Page 1 of 1
Sending secure post variables
Posted: Thu Aug 14, 2008 4:17 am
by Parody
I am building an api for my website so it can be utilized from other servers. The communication between the servers needs to be completely secure.
For testing I am using GET variables in a file_get_contents, but this will not be suitable if the variables become very large. So my question is:
How do I send post variables securely from a script on a server to another server and then recieve the output of the page the variables were sent to.
Thanks to all who respond!

Re: Sending secure post variables
Posted: Thu Aug 14, 2008 4:38 am
by onion2k
Use cURL (
http://uk2.php.net/curl ) to POST the variables over an SSL connection.
Re: Sending secure post variables
Posted: Thu Aug 14, 2008 4:57 am
by it2051229
$_POST variable is a secured variable. If you want, you can do encrypting on the contents of that variable then send it to another computer. Then from that another computer, will decrypt the contents of the variable.
Re: Sending secure post variables
Posted: Thu Aug 14, 2008 6:24 am
by onion2k
it2051229 wrote:$_POST variable is a secured variable.
Woah! No. POST is not secure. It's as easy to hack as GET.
Re: Sending secure post variables
Posted: Thu Aug 14, 2008 1:46 pm
by Parody
Thanks for the replies. I have a few questions though.
If I buy an SSL certificate from uk2 (my hosting company) will all connections to my server be secure, even if it's from another server and not a browser? Also. Would someone please be kind enough to post a basic CURL example which sends some variables and gets the resulting page?
Thanks
Re: Sending secure post variables
Posted: Fri Aug 15, 2008 11:46 am
by Parody
I have absolutely no experience with CURL and all the examples I find seem to be more complex than I require.
I will be extremely grateful if someone could provide an example that does only what is needed which I could work from.
Thanks to everyone so far

Re: Sending secure post variables
Posted: Fri Aug 15, 2008 3:55 pm
by Parody
I managed to work it out. More simple than I thought it would be. If anyone wants to know:
Code: Select all
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, "http://www.example.com/page.php");
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt ($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,"postvar1=value1&postvar2=value2&postvar3=value3");
$response=curl_exec($ch);
curl_close ($ch);
Thanks for pointing me in the right direction though guys!
Re: Sending secure post variables
Posted: Sun Aug 31, 2008 3:17 pm
by Parody
I'm using CURL with the code in my previous post, but I'm not sure about security. If the API server has SSL enabled what curl options would I need to define on the clientside of the API code? Is it as easy as just specifying that I want SSL enabled and letting it sort itself out or do I have to specify certificate information? I don't have a certificate yet so I'm essentially just checking how complex it could be to implement it when I do have one.
Thanks to anyone who helps!