Jump to content

A couple CURL questions (Security concern, Controlling outputted log info)

maexus

By maexus
in PHP Coding Help

 Share

Recommended Posts

maexus Member

maexus

Posted
Posted

So, I wrote a little script that runs on a cron job and checks the atom feed of my gmail account ever 30 minutes. Checks to see if any of the emails are younger than 30 minutes. Any email that new is sent through a function.

 

I have a few concerns here.

 

Security comes to mind. I want to keep this a one file solution, which means I need to put my gmail and twitter un/pwd in the code. This makes me extremely nervious leaving my gmail account wide open like that. I'll post the code after addressing the second point. Is there something I can do to avoid this?

 

The second issue is, I need a better way of documenting what's going on. I have turned on CURLOPT_VERBOSE, which I believe is the server header information that is sent/returned. This is very helpful but it would be great if I could store it in a variable. It would let me customize how the cron job log looks. Is this possible?

 

Here is the code:

 

<?php
//1800 seconds is 30 minutes. You need to match this with the number of seconds of your cron intervals
$currentTime = time() - 1800;

//The credentials to make this all work
define("TWITTER_USERNAME","twitterUN");
define("TWITTER_PASSWORD","twitterPW");
define("GMAIL_USERNAME","gmailUN");
define("GMAIL_PASSWORD","gmailPW");

//proxy settings, check with your host to see if these are required
define("REQUIRES_PROXY",1);
define("PROXY_URL", "http://proxy.shr.secureserver.net");
define("PROXY_PORT","3128");

//no need to touch these
define("TWITTER_API_URL","http://twitter.com/statuses/update.xml?status=");
define("GMAIL_API_URL","https://mail.google.com/mail/feed/atom");

//this is all the dirty work and doesn't need to be touched
function postNotification($message){
$c = curl_init();
curl_setopt($c, CURLOPT_URL, TWITTER_API_URL.urlencode(stripslashes(urldecode($message))));
curl_setopt($c, CURLOPT_USERPWD, TWITTER_USERNAME.":".TWITTER_PASSWORD);
curl_setopt($c, CURLOPT_VERBOSE, 1);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($c, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($c, CURLOPT_POST, 1);

$exec = curl_exec($c);
$exec_array = curl_getinfo($c);

curl_close($c);

if($exec_array['http_code'] == "200"){
	echo "Everything went to plan";
}else{
	echo "Something fucked up";
}
}

$gmailCurl = curl_init();
curl_setopt($gmailCurl, CURLOPT_URL, GMAIL_API_URL);
curl_setopt($gmailCurl, CURLOPT_USERPWD, GMAIL_USERNAME.":".GMAIL_PASSWORD);
curl_setopt($gmailCurl, CURLOPT_VERBOSE, 1);
curl_setopt($gmailCurl, CURLOPT_RETURNTRANSFER, 1);

if(REQUIRES_PROXY == TRUE){
curl_setopt ($gmailCurl, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
curl_setopt ($gmailCurl, CURLOPT_PROXY,PROXY_URL.":".PROXY_PORT);
curl_setopt ($gmailCurl, CURLOPT_SSL_VERIFYPEER, 0);
}

$gmailXml = curl_exec($gmailCurl);
curl_close($gmailCurl);

$emails = new SimpleXMLElement($gmailXml);

foreach($emails->entry as $email){
$emailTimestamp = strtotime($email->issued);
if($emailTimestamp > $currentTime){
	postNotification($email->summary);
}
}
?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.