We Keep Coding

How to send cookie in request to API In php via Curl

I am having HTTP cookie based Authentication,After Authentication i get cookie in response,
Another step is to send cookie in request to API. along with post/get request
Below Example is of my Curl
$cookie_jar= $_COOKIE['DesigntoolAuth'];
//$ch = curl_init($url);
// The data to send to the API
$postData = array(
'ProjectId' => $projectId,
'ProjectName' => $proname,
'ProjectDetails' => $details,
'UserId' => $userId
);
$data_string = json_encode($postData);
// Setup cURL
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($c, CURLOPT_COOKIEFILE, $cookie_jar);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json'
//'Content-Length: ' . strlen($data_string)
));
$api_result = curl_exec($ch);
echo $api_result;
Can Anybody tell how ti send the cookie ?

From the cURL PHP reference:
CURLOPT_COOKIEFILE
The name of the file containing the cookie data. The cookie file can be in Netscape format, or just plain HTTP-style headers dumped into a file. If the name is an empty string, no cookies are loaded, but cookie handling is still enabled.
This means that the CURLOPT_COOKIEFILE needs to refer to a file which contains the cookies you need to send. The file is a file which exists on the server running cURL, which, in turn, will transmit the cookie data to the remote host. I'd expect read access to be required on the file.
A good answer describing how the Netscape format looks like can be found here
In addition, if you want to keep the cookies that are generated during the request, you also need to set a CURLOPT_COOKIEJAR.

PHP CURL script runs but it does not set the cookie

Im trying to set a cookie through PHP CURL for more than twenty four hour for no avail.
Before i have been setting cookies in my browser by adding them as parameters in a url as shown below
http://localhost/setc.php?userid=123&panelid=1
but now i need to set the cookie when i run a script(setcookie.php)
below is the latest of various types of code that i tried.
setcookie.php
$c = curl_init('http://localhost/atst.php?userid=628929&panelid=1');
curl_setopt($c, CURLOPT_VERBOSE, 1);
curl_setopt($c, CURLOPT_COOKIE, 'userid=123; panelid=1');
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
$page = curl_exec($c);
curl_close($c);
it still does not create the cookie, can anybody help out
P.S : if you guys too cant figure this out at least give me a hint/guide on how to set a simple cookie without any complications

The cookiejar is only saved when you close the curl handle using curl_close($ch).
From the manual:
CURLOPT_COOKIEFILE The name of the file containing the cookie data. The cookie file can be in Netscape format, or just plain HTTP-style headers dumped into a file. If the name is an empty string, no cookies are loaded, but cookie handling is still enabled.
CURLOPT_COOKIEJAR The name of a file to save all internal cookies to when the handle is closed, e.g. after a call to curl_close.
http://www.php.net/manual/en/function.curl-setopt.php
$ckfile = tempnam ("/tmp/", "CURLCOOKIE");
$BASEURL='http://localhost/openx/www/api/json/index.php/main/authenticate/';
$POSTFIELDS='username='.$username.'&password='.$password.'';
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_COOKIEJAR, "/tmp/cookieFileName");
curl_setopt($ch, CURLOPT_URL,'http://localhost/openx/www/api/json/index.php/main/authenticate/');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $POSTFIELDS);
ob_start(); // prevent any output
$result=curl_exec ($ch); // execute the curl command
ob_end_clean(); // stop preventing output
$result = curl_exec($ch);
curl_close($ch);

PHP NTLM Authentication to Active Directory + keeping session

I've got NTLM (Active Directory) based service, and I need to write a PHP application. Normally, users are logging in to website with Activre Directory credentials, and it's ok.
But what I want to do, is to let them type in their credentials to PHP-written site, which in next step will use cURL to authenticate users to that Active Directory based site where they normally log in.
And this part is hard. I need then to keep session of users that through PHP cURL script authenticated to Active Directory based site in order to use them again later
(CRON querying site to determine that it has changed and automatically do some operations when this happens, which normally user has do manually).
In order to NOT store their credentials to authenticate again when this change happens, I somehow need to store NTLM session in PHP cURL site to every user that authenticated to
that site through this PHP cURL site.
My question is: Is that even possible?
Thanks in advance.
#Willem Mulder
The code you've posted actually does cookie-storing, but that is not my point becouse I've already done that (sorry for not writing it before). What I got so far is:
$cookie_file_path = dirname(__FILE__) . '/cookies.txt';
$ch = curl_init();
//==========================================================================
curl_setopt($ch, CURLOPT_USERPWD, $username. ':' . $password);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
curl_setopt($ch, CURLOPT_FAILONERROR, 0);
curl_setopt($ch, CURLOPT_MAXREDIRS, 100);
//==========================================================================
$ret = curl_exec($ch);
By using options CURLOPT_COOKIEFILE and CURLOPT_COOKIEJAR, cURL does the cookie storing in local file "cookies.txt". The problem is, that when I comment CURLOPT_USERPWD option (after authenticating and storing cookie, so theoretically I have session), I cannot authorize to website. Perhaps it reinitializes NTLM Handshake authorisation and is expecting username and password, which I don't want to store.
I want to store session info only, to provide service this session info and omit second authentication, but cURL seems to not take this data from cookie file, and REWRITES it with not relevant data send to me from service as response to NOT AUTHRORISED access request.

