views:

349

answers:

4

I've always used cURL for this sort of stuff, but this article got me thinking I could request another page easily using the Request object in Kohana 3.

    $url = 'http://www.example.com';

    $update = Request::factory($url);

    $update->method = 'POST';

    $update->post = array(
        'key' => 'value'
    );  

    $update->execute();
    echo $update->response;

However I get the error

Accessing static property Request::$method as non static

From this I can assume it means that the method method is static, but that doesn't help me much. I also copied and pasted the example from that article and it threw the same error.

Basically, I'm trying to POST to a new page on an external server, and do it the Kohana way.

So, am I doing this correctly, or should I just use cURL (or file_get_contents() with context)?

+2  A: 

Just read this at the bottom

The request class used in this example is currently available as part of a Kohana Core development branch within my personal github account, which can be obtained from http://github.com/samsoir/core. If using the official Kohana PHP 3.0 download, a custom extension of the request class is required.

Also see this discussion.

alex
A: 

The Request object is used to request pages within your application. You can't use it for external URLs. Oh, and you don't have to use curl, you can make it easier by doing this:

$page = file_get_contents('http://google.com');
ryeguy
I have to create a stream context for the `POST` I want to send though.
alex
I am under the impression that allowing external urls via file_get_contents is a security risk and bad practice
mike clagg
@mike: You have the wrong impression then. Assuming you have a hardcoded URL (like in my example), there is absolutely nothing unsecure about this.
ryeguy
Of course it depends on your implementation. The above example is secure, where it becomes insecure, is when people use it with a dynamic input and don't limit the http(s) domains request, thus opening yourself up to remote code injections.
mike clagg
@mike: That would only be a problem if you were for some reason executing the string returned from this function, which you shouldn't be doing with anything regardless.
ryeguy
I totally agree, but have cleaned up a few messes from developers making these mistakes, and work with admins that always shut this setting off.
mike clagg
+1  A: 

I ended up using

Remote::get()

Docs

alex
Don't know why this was downvoted as it's in the official API for this sort of thing.
alex
A: 

That technique is not yet implemented into Kohana. Hopefully in the next release it will be...

feketegy