Access 401 authentication with Curl

When we implement Curl for an URL where 401 authentication is made (The pop-up for username and password when we access that url through browser), we can pass the username and password parameter along with the calling URL.

For example: for your url, www.abc.com to by pass authentication in one go, we can use, http://username:password@www.abc.c

The same will work with browser as well. But it is not recommended to use this way due to security concerns (Your username and password can be retrieved from browser history or some other way in this case)

But when we come to CURL, we can follow this method.

eg:

$options = array(
CURLOPTRETURNTRANSFER => true, // return web page
CURLOPTHEADER => false, // return headers
CURLOPTFOLLOWLOCATION => true, // follow redirects
CURLOPTENCODING => “”, // handle all encodings
CURLOPTUSERAGENT => “spider”, // who am i
CURLOPTAUTOREFERER => true, // set referer on redirect
CURLOPTCONNECTTIMEOUT => 120, // timeout on connect
CURLOPTTIMEOUT => 60, // timeout on response
CURLOPTMAXREDIRS => 10, // stop after 10 redirects
CURLOPTSSLVERIFYPEER => false,
CURLOPTSSL_VERIFYHOST => false
);

$CURLREQ = curlinit(‘http://username:password@abc.com’);
curlsetopt($CURLREQ, CURLOPT_HTTPGET, true);

curlsetoptarray($CURLREQ, $options);

$content = curlexec($CURLREQ);
$err = curlerrno($CURLREQ);
$errmsg = curlerror($CURLREQ);
$header = curlgetinfo($CURLREQ);
curl_close($CURLREQ);

echo $content;