Jump to content

Recommended Posts

ok, i then printed the absolute path and then put this path back into the original script to get

<?php
const FETCH_URL = 'https://www.whoscored.com/Matches/829839/Live';

$curl = curl_init(FETCH_URL);
curl_setopt($curl, CURLOPT_CAINFO, '/home/content/m/u/p/muppet77/html/footballstatistics.co/gd_bundle-g2.cer');

if (!$curl)
{
    trigger_error('Failed to initialize cURL.', E_USER_ERROR);
}

if (!curl_setopt($curl, CURLOPT_RETURNTRANSFER, true))
{
    trigger_error('Failed to set cURL option.', E_USER_ERROR);
}

if (!curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true))
{
    trigger_error('Failed to set cURL option.', E_USER_ERROR);
}

$curl_response = curl_exec($curl);

if ($curl_response === false)
{
    trigger_error('cURL error: '.curl_error($curl), E_USER_ERROR);
}

echo $curl_response;
curl_close($curl);
?>

which output the same output error as post #19

 

Fatal error: cURL error: Unknown SSL protocol error in connection to www.whoscored.com:443 in /home/content/m/u/p/muppet77/html/footballstatistics.co/test.php on line 26

Edited by muppet77

I have a pretty good curl based scraper that I scrape both http and https sites.That link trying to connect to or even just the domain both return "Unable to fetch website". It's possible they are blocking any requests.

 

There has been known issues with sslv3 due to security issues and some websites are wanting to use TLS instead. To make that matter worse there is issues with TLS in some curl versions. It's like a circle of getting nowhere with it unless use a known working curl version, I believe curl 7.19 for sure has a TLS issue.

 

Here is something that could possibly help or not.

curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($curl, CURLOPT_SSL_CIPHER_LIST, 'TLSv1');
curl_setopt($curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
Edited by QuickOldCar

This will disable certificate verification entirely, leaving the communication wide open to man-in-the-middle attacks and defeating the entire purpose of HTTPS.

 

If you don't care at all about the data you're fetching, and if your entire application is built on the premise that the data can be malicious, then, yes, this might be good enough for a quick hack. But don't use this is a general solution.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.