C0d1ng C0d1ng - 1 year ago 163
JSON Question

Safe to use file_get_contents with API Key?

Ok, so i have purchased an API key for a certain service, this service response in a

format, and my plan on getting this
response was to use
like so

$jsonResponse = file_get_contents("https://example.com/exampleapi.php?API_KEY=123456");

So my question is, is this safe and/or secure? Do i need to worry about users using something like
and getting my API key?

Answer Source

cURL and file_get_contents and other normal methods of HTTP requests should be sending the exactly same information to the server if they are configured in the same way.

What you may be concerned about: * HTTP/HTTPS: https:// isn't supported by file_get_contents in some distributions of PHP. Otherwise, if you use HTTPS, it is relatively more secure, regardless of what function you use to send the request. * GET/POST: I don't think file_get_contents supports POST requests. However, since you are not a browser, the request method doesn't really affect you. If anyone is to intercept the connection, GET and POST won't do much difference. The only thing is that some servers store GET fields, but it's the server's responsibility anyway.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download