garbnzgh Posted June 11, 2008 Posted June 11, 2008 I'm working on a project using this php script ( http://cookbook.daylife.com/php-proxy-for-widgets ) and I'm running into what seems to be a known php issue on a shared server with the line: curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); I get this error: Warning: curl_setopt() [function.curl-setopt]: CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir is set ... I think the reason is because open_basedir is set. Is there another way to do this with open_basedir set? Thanks!! > <? /*** Configure your API credentials here ***/ $access_key = 'PUT YOUR ACCESSKEY HERE'; $shared_secret = 'PUT YOUR SHAREDSECRET HERE'; $server = 'freeapi.daylife.com'; #get the API request from the input and parse it $request_uri = $_REQUEST['request']; $request_uri = rawurldecode($request_uri); if ($request_uri[0] === '/') $request_uri = substr($request_uri, 1); list($protocol, $api, $version, $method_name, $qs) = split('[/?]', $request_uri); $ps = split('&', $qs); $params = array(); foreach ($ps as $p) { list($key, $value) = split('=', $p); $params[$key] = $value; } $public_api_base_url = "http://$server/$protocol/$api/$version/"; $qs = ""; foreach ($params as $key=>$value) { $qs .= rawurlencode($key) . "=" . rawurlencode($value) . "&"; if($key == "query" || $key == "name" || $key == "url" || $key == "article_id" || $key == "topic_id" || $key = "quote_id" || $key == "image_id" || $key == "source_id") { $signature_id = $value; } } $callback = null; if (isset($_GET["__callback"])) { $callback = $_GET["__callback"]; } $signature = md5($access_key . $shared_secret . $signature_id); $qs .= "accesskey=" . rawurlencode($access_key) . "&"; $qs .= "signature=" . rawurlencode($signature); $proxy_url = $public_api_base_url . $method_name . "?" . $qs; #set http header vars header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past if ($protocol == "xmlrest") { header('Content-type: text/xml; charset=UTF-8'); } // create a new curl resource $ch = curl_init(); // set URL and other appropriate options curl_setopt($ch, CURLOPT_URL, $proxy_url); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_HEADER, false); curl_setopt($ch, CURLOPT_NOBODY, false); curl_setopt($ch, CURLOPT_RETURNTRANSFER, false); if ($callback) { print($callback . "("); } curl_exec($ch); if ($callback) { print(")"); } // close curl resource, and free up system resources curl_close($ch); ?> Quote
TCH-Bruce Posted June 11, 2008 Posted June 11, 2008 Welcome to the forums garbnzgh If it's an open_basedir problem you will have to open a ticket with the help desk. Link at top of page or in my signature. Quote
MikeJ Posted June 11, 2008 Posted June 11, 2008 We don't use safe_mode, so your problem is open_basedir. In more recent versions of PHP this functionality was disabled in CURL when PHP is running with open_basedir because CURL is not aware of what the open_basedir setting is, so it was a security vulnerability to allow followlocation. However, someone on the php.net site has an example workaround here. (just keep searching the page for followlocation until you find the right post if it doesn't take you right to it). And welcome to the forums! Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.