Page 1 of 1

include remote https file

Posted: Wed Mar 17, 2004 4:47 pm
by spanders
I have a site the has a php page named file1.php, it uses the include function to include a remote php page.

Code: Select all

include ("http://www.website.com/folder/file2.php")
I recently enabled SSL on the remote site and would like my include statements to use https as well. I modified that include statement to say:

Code: Select all

include ("https://www.website.com/folder/file2.php")
An error is displayed in the browser that says,
"No such file or directory in /path_to_httpdocs/file1.php"
It seems the include function doesn't support https because if I type "http://www.website.com/folder/file2.php" directly into my web browswer it gets displayed correctly. Does anyone know of a different method to do this?

Thanks.

Posted: Wed Mar 17, 2004 4:50 pm
by andre_c
why don't you include the files using the system path:
include '/usr/pubhtml/and_so_forth/file.php';

Posted: Wed Mar 17, 2004 4:57 pm
by spanders
Thanks for the fast replay. A couple of reasons. First, the remote file that I want to include is on a different server in a differnt network so system path will not work. The other reason is that file2.php gathers information off of the remote server before getting displayed as part of file1.php in the browser.

Posted: Wed Mar 17, 2004 5:58 pm
by pickle
Hmm, it may be a problem with certificates. I know that when I'm browsing pages, and I go to an https connection from an http connection, I get a browser pop up. Is it possible that a similar situation is happening here? I would imagine that by default, Apache (and IIS for that matter, but who knows about that?) would reject certificates it doesn't know about.

Posted: Thu Mar 18, 2004 12:00 pm
by spanders
If anyone is interested, I found out how to do it. You need to use sockets and have php compiled with the openssl support enabled (--with-openssl=/usr/local/ssl). This is basically how my code looks now. The strlen conditional is there because I was getting extra characters returned, I think because of the encryption.

Code: Select all

$remotedomain = "www.website.com";
$fp = fsockopen("ssl://$remotedomain", 443, $errno, $errstr, 30);
if (!$fp) {
  echo "$errstr ($errno)<br />\n";
&#125; 
else &#123;
  $out = "GET /folder/file2.php HTTP/1.1\r\n";
  $out .= "Host: $remotedomain\r\n";
  $out .= "Connection: Close\r\n\r\n";

  fputs($fp, $out); 
  while (!feof($fp)) &#123;
   $remote = fgets($fp, 4096);
   if ( strlen(trim($remote)) != "2" ) echo trim($remote) . "\n";
  &#125;
  fclose($fp);
&#125;
Just make sure the secure page you are connecting to is trusted because it seems none of the secure site alerts occur like you are used to seeing while using a web browser. I.E. certificate expired, not from a trused C.A., and common name checking.