Using Authentication And file_get_contents()

15th February 2010

Using file_get_contents() to fetch the contents of a file is quite a common practice. This might be just to get the contents of a text file or to get the ImageCache module in Drupal to pre-cache images. The file_get_contents() function can get a local or remote file and is usually run like this.

$data = file_get_contents($url);

However, when trying to use this function to communicate with an authenticated server you will see the following error appearing.

  1. Warning: file_get_contents(http://www.example.com/test.php): failed to open stream: HTTP request failed!
  2. HTTP/1.1 401 Authorization Required in test.php on line 4

To get around this issue you will need to pass a third parameter to the file_get_contents() function that causes the function to use a context. This context will pass an additional Authorization header to the server and is created through a function called stream_context_create(). Here is all the code you need to use file_get_contents() in an authenticated manner.

  1. $username = 'username';
  2. $password = 'password';
  3.  
  4. 'http' => array(
  5. 'header' => "Authorization: Basic " . base64_encode("$username:$password")
  6. )
  7. ));
  8. $data = file_get_contents($url, false, $context);

The second parameter is for the addition of a flag and is skipped here by using a null value, but false is also applicable. For more information about what flags are available see the file_get_contents() page on the PHP manual.

Comments

Permalink
Very helpful.....where does $url come in?

Rix (Tue, 02/16/2010 - 15:46)

Permalink
$url is a variable containing the URL you are trying to get hold of. I suppose for completeness I could have put something like the following. $url = 'http://www.example.com/'

philipnorton42 (Tue, 02/16/2010 - 15:51)

Permalink
Thanks....I have added a line  echo $data; so that the contents of the file are returned to the screen but, even without that, I am getting: Warning: file_get_contents() expects at most 2 parameters, 3 given in C:\php1.php on line 14 where line 14 is $data = file_get_contents($url, false, $context); Apologies if this is a stupid question.

Rix (Tue, 02/16/2010 - 16:04)

Permalink
This error suggests that you are using an older version of PHP. I see from the manual page that context support was added in version 5.0 so if you are running anything before that version you might see that error. Try running the following to see you current PHP version. echo phpversion();

philipnorton42 (Tue, 02/16/2010 - 16:18)

Permalink
Ah... 4.4.1... which, I see is rather old... Time to get it upgraded. Thanks for your help.

Rix (Tue, 02/16/2010 - 16:33)

Permalink
What if you are using HTTPS?

Anonymous (Thu, 09/30/2010 - 21:25)

Permalink
Hi there, I used your authentication code to login to the website, but I cant able to login, did i need to mention the method of the form? please help me to solve this issue. thanks in advance. Thanks, Muthuraj S

muthuraj (Fri, 11/19/2010 - 05:36)

Permalink
Thank you very much. Just needed that for the Word Press PLugin WP Live Deploy

Bernhard Zürn (Sat, 03/30/2013 - 12:12)

Permalink
Thanks! this solved my problem!

Francisco (Thu, 05/30/2013 - 20:53)

Permalink
I have a pretty basic/newbie question. I hope you see this despite this article being 3 years old ;) I have no trouble getting content from a passworded site, your article works wonderful. HOWEVER, I am having trouble on the opposite end - passwording a page. You see I have a basic .txt file stored on a server and I want to password protect it so that only my file_get_contents() script can access it. How would you recommend password-protecting the txt file? (the page could also be .html or .php I guess it doesn't really matter, it's just basic text content). Thanks!

Jason (Wed, 07/03/2013 - 18:14)

Permalink
I had to allow anonymousAuthentication enabled=true for a /data folder in the applicationHost.config file in order to use PHP's file_get_contents, to stop 401 errors. Example:
  1. <location path="mysite.com/data">
  2. <system.webserver>
  3. <security>
  4. <authentication>
  5. <anonymousauthentication enabled="true"></anonymousauthentication>
  6. <windowsauthentication enabled="false"></windowsauthentication>
  7. </authentication>
  8. </security>
  9. </system.webserver>
  10. </location>

Mark (Thu, 09/04/2014 - 20:20)

Permalink
thanks

Sourav Basak (Fri, 01/09/2015 - 12:57)

Permalink
matches

Anonymous (Mon, 07/03/2017 - 08:43)

Permalink
Thanks a lot! Saved my day

M S Labba (Wed, 07/05/2017 - 12:45)

Permalink

Peculiar article, just what I was looking for.

janacleary82125 (Wed, 06/20/2018 - 06:23)

Permalink

I like this internet site because so much useful material on here :D.

rufusvogt01061390631 (Wed, 07/11/2018 - 09:53)

Add new comment

The content of this field is kept private and will not be shown publicly.