0
我刚刚注意到WordPress的发现新的漏洞,我想用下面的代码修复它(但任何成功PHP stream_socket_client():无法连接到https
<?php
$url = 'https://mywebip/wp-login.php?action=lostpassword';
$data = 'user_login=admin&redirect_to=&wp-submit=Get+New+Password';
// use key 'http' even if you send the request to https://...
$options = array(
'http' => array(
'header' => "Host: mailserver\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: ". strlen($data) ."\r\n",
'method' => 'POST',
'content' => $data,
'ssl'=>array('verify_peer'=>true, 'capath'=>'/etc/ssl/certs')
)
);
$context = stream_context_create($options);
//$result = file_get_contents($url, false, $context);
$fp = stream_socket_client($url, $errno, $errstr, 30);
//stream_socket_enable_crypto($fp, true, STREAM_CRYPTO_METHOD_SSLv23_CLIENT);
$fp = fopen($url, 'r', false, $context);
if ($fp === FALSE) { /* Handle error */ }
var_dump($result);
?>
错误登录我就是这样的:
PHP Warning: stream_socket_client(): unable to connect to https://mywebip/wp-login.php?action=lostpassword (Unable to find the socket transport "https" - did you forget to enable it when you configured PHP?) in /home/jorge/Escritorio/joomla.php on line 18
PHP Warning: fopen(): Peer certificate CN=`website` did not match expected CN=`mywebip' in /home/jorge/Escritorio/joomla.php on line 21
PHP Warning: fopen(): Failed to enable crypto in /home/jorge/Escritorio/joomla.php on line 21
PHP Warning: fopen(https://mywebip/wp-login.php?action=lostpassword): failed to open stream: operation failed in /home/jorge/Escritorio/joomla.php on line 21
其中mywebip
代表承载我的网站和website
和mailserver
服务的DNS方向的实际IP
谢谢。
可否请你扔一些轻关于这一主题?因为我在这方面很新手。我正在尝试使用CURL,但我不知道如何与我已有的代码进行关联。无论如何感谢您的合作;) – giorgioW