CODEWITHSUNDEEP
facebookapachecurlwamp
Oleg Belousov
Oleg Belousov

Reputation: 10121

cURL throws an exception at Facebook API SDK

I'm trying to post an image as the user from my Facebook application. Currently, this feature is still under development, and when I'm trying to test it using WAMP server on localhost, one of the cURL functions in the Facebook API SDK class, throws an exception error:

{"error_code":60,"error":{"message":"SSL certificate problem, verify that the CA cert is OK. Details:\nerror:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed","type":"CurlException"}}null0.90752005577087 145684992172054|e259ec293812a5276a61d3181c395077

I have checked, and I have the correct settings at php.ini both at the Apache and PHP directories.

I tried to run this Both on Easy PHP with PHP 5.4 and on WAMP with PHP 5.3. (cURL extension enabled).

I have open SSL installed on both of the local servers.

I understand that you can solve this by changing the configuration of the CURL_opt, but modifying a Facebook base class, and compromising the security of my application (middle man attack), is really a last resort for me.

Thanks in advance for any help!.

My code:

test.php:
<?php
session_start();

require 'FB_auth.php';
require 'includes.php';
require 'functions_fb.php';

    $start = (float) array_sum(explode(' ',microtime())); 

    //echo json_encode(photoToFacebook(299, 402, 134));
    // echo json_encode(photoToFacebook(724, 402, 165));

    // postToFacebook($db, 402, 134);

    $end = (float) array_sum(explode(' ',microtime())); 
    $duration = ($end-$start);

    echo $duration;
    echo "<br/>" . $facebook->getAccessToken();

?>

functions_fb.php

<?php

function photoToFacebook($hr_id, $user_id, $job_id){


        global $db, $FEED_PATH, $JOB_IMAGES_FOLDER , $facebook;
        $path = $_SERVER['DOCUMENT_ROOT'] . "/";
        $JOB_IMAGES_FOLDER = "images/job_images/";



        $company = $db->getCompany($hr_id);

        // perapre the job photo.
        $photo = $db->getJobPhoto($job_id);
        if (empty($photo)){
            $photo = $db->getLogo($hr_id);
        }
        else{
            $photo = $JOB_IMAGES_FOLDER . $photo;
        }

        try{
            // At the time of writing it is necessary to enable upload support in the Facebook SDK, you do this with the line:
            $facebook->setFileUploadSupport(true);

            // Get album id if exists.
            $album_uid = $db->getAlbumId($user_id);
            $fb_user_id = $db->getFBUserId($user_id);
            if (empty($album_uid)){

                // Create an album
                $album_details = array(
                        'message'=> 'Check out my company\'s job opportunities',
                        'name'=> "Job opportunities at {$company}"
                );


                $create_album = $facebook->api("/{$fb_user_id}/albums", 'post', $album_details);
                echo json_encode($create_album);

                $album_uid = $create_album["id"];
                $db->saveAlbumId($user_id, $create_album["id"]);
            }
            $job_title = $db->getJobTitle($job_id);

            $link = Bitly::make_bitly_url($FEED_PATH . "show_job.php?jid={$job_id}&th_uid={$user_id}&tp=1&pc=1", BITLY_APP_USERNAME,BITLY_APP_KEY,'json');
            $photo_details = array(
                'message'=> $job_title . "!\n" . $company . " is looking for you.\nOpen the link for details and apply.\n" . $link
            );

            $path .= $photo;
            $photo_details['image'] = '@' . $path; //realpath($file);

            // echo $album_uid;

            $upload_photo = $facebook->api("{$fb_user_id}/photos", 'post', $photo_details);

            // $db->updateAutoPostActivity($user_id, $job_id,1, json_encode($upload_photo));
            // $db->updateAutoPostJob($job_id, $user_id);

            return $upload_photo;
        }
        catch (FacebookApiException $e) {
            echo "error:" . json_encode($e->getResult());
            // $db->updateAutoPostActivity($user_id, $job_id,1, json_encode($e->getResult()));
            // AtavMail::SendRichedMail(null , "", "Error on auto process - posting photo to FB", "Where - Job Id: {$job_id} , User Id: {$user_id}", json_encode($e->getResult()));
        }

    }
?>

Upvotes: 1

Views: 771

Answers (2)

Hafiz Ismail
Hafiz Ismail

Reputation: 3225

Setting SSL verification to false defeats the purpose of SSL. A proper solution is to set the CA certs for CURL.

Solution 1 (Changes to PHP.ini):

  1. Download CA bundle (cacert.pem) from http://curl.haxx.se/docs/caextract.html
  2. Place it on your local system (for eg: C:\xampp\cacert.pem)
  3. Open your php.ini

  4. Set the curl.ca_info options to point to the location of the cacert.pem

    Example: curl.ca_info="C:\xampp\cacert.pem"

  5. Restart Apache

Solution 2 (Set options before each CURL call)

  1. Download CA bundle (cacert.pem) from http://curl.haxx.se/docs/caextract.html
  2. Place it on your local system (for eg: C:\xampp\cacert.pem)

  3. Write the following code:

    curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, TRUE); 
curl_setopt ($ch, CURLOPT_CAINFO, "pathto\cacert.pem");

Source: http://tumblr.wehavefaces.net/post/52114563111/environment-windows-xampp-curl-library

Upvotes: 1

Oleg Belousov
Oleg Belousov

Reputation: 10121

I solved this by adding the following line into the base_facebook.php file:

  public static $CURL_OPTS = array(
     //
     //
     //
    CURLOPT_SSL_VERIFYPEER => false,
  );

Please notice that this is an development - environment solution only, and using this on your actual application can cause a security risk.

Please take the time to review the fullp proper solution on this link: http://unitstep.net/blog/2009/05/05/using-curl-in-php-to-access-https-ssltls-protected-sites/

Upvotes: 1

Related Questions