I want to do the following scenario but i dont really know if this is possible at all or what techniques i need to use:
So im using an external api to store information of my web application. Now i want to send the api request to my server which sends it to the api server maybe by using curl and wait for the response.. when i receive the response i update something at my server like insert row in mysql and send the response back to the requester
Now the api url is using https and my server is currently using http.. will this be a problem to test or do i need https also?
And how should i implement this using php? Maybe some kind of redirect? Or do i have to rebuild the whole request?
Thanks in advance
There are a lot of unknowns about your question that make it hard to answer, but here goes.
You certainly don't have to offer your own application over HTTPS and you can query an HTTPS API and then deliver your own response via HTTP. I should warn you that you are inherently making the external service less secure by doing this. If you are acting as a proxy for the external service, I would suggest that you either get an SSL certificate and do it the proper way.
The lack of details in your question make it hard to answer a specific question, but here is a small code block that should get you started:
<?php
$url = "https://service/endpoint";
$params = array(
'api_token' => 'mytoken',
'param1' => 'myparam',
);
$url .= http_build_query($params);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$result = curl_exec($ch);
if (curl_errno($ch)) {
echo 'received error: ' . curl_error($ch) . ' (code: ' . curl_errno($ch);
} else {
echo 'received response: ' . $result;
}
What nate has said is roughly right, but if you want to post from HTTP to HTTPS with cURL, set this option as well:
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
Which stops cURL from verifying the peer’s certificate (I'm guessing you don't care about using SSL between the second server and the API).
Code on the app server:
$data = http_build_query(
// Your parameters go here
);
file_get_contents('http://middleserverurl.com/?' . $data);
Code on the middle server:
$apiurl = "https://apiurl.com/?" . http_build_query($_GET);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$result = curl_exec($ch);
// Decode the result data here
// Insert into your database here
// Send something back to your app server e.g.:
$data = http_build_query(
// What you want to send back form the result
);
file_get_contents('http://appserverurl.com/?' . $data);