Best IT Recipes

Saving a session using Curl and PHP

I am trying to connect to the api, authenticate the user, and then view the details of the user. This is achieved by first accessing the entry endpoint at

http://api.example.com/login/<username>/<password>

to log in and then to view user information:

 http://api.example.com/user/

All this works in a web browser. However, as soon as I try to use Curl, the login works fine, but when you try to view user data, I return a 401 unauthorized error. I believe this is because Curl doesn't save session cookies properly? Can someone indicate why it does not work and how to fix it? I tried to exchange stacks, however none of the solutions I tried worked for my situation. The code I use to twist the endpoints is shown below. Thank!

 define("COOKIE_FILE", "cookie.txt"); // Login the user $ch = curl_init('http://api.example.com/login/joe/smith'); curl_setopt ($ch, CURLOPT_COOKIEJAR, COOKIE_FILE); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_HEADER, true); echo curl_exec ($ch); // Read the session saved in the cookie file echo "<br/><br/>"; $file = fopen("cookie.txt", 'r'); echo fread($file, 100000000); echo "<br/><br/>"; // Get the users details $ch = curl_init('http://api.example.com/user'); curl_setopt ($ch, CURLOPT_COOKIEJAR, COOKIE_FILE); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_HEADER, true); echo curl_exec ($ch);

This code will output:

 HTTP/1.1 200 OK Date: Mon, 22 Oct 2012 21:23:57 GMT Server: LiteSpeed Connection: close X-Powered-By: PHP/5.3.14 Set-Cookie: cfapi=f481129c9616b8f69cc36afe16466545; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: application/json X-Powered-By: CFWAPI 0.1a Content-Length: 46 {"status":200,"msg":"Successfully Logged In."} # Netscape HTTP Cookie File # http://curl.haxx.se/rfc/cookie_spec.html # This file was generated by libcurl! Edit at your own risk. api.example.com FALSE / FALSE 0 cfapi 94f63b07ccf7e34358c1c922341c020f HTTP/1.1 401 Unauthorized Date: Mon, 22 Oct 2012 21:23:57 GMT Server: LiteSpeed Connection: close X-Powered-By: PHP/5.3.14 Set-Cookie: cfapi=a8eb015a7c423dde95aa01579c4729a4; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: application/json X-Powered-By: CFWAPI 0.1a Content-Length: 49 {"status":401, "msg":"You need to login first!"}
+39
php curl session
Oct 22
source share
4 answers

You also need to set the CURLOPT_COOKIEFILE option.

The manual describes this as

The name of the file containing the cookie. The cookie can be in Netscape format or simply HTTP-style headers dumped into a file. If the name is an empty string, the cookie does not load, but cookie processing is still enabled.

Since you use a cookie jar, you end up saving cookies when requests end, but since CURLOPT_COOKIEFILE not specified, cURL does not send any of the saved cookies on subsequent requests.

+23
Oct 22
source share

You used CURLOPT_COOKIEJAR (write) correctly, but you also need to set CURLOPT_COOKIEFILE (read)

 curl_setopt ($ch, CURLOPT_COOKIEJAR, COOKIE_FILE); curl_setopt ($ch, CURLOPT_COOKIEFILE, COOKIE_FILE);
+23
Oct 22
source share

Yup, often called a cookie jar, Google should provide many examples:

http://devzone.zend.com/16/php-101-part-10-a-session-in-the-cookie-jar/

http://curl.haxx.se/libcurl/php/examples/cookiejar.html <- a good example IMHO

Copying the latter here so that it does not disappear ...

Log in on one page and then get another page that transmits all cookies from the first page to Written by Mitchell

 <?php /* This script is an example of using curl in php to log into on one page and then get another page passing all cookies from the first page along with you. If this script was a bit more advanced it might trick the server into thinking its netscape and even pass a fake referer, yo look like it surfed from a local page. */ $ch = curl_init(); curl_setopt($ch, CURLOPT_COOKIEJAR, "/tmp/cookieFileName"); curl_setopt($ch, CURLOPT_URL,"http://www.myterminal.com/checkpwd.asp"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "UserID=username&password=passwd"); ob_start(); // prevent any output curl_exec ($ch); // execute the curl command ob_end_clean(); // stop preventing output curl_close ($ch); unset($ch); $ch = curl_init(); curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); curl_setopt($ch, CURLOPT_COOKIEFILE, "/tmp/cookieFileName"); curl_setopt($ch, CURLOPT_URL,"http://www.myterminal.com/list.asp"); $buf2 = curl_exec ($ch); curl_close ($ch); echo "<PRE>".htmlentities($buf2); ?>
+9
Oct 22
source share

This is how you do CURL with sessions

 //initial request with login data $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'http://www.example.com/login.php'); curl_setopt($ch, CURLOPT_USERAGENT,'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/32.0.1700.107 Chrome/32.0.1700.107 Safari/537.36'); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, "username=XXXXX&password=XXXXX"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_COOKIESESSION, true); curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie-name'); //could be empty, but cause problems on some hosts curl_setopt($ch, CURLOPT_COOKIEFILE, '/var/www/ip4.x/file/tmp'); //could be empty, but cause problems on some hosts $answer = curl_exec($ch); if (curl_error($ch)) { echo curl_error($ch); } //another request preserving the session curl_setopt($ch, CURLOPT_URL, 'http://www.example.com/profile'); curl_setopt($ch, CURLOPT_POST, false); curl_setopt($ch, CURLOPT_POSTFIELDS, ""); $answer = curl_exec($ch); if (curl_error($ch)) { echo curl_error($ch); }

I saw it on ImpressPages

+9
Mar 06 '14 at 7:06
source share


More articles:


All Articles