I’ve looked at a number of cURL PHP tutorials on the web and noticed “curl_setopt($RESTsession, CURLOPT_SSL_VERIFYPEER, false);” is often used for accessing secure websites via cURL. This is often seen when people ask “I cannot connect to HTTPS site using cURL” or have the “SSL certificate problem, verify that the CA cert is OK” error with cURL.

Ideally, you should set the SSL_VERIFYPEER value to true unless the server you are connecting to does not have a signed certificate. If you are sending confidential data, wouldn’t you want to make sure you are connecting to the correct server?

This guide will help you get the CA certificate from the remote server using Mozilla Firefox 6 and then use PHP with cURL to retrieve the information from the remote https server.

I ran across this error today after noticing a file_get_contents was not working. This was on a page that had been working fine for about a year.
“php_network_getaddresses: getaddrinfo failed: Name or service not known”

This issue is typically caused by the Apache/PHP host unable to contact the DNS server.

The first thing to check is to see if you can ping the remote host using console.

• If no, then your primary name server on /etc/resolv.conf (Debian) is not working. Find a working DNS and restart Apache.
• If yes, then Apache is still connecting to the broken DNS server. You should try restarting Apache …
  

Here’s what I currently use to determine how long it takes to generate a page in PHP. Its only 8 lines of code.

A good practice is to check input strings to make sure users don’t put in mySQL commands in your server. For instance, if a username or password POST variable isn’t filtered, there is a potential for an injection like ‘OR myusername=’. In the past, I’ve been using my own PHP toolkit to “clean” the input variables. But recently, I began searching to see if there are a built-in solution in PHP for this, especially since I’m converting a script written in Python that had the filter MySQLdb.escape_string. Enter mysql_real_escape_string()

$unixseconds = strtotime($mysqldate);

For instance, you can use this to write a timeout script for login failures. Usually, a system should lock after 3-5 consecutive failed login attempts. I save the timestamp after the 5th consecutive login failure, then run a check on this timestamp if the current time is within the ~5-10 minute lockout window. 5 minutes is 300 seconds, 10 minutes is 600 seconds.

Validating the date in MySQL should be done using preg_match since ereg_* functions will be removed in PHP 6.

More info on PHP 6 changes: http://wiki.php.net/todo/php60 It appears there will be a module that you can use to utilize existing ereg expressions, so that’ll buy some time to port code from ereg* to preg*.
function isValidDate($date){

if (preg_match (“/^([0-9]{4})-([0-9]{2})-([0-9]{2})$/”, $date))
{

return true;
}
else{
return false;
}

}

If you have older scripts, you may encounter warning messages such as “Notice: Undefined variable: ”

As a standard practice, you should define variables in PHP by putting in the variable name = FALSE;
$myvar = FALSE;

This is primarily for local variable names that aren’t passed in through a $_REQUEST or $_POST, etc.

I found a useful script in PHP that can be used for checking uptime of a server. It can be useful for checking when the servers have a such a significant load that pages can’t be displayed. The benefit or running it locally is that I can configure the script to perform failover functionality if necessary. Online uptime services are good too, but most of them aren’t free. Maybe I should force the server to show a failwhale when the site gets too busy… j/k

Here’s the link to the script.
http://www.programmingtalk.com/showthread.php?t=34999

// the URL you want to ...