = array(); if ($privacydrop == 'select') { $errors[] = 'You must select a privacy option'; } if ($privacydrop == 'public') { $privacy_opt = 'public'; } if ($privacydrop == 'friendsonly') { $privacy_opt = 'friendsonly'; } if (!empty($errors)) { foreach ($errors as $error) { echo $error '<br />'; } } else { update_user($privacy_opt); header('Location: whatever_your_page_is_called.php'); exit(); } }

How does the user toggle through the friend only or public option, through a list menu, 2 buttons, 2 radios, 2 checkboxes?

its not http:// its https:// and ssl secured so I need to handshake or authenticate with the page before grabbing the xml data and bringing it back to me webpage. The url looks like this, I have the url setup like this, $xml = ' weight_system="IMPERIAL" shipper_number="000222000" destination_postal_code="'.$data5['zip'].'" service_type="1" '; $xml2 = ' total_pieces="'.$value.'" total_weight="'.$weight.'" '; $token = 'token'; $base_url = 'https://www.shippingco.com/XML/RatingXML.jsp'; $request_url = $base_url . '?' . http_build_query(array( 'shipment' => '<shipment ' . $xml . '><total ' . $xml2 . '/></shipment>', 'token' => $token )); I have an RSA key, SSL cert, CA bundle and password and need to use that information to authenticate with the url to grab the xml data. and xml example <rating xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.shippingco.com/XML/rating.xsd"> <rate weight="5.0" weight_unit="lb" zone="3" transit_time="1" transit_time_guaranteed="false" estimated_delivery_date="2013-07-26" base_charge="11.05" freight_charge="11.05"residential_address_charge="2.75" net_charge="13.80" fuel_surcharge_rate="15.8" fuel_surcharge="1.75" subtotal_charge="15.55" on_hst_charge="2.02" total_charge="17.57"/> </rating> So how would I go about doing that?

Hey, I'd like to grab xml data by passing get variables through an https ssl secured url and then parse it. What would be the best way to go about doing that and is there a solid tutorial with step by step on how to do that? Thanks for your time!

Would anybody be able to help me from here?

nvm i figured it out, just went ../cert/ca.crt

Im trying to check and see if the path to a file is working and I have the following code to check, if (file_exists('../public_html/cert/ca.crt')) { echo 'yes'; } else { echo 'no'; } I've tried, '/public_html/cert/ca.crt', getcwd().'/cert/ca.crt' and what I have above and all return no. The way I have it set up is like this, in public_html there is a directory called 'cert' and a directory called 'secure'. In 'cert' is the file ca.crt and in 'secure' is the file which I'm testing to see if I can call the path of the ca.crt file into. Is there another way I should be stating the path so it can return 'yes'? Thanks for your time.

ok I labeled the rsa key mykey.pem and set up the code like this, and I'm still getting the same error, // Get cURL resource $curl = curl_init(); // Set some options - we are passing in a useragent too here curl_setopt($curl, CURLOPT_URL, $request_url); curl_setopt($curl, CURLOPT_RETURNTRANSFER,1); curl_setopt($curl, CURLOPT_VERBOSE, '1'); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, '1'); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, '1'); curl_setopt($curl, CURLOPT_CAINFO, getcwd().'/cert/ca.crt'); curl_setopt($curl, CURLOPT_SSLCERT, getcwd().'/cert/mycert.pem'); curl_setopt($curl, CURLOPT_SSLKEY, getcwd().'/cert/mykey.pem'); curl_setopt($curl, CURLOPT_SSLCERTPASSWD, 'password'); // Send the request & save response to $resp $result = curl_exec($curl); echo curl_error($curl); // Close request to clear up some resources curl_close($curl);

sorry i meant to put file formats or extensions

like sslcert.something like sslcert.pem and ca.crt and rsa.something

Hey, I was given the rsa key, ssl certificate and ca bundle code and I'm not sure what files types to save them as.

where would I put the rsa key in the code above and what should I save the rsa file as for the extension of the file. like rsa.pem or rsa.key or something

Ok so I copy pasted the certs into notepad seperately and named the ca bundle, ca.crt and ssl cert mycert.pem. Then put those files in their own folder and changed my code to this, (i just password for the SSLCERTPASSWD here but I have the real one in the actual code.) curl part of code on cart.func.php included on shopping.php page // Get cURL resource $curl = curl_init(); // Set some options - we are passing in a useragent too here curl_setopt($curl, CURLOPT_URL, $request_url); curl_setopt($curl, CURLOPT_RETURNTRANSFER,1); curl_setopt($curl, CURLOPT_VERBOSE, '1'); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, '1'); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, '1'); curl_setopt($curl, CURLOPT_CAINFO, getcwd().'/cert/ca.crt'); curl_setopt($curl, CURLOPT_SSLCERT, getcwd().'/cert/mycert.pem'); curl_setopt($curl, CURLOPT_SSLCERTPASSWD, 'password'); // Send the request & save response to $resp $result = curl_exec($curl); echo curl_error($curl); // Close request to clear up some resources curl_close($curl); and I'm still getting this error, unable to use client certificate (no key found or wrong pass phrase?) the directory structure is set up like this, public_html func cart.func.php cert .htaccess ca.crt mycert.pem secure shopping.php on the .htaccess file I have in the cert folder I have it set to deny from all, so no one can view the contents inside. Is that a problem at all? Also maybe I'm not calling the path properly in my code is there another way I should do it? Thanks for your time.

wow they gave me everything for the ssl! gonna test it out now

and also what's the big deal that they don't give that info once buying an ssl on a shared host account

oh ok, what's the likelihood they'll give that to me in your opinion lol. it's taking forever for them to respond to that inquiry.

for this code, curl_setopt($ch, CURLOPT_SSLCERTPASSWD, 'password'); is it a path I need to the file with the password, or a filename or the actual password.

I wonder if I purchased an external ssl I'd be able to have more control over the paths and certs and stuff but hopefully I can get this working the way I have it setup right now. I'll post back here once I've tested out the password line of code when they send me the path to that, if they do.

I'm waiting for them to reply to my ticket to get that path to the password so I can test it out. Hopefully that is the issue and I can have it working and move on to parsing the xml data. I hope I don't have to buy a dedicated hosting account can't really afford that...