Delicious Bookmark this on Delicious Share on Facebook SlashdotSlashdot It! Digg! Digg



PHP : Appendices : List of Supported Protocols/Wrappers : HTTP and HTTPS

HTTP and HTTPS

PHP 3, PHP 4, PHP 5. https:// since PHP 4.3.0

  • http://example.com
  • http://example.com/file.php?var1=val1&var2=val2
  • http://user:password@example.com
  • https://example.com
  • https://example.com/file.php?var1=val1&var2=val2
  • https://user:password@example.com

Allows read-only access to files/resources via HTTP 1.0, using the HTTP GET method. A Host: header is sent with the request to handle name-based virtual hosts. If you have configured a user_agent string using your ini file or the stream context, it will also be included in the request.

Warning:

When using SSL, Microsoft IIS will violate the protocol by closing the connection without sending a close_notify indicator. PHP will report this as "SSL: Fatal Protocol Error" when you reach the end of the data. To workaround this, you should lower your error_reporting level not to include warnings. PHP 4.3.7 and higher can detect buggy IIS server software when you open the stream using the https:// wrapper and will suppress the warning for you. If you are using fsockopen() to create an ssl:// socket, you are responsible for detecting and suppressing the warning yourself.

Redirects have been supported since PHP 4.0.5; if you are using an earlier version you will need to include trailing slashes in your URLs. If it's important to know the URL of the resource where your document came from (after all redirects have been processed), you'll need to process the series of response headers returned by the stream.

<?php
$url
= 'http://www.example.com/redirecting_page.php';

$fp = fopen($url, 'r');

/* Prior to PHP 4.3.0 use $http_response_header
  instead of stream_get_meta_data() */
$meta_data = stream_get_meta_data($fp);
foreach(
$meta_data['wrapper_data'] as $response) {

 
/* Were we redirected? */
 
if (substr(strtolower($response), 0, 10) == 'location: ') {
   
/* update $url with where we were redirected to */
   
$url = substr($response, 18);
 }

}

?>

Example O.2. Fetch a page and send POST data

<?php

$postdata
= http_build_query(
   array(
       
'var1' => 'some content',
       
'var2' => 'doh'
   
)
);

$opts = array('http' =>
   array(
       
'method'  => 'POST',
       
'header'  => 'Content-type: application/x-www-form-urlencoded',
       
'content' => $postdata
   
)
);

$context  = stream_context_create($opts);

$result = file_get_contents('http://example.com/submit.php', false, $context);

?>


The stream allows access to the body of the resource; the headers are stored in the $http_response_header variable. Since PHP 4.3.0, the headers are available using stream_get_meta_data().

HTTP connections are read-only; you cannot write data or copy files to an HTTP resource.

Note:

HTTPS is supported starting from PHP 4.3.0, if you have compiled in support for OpenSSL.

Table O.2. Wrapper Summary

Attribute Supported
Restricted by allow_url_fopen Yes
Allows Reading Yes
Allows Writing No
Allows Appending No
Allows Simultaneous Reading and Writing N/A
Supports stat() No
Supports unlink() No
Supports rename() No
Supports mkdir() No
Supports rmdir() No


Table O.3. Context options

Name Usage Default
method GET, POST, or any other HTTP method supported by the remote server. GET
header Additional headers to be sent during request. Values in this option will override other values (such as User-agent:, Host:, and Authentication:).  
user_agent Value to send with User-Agent: header. This value will only be used if user-agent is not specified in the header context option above. php.ini setting: user_agent
content Additional data to be sent after the headers. Typically used with POST or PUT requests.  
proxy URI specifying address of proxy server. (e.g. tcp://proxy.example.com:5100). HTTPS proxying (through HTTP proxies) only works in PHP 5.1.0 or greater.  
request_fulluri When set to TRUE, the entire URI will be used when constructing the request. (i.e. get http://www.example.com/path/to/file.php http/1.0). while this is a non-standard request format, some proxy servers require it. FALSE
max_redirects The max number of redirects to follow. Value 1 or less means that no redirects are followed. Added in PHP 5.1.0. 20
protocol_version HTTP protocol version. Added in PHP 5.1.0. 1.0
timeout Read timeout in seconds, specified by a float (e.g. 10.5). Added in PHP 5.2.1. default_socket_timeout


Underlying socket stream context options:

Additional context options may be supported by the underlying transport For http:// streams, refer to context options for the tcp:// transport. For https:// streams, refer to context options for the ssl:// transport.