Well, yes you could
$ch = curl_init('http://www.google.com/');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
// Get headers too with this line
curl_setopt($ch, CURLOPT_HEADER, 1);
$result = curl_exec($ch);
// Get cookie
preg_match('/^Set-Cookie:\s*([^;]*)/mi', $result, $m);
var_dump(parse_url($m[1]));
// And then of course store it somewhere :-)
As seen here how to get the cookies from a php curl into a variable

cURL won't trigger setcookie

I have a cURL script that is sending login info to a script.
//open connection
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url;
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields1);
//execute post
$result = curl_exec($ch);
//close connection
curl_close($ch);
//open connection
The script has a setcookie function.
setcookie("cookie_email",$email,time()+(3600*24*$i),"/");
setcookie("cookie_password",$password,time()+(3600*24*$i),"/");
When I login to the form using the form everything works as expected. For some reason when you run the cURL it's skipping the setcookies function.
I've been all over the net and I can't find a solution. I'm not sure why it's failing to set the cookies.
Any step in the right direction would be much appreciated.
Thanks,
Phil
UPDATE! - Getting Closer
Okay I have made some changes that grab cookies and put them into a cookie file. Two Issues I set.
1. The cookied password in the file reads: deleted
2. The cookies aren't being set in the browser.
How do I get the md5($password) into the file and how does:
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookies/cookies.txt');
set the cookies in the browser?

You must set the CURL_COOKIEJAR and CURL_COOKIEFILE options for curl to set where cookies should be stored and loaded from respectively.
EDIT: Your example rewritten:
//open connection
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url;
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields1);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookies/cookies.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookies/cookies.txt');
//execute post
$result = curl_exec($ch);
//close connection
curl_close($ch);
This assumes you have created a directory 'cookies/' and will save the cookies in a file called 'cookies.txt' (as long as your webserver can write to that directory, it will create the file itself)
Subsequent requests will then use any cookies stored in cookies.txt when sending their request (assuming you set the cookiefile for that request as well)

How to make cURL not return on post

Im using cURL to post data to a php file (setcookie.php) on another domain.
The file, setcookie.php is supposed to set a cookie on that domain with the data posted to it.
The problem is the cookie doesn't want to be set when im doing it with cURL, because cURL returns to the calling file/domain, i guess.
So how can I make cURL not come back to the calling file?
Or is there an easier way to do this?
Here's my code :
$ch = curl_init ("http://<other domain>/setnewcookie.php");
curl_setopt ($ch, CURLOPT_POST, true);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $datatopost);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, false);
$returndata = curl_exec ($ch);

Here's what you need to do:
$ch = curl_init('http://example.org/setnewcookie.php');
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_exec($ch);
For cookies to work with cURL, you need to define both CURLOPT_COOKIEJAR and CURLOPT_COOKIEFILE. ALso, if you don't want the content of "http://example.org/setnewcookie.php" to be outputted to the browser, you need to set CURLOPT_RETURNTRANSFER to TRUE.
This will create a cookie on your server that cURL can use for subsequent requests but it won't allow the user of your website for instance to use that cookie. If the intent is for the user to be logged in on both sites, this will not work as-is.
For cross sub-domains (as in between www1.example.org and www2.example.org), have a look at PHP authentication with multiple domains and subdomains.

If you want the cookie to get sent from domain2 to browser, browser needs to make request directly.
So if you must get the information from domain1 and user must not get it directly, I'd somehow encrypt the data and redirect browser to send the request to domain2 like this:
domain1/script.php
$return_url = 'http://domain1/script2.php';
$request_url = 'http://domain2/setnewcookie.php';
$request = $request_url . '?data=' . url_encode($encrypted_data) . '&return_url=' . urlencode($return_url);
header('Location: ' . $request);
exit;
And then in domain2/setnewcookie.php just decrypt the data, set the cookie and once that is done, redirect user back to domain1 with help of the $return_url.
Still not sure if this was what you were trying to accomplish, HTH.