Using Authentication And file_get_contents()

15th February 2010 - 2 minutes read time

Using file_get_contents() to fetch the contents of a file is quite a common practice. This might be just to get the contents of a text file or to get the ImageCache module in Drupal to pre-cache images. The file_get_contents() function can get a local or remote file and is usually run like this.

$data = file_get_contents($url);

However, when trying to use this function to communicate with an authenticated server you will see the following error appearing.

  1. Warning: file_get_contents(http://www.example.com/test.php): failed to open stream: HTTP request failed! 
  2. HTTP/1.1 401 Authorization Required in test.php on line 4

To get around this issue you will need to pass a third parameter to the file_get_contents() function that causes the function to use a context. This context will pass an additional Authorization header to the server and is created through a function called stream_context_create(). Here is all the code you need to use file_get_contents() in an authenticated manner.

  1. $username = 'username';
  2. $password = 'password';
  3.  
  4. $context = stream_context_create(array(
  5.     'http' => array(
  6.         'header'  => "Authorization: Basic " . base64_encode("$username:$password")
  7.     )
  8. ));
  9. $data = file_get_contents($url, false, $context);

The second parameter is for the addition of a flag and is skipped here by using a null value, but false is also applicable. For more information about what flags are available see the file_get_contents() page on the PHP manual.

file_get_contents

Comments

Permalink
Very helpful.....where does $url come in?

Rix (Tue, 02/16/2010 - 15:46)

Permalink
$url is a variable containing the URL you are trying to get hold of. I suppose for completeness I could have put something like the following.$url = 'http://www.example.com/'
Permalink
Thanks....I have added a line echo $data; so that the contents of the file are returned to the screen but, even without that, I am getting: Warning: file_get_contents() expects at most 2 parameters, 3 given in C:\php1.php on line 14 where line 14 is$data = file_get_contents($url, false, $context);Apologies if this is a stupid question.

Rix (Tue, 02/16/2010 - 16:04)

Permalink
This error suggests that you are using an older version of PHP. I see from the manual page that context support was added in version 5.0 so if you are running anything before that version you might see that error. Try running the following to see you current PHP version.echo phpversion();
Permalink
Ah... 4.4.1... which, I see is rather old... Time to get it upgraded. Thanks for your help.

Rix (Tue, 02/16/2010 - 16:33)

Permalink
What if you are using HTTPS?

Anonymous (Thu, 09/30/2010 - 21:25)

Permalink
Hi there, I used your authentication code to login to the website, but I cant able to login, did i need to mention the method of the form? please help me to solve this issue. thanks in advance. Thanks, Muthuraj S

muthuraj (Fri, 11/19/2010 - 05:36)

Permalink
Thank you very much. Just needed that for the Word Press PLugin WP Live Deploy

Bernhard Zürn (Sat, 03/30/2013 - 12:12)

Permalink
Thanks! this solved my problem!

Francisco (Thu, 05/30/2013 - 20:53)

Permalink
I have a pretty basic/newbie question. I hope you see this despite this article being 3 years old ;) I have no trouble getting content from a passworded site, your article works wonderful. HOWEVER, I am having trouble on the opposite end - passwording a page. You see I have a basic .txt file stored on a server and I want to password protect it so that only my file_get_contents() script can access it. How would you recommend password-protecting the txt file? (the page could also be .html or .php I guess it doesn't really matter, it's just basic text content). Thanks!

Jason (Wed, 07/03/2013 - 18:14)

Permalink
I had to allow anonymousAuthentication enabled=true for a /data folder in the applicationHost.config file in order to use PHP's file_get_contents, to stop 401 errors. Example:
  1. <location path="mysite.com/data">
  2.         <system.webserver>
  3.             <security>
  4.                 <authentication>
  5.                      <anonymousauthentication enabled="true"></anonymousauthentication>
  6.                     <windowsauthentication enabled="false"></windowsauthentication>
  7.                 </authentication>
  8.             </security>
  9.         </system.webserver>
  10.     </location>

Mark (Thu, 09/04/2014 - 20:20)

Permalink
thanks

Sourav Basak (Fri, 01/09/2015 - 12:57)

Permalink
matches

Anonymous (Mon, 07/03/2017 - 08:43)

Permalink
Thanks a lot! Saved my day

M S Labba (Wed, 07/05/2017 - 12:45)

Permalink

Peculiar article, just what I was looking for.

janacleary82125 (Wed, 06/20/2018 - 06:23)

Permalink

I like this internet site because so much useful material on here :D.

rufusvogt01061390631 (Wed, 07/11/2018 - 09:53)

Add new comment

The content of this field is kept private and will not be shown publicly.

Related Content

Create Checksums Using The Luhn Algorithm In PHP

16th May 2021

The Luhn algorithm was created by Hans Peter Luhn and is a way of creating a simple checksum for a number. This algorithm, also known as the mod 10 algorithm, is used in a wide variety of applications but is commonly associated with credit card numbers.

If you look at the numbers on the front of your credit card the last digit on the right is the checksum. An algorithm is done on the other numbers and if the checksum is the same then the number is considered valid.

Read more.

Swapping Between Different Composer Versions

10th May 2021
I had an issue I was trying to debug today and needed a way to swap between different versions of composer. Composer is one of the few things that I install globally so it was locked at a particular version on the machine I was using. There has been some significant changes between version 1 and version 2 and it isn't quite safe to use a composer 2 package on a platform that has composer 1 installed.  As some projects I'm working on haven't been upgraded yet I needed a way to swap between versions whilst this work was being done.

Read more.

Creating A Game With PHP Part 4: Side Scrolling Shooter

10th March 2021

As another step up from the game of snake I created in my last post I decided to try my hand at creating a side scrolling shooter. Just like my other posts, this is an ASCII based game played on the command line.

A side scrolling shooter, if you didn't already know, moves a scene from right to left across the screen with enemies moving with the scene towards the player's ship, which is on the left hand side of the scene. The player can fire bullets towards the enemies so remove them from the scene.

Read more.

Seeding Random Numbers in PHP

9th March 2021

Computers are not that great at creating random numbers as the methods they use are deterministic. That is, they start from a number (called a seed) and apply maths to that number to generate pseudorandom numbers. Most random numbers generated by computers programs use a seed provided by the system, which is generally the current time. If you can guess the initial value then you can start to work out what the random sequence of numbers generated is. Most random numbers, are therefore not suitable for encryption.

Read more.

PHP Strict Types

28th February 2021

In December 2015, PHP 7 introduced scalar type declarations and with it the strict_types flag. This flag can be used to enforce the type of value passed to functions. Although I have seen it in action in the past, I have never actually used it before so I decided to look into it a little to see what it was about.

Read more.

PHP instanceof Operator Tips

26th January 2021

The instanceof operator in PHP is great at making sure you are looking at a type of object before acting on it. Whilst it's straightforward to use on its own, using it can lead to some undesirable side effects.

As a basic example, let's create a couple of interfaces and classes to show the instanceof operator in action. Rather than just have some test names I am using object names that you might find in a system. This consists of User and Order that might form part of a commerce system.

Read more.