Custom headers may be sent with an HTTP request prior to version 5 by taking advantage of a side-effect in the handling of the user_agent INI setting. Set user_agent to any valid string (such as the default PHP/version setting) followed by a carriage-return/line-feed pair and any additional headers. This method works in PHP 4 and all later versions.

Example O.3. Sending custom headers with an HTTP request

<?php
ini_set
('user_agent', "PHP\r\nX-MyCustomHeader: Foo");

$fp = fopen('http://www.example.com/index.php', 'r');
?>

Results in the following request being sent:

GET /index.php HTTP/1.0
Host: www.example.com
User-Agent: PHP
X-MyCustomHeader: Foo


Code Examples / Notes » wrappers.http

spazdaq

just an FYI about digest authentication.
While one of the above http examples has the username and password info supplied with the url, this must only be for basic authentication. it does not appear to work for digest authentication. you have to handle the digest followup request on your own.


sinured

If you want to send more than one custom header, just make header an array:
<?php
$default_opts = array(
'http' => array(
'user_agent' => 'Foobar',
'header' => array(
'X-Foo: Bar',
'X-Bar: Baz'
)
)
);
stream_context_get_default($default_opts);
readfile('http://www.xhaus.com/headers');
?>


nea

HTTP post function;
<?php
function post_it($datastream, $url) {
$url = preg_replace("@^http://@i", "", $url);
$host = substr($url, 0, strpos($url, "/"));
$uri = strstr($url, "/");
     $reqbody = "";
     foreach($datastream as $key=>$val) {
         if (!empty($reqbody)) $reqbody.= "&";
     $reqbody.= $key."=".urlencode($val);
     }
$contentlength = strlen($reqbody);
    $reqheader =  "POST $uri HTTP/1.1\r\n".
                  "Host: $host\n". "User-Agent: PostIt\r\n".
    "Content-Type: application/x-www-form-urlencoded\r\n".
    "Content-Length: $contentlength\r\n\r\n".
    "$reqbody\r\n";
$socket = fsockopen($host, 80, $errno, $errstr);
if (!$socket) {
  $result["errno"] = $errno;
  $result["errstr"] = $errstr;
  return $result;
}
fputs($socket, $reqheader);
while (!feof($socket)) {
  $result[] = fgets($socket, 4096);
}
fclose($socket);
return $result;
}
?>


dwalton

As it says on this page:
"The stream allows access to the body of the resource; the headers are stored in the $http_response_header variable. Since PHP 4.3.0, the headers are available using stream_get_meta_data()."
This one sentence is the only documentation I have found on the mysterious $http_response_header variable, and I'm afraid it's misleading.  It implies that from 4.3.0 onward, stream_get_meta_data() ought to be used in favor of $http_response_header.  
Don't be fooled!  stream_get_meta_data() requires a stream reference, which makes it ONLY useful with fopen() and related functions.  However, $http_response_header can be used to get the headers from the much simpler file_get_contents() and related functions, which makes it still very useful in 5.x.
Also note that even when file_get_contents() and friends fail due to a 4xx or 5xx error and return false, the headers are still available in $http_response_header.


Change Language


Follow Navioo On Twitter
Filesystem
Socket
HTTP and HTTPS
FTP and FTPS
PHP input/output streams
Compression Streams
Data (RFC 2397)
Secure Shell 2
Audio Streams
Process Interaction Streams
eXTReMe Tracker