4

I am trying to use file_get_contents.I have made sure that allow_url_fopen is enabled in php.ini. As of now it is telling me:

[function.file-get-contents]: failed to open stream: HTTP request failed! HTTP/1.1 401 Unauthorized

All I'm doing is the following, which I can access through browser without a problem. 

$url=('http://site/@api/users/=john_smith@site.com/properties');
$xmlString=file_get_contents($url);

I believe this is an authentication issue but not sure how I can supply the proper credentials from within the script itself. Any ideas would be greatly appreciated.

j0k
  • 22,600
  • 28
  • 79
  • 90
Aaron
  • 2,672
  • 10
  • 28
  • 45
  • If there is no authenticaion anywhere, this sounds like the server is detecting that you're a remote script, or maybe blocking the IP. – Pekka Aug 25 '10 at 14:03
  • @Pekka: That is a `403 Forbidden`, not a `401 Unauthorized`. `401 Unauthorized` is 'specifically for use when authentication is possible but has failed or not yet been provided.' (from [Wikipedia](http://en.wikipedia.org/wiki/List_of_HTTP_status_codes)) – Frxstrem Aug 25 '10 at 14:15

3 Answers3

14

In your url try:

http://user:password@site/

(append whatever the rest of the URL for your API should be)

Cfreak
  • 19,191
  • 6
  • 49
  • 60
  • I'm getting a warning for sprintf saying that there are too few arguments. Any chance you would know whats wrong? Not sure if I need to create a new post on here or not. – Aaron Aug 25 '10 at 14:28
  • I'm trying to run a Request URI from the Quickbooks API but I can't seem to make this work. – Artorias2718 Sep 13 '18 at 20:27
  • @Artorias2718 - This method usually only works if the service is using HTTP Basic Auth. It's also not a very good idea in general. I am not familiar with the QuickBooks API but I would bet it uses OAUTH or some other token based authentication or API key. You should refer to their documentation – Cfreak Sep 14 '18 at 14:23
7

Just put the user info into the URL:

$url = 'http://user:password@domain.tld/foo/bar/whatever';
Raoul Duke
  • 4,241
  • 2
  • 23
  • 18
  • URLs of this sort don't seem to work for me at all. I've tried them in Chrome and they end up searching on Google, instead of trying to find the address. Any thoughts on how to fix that? – Hamman Samuel Jan 10 '14 at 21:25
5

The 401 Unauthorized status code means that you should have authenticated, but that you haven't, or that you have authenticated with the wrong credentials. It is most commonly used when using HTTP authentication, which is authentication built into the HTTP protocol, and therefore is universal, not only for HTML documents, but for anything transfered over the HTTP protocol.

To authenticate with HTTP authentication, simply add username:password@ before the hostname in the URL. For instance:

http://foobar:mysupersecretpassword@example.com/passwordprotected/

This would request the /passwordprotected/ directory from example.com with the username foobar and the password mysupersecretpassword.

It's not any worse than that. :)

Frxstrem
  • 38,761
  • 9
  • 79
  • 119