如何在php中使用Curl设置此header ?(CustomInfo元素是数组(嵌套键值对),AuthenticationInfo元素是数组(嵌套键值对))
<xml bla bla...>
<Header>
<CustomInfo>
<IsTestMessage>true</IsTestMessage>
<IsContentCompressed>false</IsContentCompressed>
</CustomInfo>
<AuthenticationInfo>
<ApplicationId>SomeId</ApplicationId>
<VersionId>0.9</VersionId>
<RelationId></RelationId>
<UserId>SomeUserId</UserId>
<Password>SomePassword</Password>
</AuthenticationInfo>
</Header>
<Body>
<!--etc...(actual xml)-->
</Body>
</xml bla bla...>
通常是:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"http://www.example.com/process.php");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,$vars); //Body
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$headers = array();
$headers[] = 'key: value';
$headers[] = 'key2: value2';//and so on...
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$server_output = curl_exec ($ch);
curl_close ($ch);
print $server_output ;
但是,当头包含嵌套的键值对时,如何做到这一点?
编辑1:这样做了,但不工作(真正的新,所以我一定是做错了):
$headers = array();
$headers[] = array('CustomInfo' => array(
'IsTestMessage' => "true",
'IsContentCompressed' => "false")
);
$headers[] = array('AuthenticationInfo' => array(
'ApplicationId' => "SomeId",
'VersionId' => "0.9",
'RelationId' => "",
'UserId' => "SomeUserId",
'Password' => "SomePassword"
)
);
$headers = serialize($headers);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
var_dump(curl_getinfo($ch,CURLINFO_HEADER_OUT));
警告:curl_setopt():你必须传递一个带有CURLOPT_HTTPHEADER参数的对象或数组
编辑2:当我不序列化$headers时,我得到:
注意:数组到字符串转换
理想情况下,您应该使用CURLOPT_POSTFIELDS,除非这是来自外部API的特定要求
$myArray = array();
$myArray[] = array('key' => 'value');
$myArray[] = array('key2' => array('value2' => array('foo' => 'bar')));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,array('myVars' => $vars, 'myArray' => $myArray)); //Body
然后访问它$_POST['myArray']
警告:头和POST变量都可以被注入,所以我也建议你对发送者(例如
$_SERVER['REMOTE_ADDR'] == 127.0.0.1)
)进行检查,如果这些请求只意味着来自你自己的服务器
我不能提到访问$_POST
没有提到:我如何防止SQL注入在PHP?