.htaccess
<Limit GET POST PUT DELETE>
order deny,allow
deny from all
</Limit>
Config
set up in locked / secure folder (possibly ussing the above .htaccess
<?php
return [
'username' => 'myusernameis',
'password' => 'passwodforusername',
'feToken' => 'specialtokenorwahtvertheapirequires',
];
Call to API
call using the config file as to not expose credentials to world
<?php
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
$url = "https://url-to-api.com/path/to/info/get";
$smpconfig = include('/path/to/config/smp-config.php');
$username = $smpconfig['username'];
$password = $smpconfig['password'];
$feToken = $smpconfig['feToken'];
// Initialize cURL session
$ch = curl_init();
// Set cURL options
curl_setopt($ch, CURLOPT_URL, $url); // Target URL
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); // Return the transfer as a string of the return value of curl_exec() i$
curl_setopt($ch, CURLOPT_HTTPGET, true); // Set method to GET
// Set HTTP headers
$headers = [
'Accept: application/json',
"Authorization: Bearer $feToken", // Bearer Token authentication
];
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
// Set Basic Authentication credentials
curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");
// Execute cURL session
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
// Check for errors and handle the response
if ($response !== false) {
if ($httpCode == 200) {
echo $response; // Output the response body
} else {
// If the server returns an error status code
echo "Received HTTP status code $httpCode";
// If the response is OK, process it
echo "Success: ";
}
} else {
// If cURL encountered an error
$error = curl_error($ch);
echo "cURL Error: $error";
}
// Close cURL session
curl_close($ch);
?>
