Issue 21: Error with google login (non curl version)
Status:  Invalid
Owner: ----
Closed:  Jan 2011
Reported by zackha...@gmail.com, Jan 5, 2011

Warning: get_headers() [function.get-headers]: This function may only be used against URLs. in /home/a6630283/public_html/connect/openid.php on line 177

Warning: file_get_contents(https://www.google.com/accounts/o8/id) [function.file-get-contents]: failed to open stream: No such file or directory in /home/a6630283/public_html/connect/openid.php on line 212

Warning: file_get_contents(https://www.google.com/accounts/o8/id) [function.file-get-contents]: failed to open stream: No such file or directory in /home/a6630283/public_html/connect/openid.php on line 212

No servers found!


Jan 5, 2011
Project Member #1 mewp...@gmail.com
Are you sure that you have https wrappers enabled?
Jan 5, 2011
#2 zackha...@gmail.com
that's probably it. Thanks for quick response. Unfortunately i have no control over this as i am not the admin. With curl version I get another issue which is :

Warning: curl_setopt() [function.curl-setopt]: CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir is set in /home/a6630283/public_html/connect/openid.php on line 142

Protocol https not supported or disabled in libcurl

So I guess there is no work around other than switching to a different service provider ?
Jan 6, 2011
Project Member #3 mewp...@gmail.com
Neither LightOpenID, nor any other php library could possibly support OpenID on a php installation with no support for https.

As for the warning you get, it's a consequence of safe_mode being set.
Since safe_mode is deprecated for some time now, switching to another service provider would be a good choice.
Status: Invalid
Jan 13, 2011
#4 themoose...@googlemail.com
On my page is safe_mode off, but I get this warning. I guess the reason is open_basedir as it is set. Where is the problem? If I deactivate the warning, I can use LightOpenID. 

Why do I get this warning? Where is the potential risk?
Jan 13, 2011
Project Member #5 mewp...@gmail.com
The problem is, for example, the url http://google.com/accounts/o8/id won't work, because google will redirect to https://www.google.com/accounts/o8/id using the Location header, and LightOpenID won't be able to follow it.

As for the risk, if CURL_FOLLOWLOCATION is set, php has no control over what file curl reads, and it can't enforce open_basedir.

Please use the streams-based version if possible, since it will follow the Location headers.

I have pushed a patch and published the new version as LightOpenID 0.4.