Simple PHP Qualys API class

Document created by PeterPeter on Dec 26, 2011Last modified by PeterPeter on Mar 12, 2012
Version 5Show Document
  • View in full screen mode



I just began to write a PHP class today to make calls through the Qualys API and I wanted to share it as I didn't see any proper PHP example here. This is just a simple example to perform some basics action as login / logout.


You will need >= PHP 5 to make this script work.


I were not able to test the script without a proxy, so I hope it works!




class SimpleQAPI
          // Params
          private $_connectTimeout;
          private $_timeout;
          private $_ckfile;
          private $_qlogin;
          private $_qpassword;
          private $_plogin;
          private $_ppassword;
          private $_purl;
          private $_pport;
          private $_headers;
          private $_post;
          private $_ch;
          private $_is_logged = false;
          private $_proxy = false;
          private $_proxy_auth = false;

          // Answer of a request will be stored in $resp 
          public $resp;

          // Constructor
          public function __construct($params){
                    if (isset($params['purl']) && isset($params['pport']))
                              $this->_proxy = true;
                              if (isset($params['plogin']) && isset($params['ppassword']))
                                        $this->_proxy_auth = true;
                    foreach ($params as $key => $value){
                              $key = '_'.$key;
                              $this->$key = $value;

          // Function to build the post DATA
          private function _build_post(){
                    $post = '';
                              foreach ($this->_post as $key => $value)
                                        $post .= $key.'='.$value.'&';
                    return substr($post, 0, -1);

          // Function handling common curl operations
          private function _common_curl(){
                    $this->_ch = curl_init();
                    curl_setopt($this->_ch, CURLOPT_URL, 'https://'.$this->_qdomain.'/'.$this->_qurl);
                    ($this->_is_logged) ? curl_setopt($this->_ch, CURLOPT_COOKIEFILE, $this->_ckfile) : curl_setopt($this->_ch, CURLOPT_COOKIEJAR, $this->_ckfile);
                    curl_setopt($this->_ch, CURLOPT_POSTFIELDS, $this->_build_post());
                    if ($this->_proxy)
                              curl_setopt($this->_ch, CURLOPT_PROXY, $this->_purl.':'.$this->_pport);
                    curl_setopt($this->_ch, CURLOPT_POST, TRUE);
                    if ($this->_proxy_auth)
                              curl_setopt($this->_ch, CURLOPT_PROXYUSERPWD, $this->_plogin.':'.$this->_ppassword);
                    curl_setopt($this->_ch, CURLOPT_CONNECTTIMEOUT, $this->_connectTimeout);
                    curl_setopt($this->_ch, CURLOPT_TIMEOUT, $this->_timeout);
                    curl_setopt($this->_ch, CURLOPT_SSL_VERIFYPEER, FALSE);
                    curl_setopt($this->_ch, CURLOPT_SSL_VERIFYHOST , FALSE);
                    curl_setopt($this->_ch, CURLOPT_RETURNTRANSFER, TRUE);
                    curl_setopt($this->_ch, CURLOPT_HTTPHEADER, $this->_headers);
                    $this->resp = curl_exec($this->_ch);
                              echo 'Curl error: ' . curl_error($this->_ch);

          // Login
          public function login(){
                    $this->_ckfile = tempnam ('.', 'CURLCOOKIE');
                    $this->_post = array('action' => 'login',
                              'username' => $this->_qlogin,
                              'password' => $this->_qpassword);
                    $this->_qurl = 'api/2.0/fo/session/';
                    $this->_is_logged = true;

          // Logout
          public function logout(){
                    $this->_post = array('action' => 'logout');
                    $this->_qurl = 'api/2.0/fo/session/';
                    $this->_is_logged = false;

          // View IP list
          public function view_ip_list(){
                    $this->_post = array('action' => 'list');
                    $this->_qurl = 'api/2.0/fo/asset/ip/';

          // View host list
          public function view_host_list(){
                    $this->_post = array('action' => 'list');
                    $this->_qurl = 'api/2.0/fo/asset/host/';
// Params for the connection : Need services accounts for Qualys and Proxy
// Remove plogin, ppassword, purl, pport for no proxy
// Remove plogin, ppassword for proxy withouth authentication

$params = array('qlogin' => 'Qualys login',
          'connectTimeout' => 10'
          'timeout' => 59'
          'qpassword' => 'Qualys Password',
          'qdomain' => 'Qualys domain without HTTP'; // For example ''
          'plogin' => 'Proxy login',
          'ppassword' => 'Proxy password',
          'headers' => array('X-Requested-With: SimpleQAPI'),
          'purl' => '',
          'pport' => 'port number');

$SimpleQAPI = new SimpleQAPI($params);
// You have to use the login() method to be able to launch the view_xxx_list() methods
// For each request the answer is stored in $SimpleQAPI->resp
// This should print : 201x-xx-xxTxx:xx:xxZ Logged in 
echo $SimpleQAPI->resp;


Please let me know what you think about it.