Issue FORM POST Request From PHP using HTTP Basic Authentication

Question

I hope this is a relatively straight forward thing to do, and that my google skills have simply failed me on this occasion. I have a BASIC authentication protected resource which I want to have PHP perform a POST HTTP request against.

I have tried injecting Authentication: Basic (encrypted u/p data) into the headers which didn't appear to work - so I wonder, can the powers of Greyskull i mean StackOverflow provide any guidance.

$req .= "&cmd=_initiate_query";
$header = "POST /someendpoint HTTP/1.1\r\n".
        "Host:example.com\n".
        "Content-Type: application/x-www-form-urlencoded\r\n".
        "User-Agent: PHP-Code\r\n".
        "Content-Length: " . strlen($req) . "\r\n".
        "Connection: close\r\n\r\n";
$fp = fsockopen ('ssl://example.com', 443, $errno, $errstr, 30);
if (!$fp) {
    // HTTP ERROR
} else {
    fputs ($fp, $header . $req);
    while (!feof($fp)) {
        $result .= fgets ($fp, 128);
    }
    fclose ($fp);
}

Answer 1

Using:

$header = "POST /someendpoint HTTP/1.1\r\n".
        "Host:example.com\n".
        "Content-Type: application/x-www-form-urlencoded\r\n".
        "User-Agent: PHP-Code\r\n".
        "Content-Length: " . strlen($req) . "\r\n".
        "Authorization: Basic ".base64_encode($username.':'.$password)."\r\n".
        "Connection: close\r\n\r\n";

Should work - are you sure it is a Basic authentication system? It may be worth watching the raw header data using something like CharlesProxy to ensure it is an authentication (and you'll be then able to copy the authorization string as well!).