By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
438,304 Members | 1,253 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 438,304 IT Pros & Developers. It's quick & easy.

Basic Authentication in a GET request, url_exists() function.

100+
P: 113
Hi there,

I have a directory with windows authentication on it and i want my script to check whether an image file exists at a URL which corresponds to a image in the protected directory.

I started with this function:

Expand|Select|Wrap|Line Numbers
  1.  
  2. $url = "http://website.com/protected/images/image1.jpg";
  3. url_exists($url);
  4.  
  5.     function url_exists($url){
  6.         $url = str_replace("http://", "", $url);
  7.         if (strstr($url, "/")) {
  8.             $url = explode("/", $url, 2);
  9.             $url[1] = "/".$url[1];
  10.         } else {
  11.             $url = array($url, "/");
  12.         }
  13.  
  14.         $fh = fsockopen($url[0], 80);
  15.         if ($fh) {
  16.             fputs($fh,"GET ".$url[1]." HTTP/1.1\nHost:".$url[0]."\n\n");
  17.             if (fread($fh, 22) == "HTTP/1.1 404 Not Found") { return FALSE; }
  18.             else { return TRUE;    }
  19.  
  20.         } else { return FALSE;}
  21. }
  22.  
I kept on getting true for my results which made me think it was working at first. However when i output the result of this call:

Expand|Select|Wrap|Line Numbers
  1. fputs($fh,"GET ".$url[1]." HTTP/1.1\nHost:".$url[0]."\n\n");
  2. echo fread($fh, 100);
  3.  
It returns :

Expand|Select|Wrap|Line Numbers
  1. HTTP/1.1 401 Unauthorized Content-Length: 1656 Content-Type: text/html Server: Microsoft-IIS/6.0 HTTP/1.1 401 Unauthorized Content-Length: 1656 Content-Type: text/html Server: Microsoft-IIS/6.0  
  2.  
I think this means i need to work authentication into my GET request somehow, is this correct and how would I go about this?

PHP Version: 5.1.2

Thanks,

Chromis
Feb 20 '08 #1
Share this Question
Share on Google+
1 Reply


100+
P: 113
I found a solution to the problem but as I understand it, it isnt very secure as it sends the authorisation credentials in plain text:

Expand|Select|Wrap|Line Numbers
  1.     function url_exists($url){
  2.         $url = str_replace("http://", "", $url);
  3.         if (strstr($url, "/")) {
  4.             $url = explode("/", $url, 2);
  5.             $url[1] = "/".$url[1];
  6.         } else {
  7.             $url = array($url, "/");
  8.         }
  9.  
  10.         $fh = fsockopen($url[0], 80);
  11.         if ($fh) {
  12.             $getString = "GET ".$url[1]." HTTP/1.1\nHost:".$url[0]."\nAuthorization: Basic ".base64_encode("USERNAME:PASSWORD")."\r\n\n";
  13.             fputs($fh,$getString);
  14.  
  15.             if (fread($fh, 15) == "HTTP/1.1 200 OK") { return TRUE; }
  16.             else if (fread($fh, 22) == "HTTP/1.1 404 Not Found") { return FALSE; }
  17.             else return FALSE;
  18.  
  19.             // HTTP/1.1 200 OK
  20.  
  21.             echo fread($fh, 100);
  22.  
  23.         } else { return FALSE; }
  24.     }    
  25.  
Does anyone have any better ideas for what I could use?

Thanks,

Chromis
Feb 20 '08 #2

Post your reply

Sign in to post your reply or Sign up for a free account.