When using a secure connection (https) with PHP scripts, simple functions such as fopen, etc (filesystem objects and functions) do not work because of some security issues. Unfortunately, I need to read and write to local server files over a secure connection and cannot seem to find a way to do this without opening a port to an unsecure page in the same directory (thereby making this an unsecure method). Does anyone have a work-around on this issue, or is this another PHP brickwall?

Thanks in advance all!

You need to write to files on another server via HTTPS?

no, the files are on the same server, same directory, but the allow_url_fopen is set to false on the hosting company's php settings for the domain. this is one of those php.ini settings that cannot be altered in a *.php script with built-in PHP functions.

Mainly, I get errors when trying to access any local files over https using the filesystem object. This is in place for some security reason in PHP. I'm just looking for some type of work-around without compromizing the secure connection.

So if the files are in the same directory why are you trying to open them with a URL rather than using the filesystem?

as stated earlier, for some reason, when I attempt to use the filesystem when accessing the page through a https connection, it doesn't work at all. I receive errors stating that the file cannot be read or file cannot be opened (using is_readable function and others). When accessing the same script via http, it works fine though. this is why the only work-around that i could come up with was to call the page via https and have the page open a Curl call to another page in the same domain over a http connection to import the file information. this of course is insecure and a complete pain to handle. I'm just looking for any ideas on another way to access the filesystem without having to do the above method.

I'm not trying to be a pain but I just don't understand what could be happening (much like yourself) so please forgive me if these questions seem dumb.

So you have tried accessing this file using fopen and a local path....e.g.

PHP Code:

fopen('/home/user/www/file.txt') 


And this works just fine when using http vs https? That is pretty confusing considering when you feed fopen a local path it is supposed to register it as such however if you feed it something like scheme:// it is supposed to register it as a URL and this is where allow_url_fopen would come into play.

If every question I have just typed is true then the only other thing I can think of is that your installation became corrupt or your possibly having some caching issues with your browser or php app. Some code would really help though.