Jump to content
justinh

header info query

Recommended Posts

Hi,

I've been trying to get response header information and some PHP functions are not returning anything.  I'm sure I am missing something fundamental, but I don't know why I'm not getting anything after I browse to header.php  (which contains all of the below) on my remote server.

From https://secure.php.net/manual/en/function.get-headers.php, example 1:

$url = 'https://yahoo.com';
print_r(get_headers($url));
print_r(get_headers($url, 1));

It shows nothing on the page.

From https://php.net/manual/en/function.get-headers.php#97684:

function get_http_response_code($theURL) {  //https://php.net/manual/en/function.get-headers.php#97684
    $headers = get_headers($theURL);
    return substr($headers[0], 9, 3);
}
echo get_http_response_code("https://yahoo.com");

It shows nothing on the page.

From https://php.net/manual/en/function.get-headers.php#112652:

function get_http_response_code($theURL) {
    $headers = get_headers($theURL);
    return substr($headers[0], 9, 3);
}

if(intval(get_http_response_code('filename.jpg')) < 400){
echo "file was found";
}
else { echo "no file found"; }

It shows nothing on the page.

From https://secure.php.net/reserved.variables.server, example 1:

echo ($_SERVER["yahoo.com"]); 

It shows nothing on the page.

From https://secure.php.net/manual/en/reserved.variables.httpresponseheader.php:

function get_contents() {
  file_get_contents("https://berean-biblechurch.org/rss/rss.xml");
  var_dump($http_response_header);
}
get_contents();
var_dump($http_response_header);

It shows "NULL".

I'd appreciate any help.

Justin

Share this post


Link to post
Share on other sites

Use var_dump() on the output of the get_headers() function and see what it shows.

I doubt $_SERVER["yahoo.com"] would have anything in it, the $_SERVER array just contains some information about the server that the PHP code is running on.

Share this post


Link to post
Share on other sites

Var_dump of the get_headers is showing " bool(false) ".  Why would it be false?

What I found out about

file_get_contents

is that it works with relative paths (e.g., '../myfile.txt') but not with an absolute path (e.g., 'https://myserver.com/myfile.txt').  I this same problem with getimagesize, file_exists, and fopen (though PHP.net shows an example with absolute path).  Why won't absolute paths work on my server when supposedly they are supposed to work with these functions?

I can't use relative paths because the file I'm checking for is on a subdomain that is on another server.  And I can't rely on response headers, so I really like the idea of just checking for a file.

Share this post


Link to post
Share on other sites

If it returns false it probably means that it could not connect to the URL.

file_get_contents() will get files from your local server. Depending on your server's configuration it might not be allowed to load files from remote servers.

I recommend using cURL to load files from other websites: http://php.net/manual/en/book.curl.php

Share this post


Link to post
Share on other sites

You need to allow 'allow_url_fopen' in php.ini ,if you can, if not curl is the best alternative;

allow_url_fopen = On

IF the display errors was enabled you should have seen

get_headers(): https:// wrapper is disabled in the server configuration by allow_url_fopen=0

 

Edited by dsonesuk

Share this post


Link to post
Share on other sites

Here is what I obtain

0: HTTP/1.0 301 Moved Permanently
1: Date: Sun, 11 Nov 2018 22:52:03 GMT
2: Strict-Transport-Security: max-age=31536000
3: Via: http/1.1 media-router-fp1002.prod.media.ne1.yahoo.com (ApacheTrafficServer [c s f ])
4: Server: ATS
5: Cache-Control: no-store, no-cache
6: Content-Type: text/html
7: Content-Language: en
8: Connection: keep-alive
9: X-Frame-Options: SAMEORIGIN
10: Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
11: Location: https://www.yahoo.com/
12: Content-Length: 8
13: HTTP/1.0 200 OK
14: Cache-Control: no-store, no-cache, max-age=0, private
15: Content-Encoding: gzip
16: Content-Type: text/html; charset=UTF-8
17: Date: Sun, 11 Nov 2018 22:48:04 GMT
18: Server: ATS
19: x-amz-server-side-encryption: AES256
20: Age: 239
21: Via: https/1.1 media-ncache-fp29.prod.media.gq1.yahoo.com (ApacheTrafficServer [cMsSf ]), http/1.1 media-ncache-fp29.prod.media.gq1.yahoo.com (ApacheTrafficServer [cSsSfU]), http/1.1 media-ncache-fp29.prod.media.gq1.yahoo.com (ApacheTrafficServer [cRs f ]), http/1.1 media-ncache-fp34.prod.media.gq1.yahoo.com (ApacheTrafficServer [cMsSf ]), http/1.1 media-router-fp1009.prod.media.gq1.yahoo.com (ApacheTrafficServer [cMsSf ])
22: Content-Length: 226066
23: P3P: policyref="http://info.yahoo.com/w3c/p3p.xml, CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV
24: Expires: -1
25: Strict-Transport-Security: max-age=31536000
26: Content-Security-Policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=frontpage®ion=US&lang=en-US&device=&yrid=dfh5u61duhckj&partner=;
27: X-Frame-Options: SAMEORIGIN
28: X-XSS-Protection: 1; report="https://csp.yahoo.com/beacon/csp?src=fp-hpkp-www"
29: Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"

when I run

$url = 'https://yahoo.com';
$output = get_headers($url);
foreach ($output as $key => $value) {
    echo $key . ': ' . $value . '<br />';
} 

Note: 

X-Frame-Options: SAMEORIGIN

Roddy

 

 

Edited by iwato

Share this post


Link to post
Share on other sites

It appears my setting for "allow_url_fopen" in my file's folder php.ini was not being honored; it wouldn't work even if I set it in the PHP file, even if I set the X-frame-options header.  I had to set "allow_url_fopen" in the site root's php.ini!

I thought the local (to the file) php.ini would be in effect.  Is there someway to make that work, or am I totally washed up about that?  Maybe I am thinking about htaccess?

Man, I fought this for two days!  Thanks so much, everyone.  I'm sure I'll be back after I get to the next step  :-)

Share this post


Link to post
Share on other sites

IF its by website host, it maybe locked for security reasons to Off.

According to php.net it is listed as PHP_INI_SYSTEM and changing of settings may be set by

PHP_INI_SYSTEM Entry can be set in php.ini or httpd.conf

.htaccess is not listed for PHP_INI_SYSTEM

http://php.net/manual/en/filesystem.configuration.php#ini.allow-url-fopen

http://php.net/manual/en/configuration.changes.modes.php

Share this post


Link to post
Share on other sites

EDIT: I found a config modules dialog in UniServer where I could toggle on php_openSSL.dll, and that enabled the HTTPS stream.  Now I get success in my local env!   Without this config interface I don't know how this would be configured (or why it is not out-of-the-box)

- - - -

I tried running my PHP file on my local stack (WAMP, Uniform Server Zero).  I was getting a bunch of errors. php.ini shows allow_url_fopen = on.  I was testing with HTTPS URLs, and I finally discovered that my local PHP does not have the HTTPS stream registered, but my remote PHP does have it registered.

I can't figure out what is controlling the registration of streams or how to add a stream.  Anyone know?

Warning: get_headers(): Unable to find the wrapper "https" - did you forget to enable it when you configured PHP?
Registered PHP Streams	php, file, glob, data, http, ftp, zip, compress.zlib, phar

 

PS  Sorry, dsonesuk, I was getting .htaccess and httpd.conf confused.  Thanks.

Edited by justinh

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×