I am trying to access a page, say http://www.domain.com/profile. The action and login urls are the same, and I am trying to save cookies to http://www.example.com/cookies.txt for authentication. Here is the code I'm using:
$loginURL = 'http://www.domain.com/login';
$COOKIE_FILE = 'http://wwww.example.com/cookies.txt';
$postValues = array(
'username' => 'myusername',
'password' => 'mypassword'
);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $loginURL);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postValues));
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_COOKIEJAR, $COOKIE_FILE);
curl_setopt($curl, CURLOPT_USERAGENT, 'Chrome/35.0.2309.372');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_REFERER, $loginURL);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
curl_exec($curl);
if(curl_errno($curl)){throw new Exception(curl_error($curl));}
// now we are logged in, attempt to access a password-protected page
curl_setopt($curl, CURLOPT_URL, 'http://www.domain.com/profile');
curl_setopt($curl, CURLOPT_COOKIEJAR, $COOKIE_FILE);
curl_setopt($curl, CURLOPT_USERAGENT, USER_AGENT);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
echo curl_exec($curl);
It seems like the curl requests are successful, but I am getting echoed a page from the server saying "Unauthorized Access". I don't think my cookies system is working correctly? How can I check that? How do I fix it?
Set CURLOPT_COOKIEFILE to same path as CURLOPT_COOKIEJAR. curl reads from file and writes to jar.
ETA: One likely reason your script doesn't work is that you don't send the cookie data from the first request in the second request.
So the actual answer was that the login was through CAS, which necessitates a much more complicated authentication process. However, my code above was improperly using CURLOPT_COOKIEFILE and CURLOPT_COOKIEJAR, so after I made those fixes I discovered I needed a rework of the approach.
Related
I am doing a remote location, and I can successfully login, and follow the location of the url to the next page. But from there I need to go to another page(it does not automatically redirect), I need to do it manually. This is the link after the login and follow location https://homeaccess.katyisd.org/HomeAccess/Classes/Classwork, and this is the link I need to manually redirect to https://homeaccess.katyisd.org/HomeAccess/Classes/Classwork
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
$url = curl_setopt($ch, CURLOPT_URL, 'https://homeaccess.katyisd.org/HomeAccess/Account/LogOn? ReturnUrl=https://homeaccess.katyisd.org/HomeAccess/Classes/Classwork');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 0);
curl_setopt($ch, CURLOPT_REFERER, 'https://homeaccess.katyisd.org');
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
$wrapperPage = (curl_exec($ch));
curl_close($ch);
print $wrapperPage;
?>
In this instance you can not redirect much like what would happen if you were using a browser. You'll have to do another cURL session, setting your URL as:
https://homeaccess.katyisd.org/HomeAccess/Classes/Classwork
It's not the user which spawns the redirect, its the web server when it sends the HTTP response code 302.
I got problem which is session out. The problem is I can connect to website with login panel, but after all when I click other links onto website , it was like as if i did not log in the website. So, how can i code something to keep online to website? What should i do for this?
<?php
function login ($url,$information){
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION,true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $information);
curl_setopt($curl, CURLOPT_COOKIEJAR, "cookie.txt");
curl_setopt($curl, CURLOPT_COOKIEFILE, "cookie.txt");
curl_exec($curl);
curl_close($curl);
}
login("http://www.na.edu/online/login/index.php","username=user&password=blablabla");
?>
I wonder if is possible to keep the login while the cookie exists so i just need to do the login once, even on with differents scripts. I'm doing the things like this:
$tempCookie = 'mycookiefile';
//Begins with the base URL to save cookies
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_COOKIEJAR, $tempCookie);
curl_setopt($ch, CURLOPT_COOKIEFILE, $tempCookie);
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible;)");
curl_exec($ch);
//Now i do the login
curl_setopt($ch, CURLOPT_URL, $loginUrl);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
array('username' => $usuario, 'password' => $password));
echo curl_exec($ch); //the login works
And now i do my stuff to get data from the url.
Could I skip all the login process and do it only once? like when we close a browser's window and we come back and we are still logged.
I'm writing a function to fetch the captcha, of course it needs to keep the session. I'm using cookie file for curl and use it for every request but it does not work. When I view the cookie file, I see that the PHPSESSID changed each time I call the function. How could I solve it?
Here is my code
<?php
function fetch_captcha($url, $cookie_file = false, $user_agent = DEFAULT_USER_AGENT, $timeout = 10) {
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_VERBOSE, true);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
if ($cookie_file) {
curl_setopt($curl, CURLOPT_COOKIESESSION, true);
curl_setopt($curl, CURLOPT_COOKIEJAR, $cookie_file);
curl_setopt($curl, CURLOPT_COOKIEFILE, $cookie_file);
}
curl_setopt($curl, CURLOPT_USERAGENT, $user_agent);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, $timeout);
$response = curl_exec($curl);
curl_close($curl);
return $response;
}
Don't use:
curl_setopt($curl, CURLOPT_COOKIESESSION, true);
PHPSESSID is a session cookie, and this option causes each cURL call to start a new session, so it ignores all session cookies in the file.
I have a problem with my requests with cURL.
I want to log-in, it works. I want to conserve the cookie to keeep the connexion available, it works.
$lien = 'https://thewebsite.com';
$postfields = array(
'username' => 'test123',
'password' => 'test123'
);
$path_cookie = 'connexion.txt';
if (!file_exists(realpath($path_cookie))) touch($path_cookie);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $lien);
curl_setopt($curl, CURLOPT_COOKIESESSION, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $postfields);
curl_setopt($curl, CURLOPT_COOKIEJAR, realpath($path_cookie));
$return = curl_exec($curl);
echo($return);
curl_close($curl);
Second part :
$lien2 = 'https://thewebsite.com/myaccount';
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $lien2);
curl_setopt($curl, CURLOPT_COOKIESESSION, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $postfields);
curl_setopt($curl, CURLOPT_COOKIEFILE, realpath($path_cookie));
$return = curl_exec($curl);
echo realpath($path_cookie);
curl_close($curl);
But when I want to make an other requests, it won't work, the output is :
Object moved to here.
Here is the page of the login (https://thewebsite.com) ...
So the connexion doesn't stay available and the server has been kicked out when I try to achieve the second curl command.
Any one can help me please?
Maybe the first request isn't complete before the second one, how can I make a pause between the 2 requests? (sleep won't work)
Taken from php documentation:
CURLOPT_COOKIESESSION:
TRUE to mark this as a new cookie "session". It will force libcurl to ignore all cookies it is about to load that are "session cookies" from the previous session. By default, libcurl always stores and loads all cookies, independent if they are session cookies or not. Session cookies are cookies without expiry date and they are meant to be alive and existing for this "session" only.
So in other words, remove CURLOPT_COOKIESESSION from your second part code and your code should work.