Using Authentication And file_get_contents()

Note: This post is over two years old and so the information contained here might be out of date. If you do spot something please leave a comment and we will endeavour to correct.

15th February 2010 - 3 minutes read time

Using file_get_contents() to fetch the contents of a file is quite a common practice. This might be just to get the contents of a text file or to get the ImageCache module in Drupal to pre-cache images. The file_get_contents() function can get a local or remote file and is usually run like this.

$data = file_get_contents($url);

However, when trying to use this function to communicate with an authenticated server you will see the following error appearing.

Warning: file_get_contents(http://www.example.com/test.php): failed to open stream: HTTP request failed! 
HTTP/1.1 401 Authorization Required in test.php on line 4

To get around this issue you will need to pass a third parameter to the file_get_contents() function that causes the function to use a context. This context will pass an additional Authorization header to the server and is created through a function called stream_context_create(). Here is all the code you need to use file_get_contents() in an authenticated manner.

$username = 'username';
$password = 'password';
 
$context = stream_context_create(array(
    'http' => array(
        'header'  => "Authorization: Basic " . base64_encode("$username:$password")
    )
));
$data = file_get_contents($url, false, $context);

The second parameter is for the addition of a flag and is skipped here by using a null value, but false is also applicable. For more information about what flags are available see the file_get_contents() page on the PHP manual.

file_get_contents

Comments

Very helpful.....where does $url come in?

Submitted by Rix on Tue, 02/16/2010 - 15:46

$url is a variable containing the URL you are trying to get hold of. I suppose for completeness I could have put something like the following.

$url = 'http://www.example.com/'

Philip Norton

Submitted by philipnorton42 on Tue, 02/16/2010 - 15:51

Thanks....I have added a line

 echo $data;

so that the contents of the file are returned to the screen but, even without that, I am getting: Warning: file_get_contents() expects at most 2 parameters, 3 given in C:\php1.php on line 14 where line 14 is

$data = file_get_contents($url, false, $context);

Apologies if this is a stupid question.

Submitted by Rix on Tue, 02/16/2010 - 16:04

This error suggests that you are using an older version of PHP. I see from the manual page that context support was added in version 5.0 so if you are running anything before that version you might see that error. Try running the following to see you current PHP version.

echo phpversion();

Philip Norton

Submitted by philipnorton42 on Tue, 02/16/2010 - 16:18

Ah... 4.4.1... which, I see is rather old... Time to get it upgraded. Thanks for your help.

Submitted by Rix on Tue, 02/16/2010 - 16:33

What if you are using HTTPS?

Submitted by Anonymous on Thu, 09/30/2010 - 21:25

Hi there, I used your authentication code to login to the website, but I cant able to login, did i need to mention the method of the form? please help me to solve this issue. thanks in advance. Thanks, Muthuraj S

Submitted by muthuraj on Fri, 11/19/2010 - 05:36

Thank you very much. Just needed that for the Word Press PLugin WP Live Deploy

Submitted by Bernhard Zürn on Sat, 03/30/2013 - 12:12

Thanks! this solved my problem!

Submitted by Francisco on Thu, 05/30/2013 - 20:53

I have a pretty basic/newbie question. I hope you see this despite this article being 3 years old ;) I have no trouble getting content from a passworded site, your article works wonderful. HOWEVER, I am having trouble on the opposite end - passwording a page. You see I have a basic .txt file stored on a server and I want to password protect it so that only my file_get_contents() script can access it. How would you recommend password-protecting the txt file? (the page could also be .html or .php I guess it doesn't really matter, it's just basic text content). Thanks!

Submitted by Jason on Wed, 07/03/2013 - 18:14

I had to allow anonymousAuthentication enabled=true for a /data folder in the applicationHost.config file in order to use PHP's file_get_contents, to stop 401 errors. Example:

Submitted by Mark on Thu, 09/04/2014 - 20:20

thanks

Submitted by Sourav Basak on Fri, 01/09/2015 - 12:57

matches

Submitted by Anonymous on Mon, 07/03/2017 - 08:43

Thanks a lot! Saved my day

Submitted by M S Labba on Wed, 07/05/2017 - 12:45

Peculiar article, just what I was looking for.

Submitted by janacleary82125 on Wed, 06/20/2018 - 06:23

I like this internet site because so much useful material on here :D.

Submitted by rufusvogt01061390631 on Wed, 07/11/2018 - 09:53

Hi Philipnorton42,
I am trying to use your authentication code on my website (into WPCODE Snippets Plugin), but I cant able to login and the login form is shown.
Could you help me to solve please?
Best regards,
Nicola

Submitted by Nicola on Tue, 05/09/2023 - 08:49

Hi Nicola,

This code is to be used when you want to download a web page that is held behind an authentication layer. It isn't an authentication system in itself.

I hope that helps.

Phil

Philip Norton

Submitted by philipnorton42 on Tue, 05/09/2023 - 08:55

Add new comment