PHP: How to post XML data using CURL?

During integration projects or during such similar situations you may have across a necessity to transfer XML data or plain text file across server locations.

Curl comes in handy during such scenarios. Following program is used to post XML data using Curl. In order for Curl to function, ensure that PHP settings has the curl module installed and that the libraries/dll libeay32, ssleay32 is installed in your server.

  File name: postdata.php

$post_url = "http://localhost/demo/postdata2.php";
$xml_string = '<?xml version="1.0" encoding="UTF-8"?>
<book isbn="978-1594489587">
    <title>The Brief Wondrous Life of Oscar Wao</title>
    <publisher>Riverhead Hardcover </publisher>
    <amazon_price>14.97 </amazon_price>
    <author_firstname>Junot </author_firstname>
    <author_lastname>Diaz </author_lastname>
<book isbn="999-1594489501">
    <title>A Thousand Splendid Suns </title>
    <publisher>Riverhead Hardcover </publisher>
    <amazon_price>14.27 </amazon_price>
    <author_firstname>Khaled </author_firstname>
    <author_lastname>Hosseini </author_lastname>

$ch = curl_init($post_url);

curl_setopt ($ch, CURLOPT_POST, true);
curl_setopt ($ch, CURLOPT_POSTFIELDS, "xmldata=".$xml_string);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_VERBOSE, 1);

$data = curl_exec($ch); 
// to get information on the curl resultset
$info = curl_getinfo($ch);

    print curl_error($ch);



CakePHP: NuSoap web service call configuration

This is a beginner tutorial to help beginners make a call to “wsdl” files and for them to display the results returned by the service.

First step is to include “nusoap.php” in \vendors folder in cakephp setup. In the controller, we make a call to nusoap.php by the statement App::import(‘Vendor’,’nusoap’);
Continue Reading…


cakephp Deprecated: PHP 5.3 Wamp

Error message
cakephp Deprecated: Assigning the return value of new by reference is deprecated
You will see the above error message when you try to configure cakePHP framework using a Wamp Server installation and set the debug parameter as in

Configure::write(‘debug’, 2);

Cause: CakePHP is not PHP 5.3 ready unlike the latest version of Zend framework.

Remedy: Try downloading older version of PHP – e.g. PHP 5.2.9


PHP removing deprecated related errors from display

To remove deprecated warning message displays when executing PHP programs, open php.ini file and ADD to it

error_reporting = E_ALL & ~E_DEPRECATED

This is the setting for the production environment where you would not like to display the deprecated function related errors.

Sample error message
Assigning the return value of new by reference is deprecated in nusoap.php on line 7381


No Framework PHP MVC framework by Rasmus

Read the article on No Framework PHP MVC framework written by Rasmus Lerdof (he doesn’t need an introduction!) who explains on how we could gear a simple, yet easy to manage framework with bells and whistles of Web2.0 features.

Re-read the disclaimer after you finish reading the article on the framework and the comments, so you can understand the essence of the article.

Link to No Framework


CakePHP – Bake Process

CakePHP Steps involved in Baking Scripts:

i) Setup cakephp by ensuring that there is no warning message in the index page after initial installation. (for this you need to change salt value in /app/config/core.php, enable /app/config/database.php)

ii) Create a database and a user for the database. After this apply the database configuration parameters to /app/config/database.php

If you are running the bake for the first time, it will ask you to create database configuration for the first time.

iii) Ensure that the path or the environment variable is set with access to PHP, MySQL executables

c:/> PATH or $ echo $PATH
Continue Reading…


PHP Security: Preventing Session Fixation

Session Fixation is method by which an intruder creates a session id which gets carried on when a user comes with that path and continues his/her activity on a website.

For e.g. an intruder may create a link to a site called as <a href=”” />Sample Site<a>

When a user clicks on this link the session id gets carried on to the site ‘‘. The intruder waits for the user starts to perform a transaction on the site and will take over vital details by intruding user’s activity on
Continue Reading…


CakePHP: Multi-validatable Behavior

Consider the following scenario where we have a database table:users and that we need carry the validations for the following forms
i) Login
ii) Change password
iii) Add/Edit user records
iv) Forgot password

You can either write separate controllers and have each controller call a model based on table: users to validate each input field or use the same user model to carry out different validations which sounds logical.

It is easy to carry out different validations in a cakephp model by using the Multi-validatable Behavior by having different validation sets for different testing conditions.

Key things to note here …

i) Download the code for Multivalidatable Behavior and have it placed under /models/behaviors/ folder

ii) In the model where you want to have multi validation, you need to include multivalidatable behavior like
var $actsAs = array(“Multivalidatable”);

iii) Add validation rulesets array like
var $validationSets = array(‘login’ => array(‘name’=>array(‘rule’=>’alphanumeric’)),
‘changepassword’ => array(‘password’=>array(‘rule’=>’notEmpty’))

iv) In the controller where you want to apply the validation rule set, you need to add the respective validation like

function login(){

function changepassword(){

For more info visit CakePHP Bakery


How to turn off register_globals via php.ini?

It is always secured to turn OFF register_globals in PHP applications. Earlier, we have seen how to turn OFF register_globals setting via .htaccess file and in this blog we will use php.ini instead.

Using a text editor create a file called php.ini. This will be our first step.

Next, we need to add the following line of code in php.ini
register_globals = off

Upload php.ini file to the root folder where your application resides.


PHP Image Upload and Security

List of steps to take care when using PHP to upload images or documents

i) use is_uploaded() function to check if the file is uploaded before moving the file from temporary location

ii) sanitize the name of the file before moving the file from the temporary location by executing the ‘mv’ system command (use escapeshellargs, escapeshellcmd as needed)

iii) chmod the file setting to 644 if needed

iv) the directory from where the file will be moved and the destination directory should be initialized beforehand in order to prevent users from altering the path where the files could be stored

Kurinchi Calendar
September 2018
« Oct