I am having HTTP cookie based Authentication,After Authentication i get cookie in response,
Another step is to send cookie in request to API. along with post/get request
Below Example is of my Curl
$cookie_jar= $_COOKIE['DesigntoolAuth'];
//$ch = curl_init($url);
// The data to send to the API
$postData = array(
'ProjectId' => $projectId,
'ProjectName' => $proname,
'ProjectDetails' => $details,
'UserId' => $userId
);
$data_string = json_encode($postData);
// Setup cURL
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($c, CURLOPT_COOKIEFILE, $cookie_jar);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json'
//'Content-Length: ' . strlen($data_string)
));
$api_result = curl_exec($ch);
echo $api_result;
Can Anybody tell how ti send the cookie ?
From the cURL PHP reference:
CURLOPT_COOKIEFILE
The name of the file containing the cookie data. The cookie file can be in Netscape format, or just plain HTTP-style headers dumped into a file. If the name is an empty string, no cookies are loaded, but cookie handling is still enabled.
This means that the CURLOPT_COOKIEFILE needs to refer to a file which contains the cookies you need to send. The file is a file which exists on the server running cURL, which, in turn, will transmit the cookie data to the remote host. I'd expect read access to be required on the file.
A good answer describing how the Netscape format looks like can be found here
In addition, if you want to keep the cookies that are generated during the request, you also need to set a CURLOPT_COOKIEJAR.
Related
Im trying to integrate 3rd part API in PHP curl.
It is working fine and got the response when I tried in postman. But it is not working in my PHP CURL code.
I find the there is JSESSIONID is set in header in postman. I don't know how to create that JSESSIONID in php curl and set in cookies.
Anyone know about this?
PHP code
$url = "http://website.com/Public/login/";
$dataa["userNo"] = "username";
$dataa["userPassword"] = "password";
$data = json_encode($dataa);
$ch = curl_init($url);
$headers = array(
'Content-type: application/json',
"Cookie: JSESSIONID=2cba2d9d7dc5455b76t90f4ccac3; httpOnly"
);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt( $ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch,CURLOPT_POSTFIELDS,$data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
// Instruct cURL to store cookies in this file.
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookies.txt');
// Instruct cURL to read this file when asked about cookies.
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookies.txt');
$response1 = curl_exec($ch);
curl_close($ch);
$res = json_decode($response1,true);
The URL you're accessing is trying to set cookies.
To accept cookies with cURL, you'll need to specify a "cookie jar", a file where cURL can store the cookies it receives:
// Instruct cURL to store cookies it receives in this file.
curl_setopt($ch, CURLOPT_COOKIEJAR, '/tmp/cookies.txt');
// Instruct cURL to read this file when asked about cookies.
curl_setopt($ch, CURLOPT_COOKIEFILE, '/tmp/cookies.txt');
JSESSIONID sounds like a "session ID" cookie, something that keeps track of a session, or a series of requests. The session ID 2cba2d9d7dc5455b76t90f4ccac3 is tied to the session you started with Postman, you'll need to remove that from your PHP request.
I have to automate uploading values to a remote server by php script.
The interface accepts only POST variables - NO GET variables.
Interface documentation (for form field names) looks like:
iegUsername: your username
iegPassword: your password
iegImportFile: The UTF-8 encoded plain text import file. The file data may optionally be zipped.
This means i have to POST TWO VARIABLES and ONE FILE.
I'm new in Curl therefore i started in PHP with this:
// create curl resource
$request = curl_init();
// Array with the fields names and values
$postData = array(
'iegUsername' => 'myusername',
'iegPassword' => 'mypassword',
'submit' => 'ok'
);
//add file support with: 'file' => '#' . realpath('example.txt')
// set timeout if remote server is down
curl_setopt($request, CURLOPT_CONNECTTIMEOUT, 30);
// set remote target url
curl_setopt($request, CURLOPT_URL, ""); //for testing post on current page
//Enable the post response.
//curl_setopt($request, CURLOPT_POST, true);
curl_setopt($request, CURLOPT_CUSTOMREQUEST, "POST");
$headers = ['Content-Type: multipart/form-data'];
curl_setopt($request, CURLOPT_HTTPHEADER, $headers);
//The data to transfer with the response.
curl_setopt($request, CURLOPT_POSTFIELDS, $postData);
//return the transfer as a string
curl_setopt($request, CURLOPT_RETURNTRANSFER, true);
// disable verification
curl_setopt($request, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($request, CURLOPT_SSL_VERIFYHOST, false);
Actually i don't have added file support.
My Problem
In Browser dev tools i cannot see any POST only GET responses.
I need a real POST with data in it not a urled GET one...
Hopefully someone can give help.
okay, misunderstood of server side and client side. Thought a response back to my location should result in a post response within dev tools of browser, this is not correct.
POST works.
I am trying to set up an Instagram API feed with CURL in PHP, however the string returns empty when trying to retrieve the auth code, before later making a successful call to retrieve a user's content:
$uri = 'https://api.instagram.com/oauth/authorize/';
$data = [
'client_id' => $client_id,
'redirect_uri' => $redirect_uri,
'response_type' => 'code'
];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $uri);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_NOBODY, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
$result = curl_exec($ch);
curl_close($ch);
var_dump($result);
However, when I access the URL directly in the browser, it does return to the redirect URI with the code that I need:
https://api.instagram.com/oauth/authorize/?client_id=CLIENT_ID_HERE&redirect_uri=REDIRECT_HERE&response_type=code
i.e. the browser redirects successfully (including the "code" GET data) to http://REDIRECT_HERE/?code=XXXXXXXXXXXX
I'd basically like to store the auth code in a variable for later use rather than using the manual way of getting the code via a browser redirect.
your browser sends the data in the url RFC-1738 style with a GET request, while your php curl code sends the data in a POST request encoded with multipart/form-data, no wonder the server gets confused. to send the data in the url with php just like your browser does, get rid of curl_setopt($ch, CURLOPT_POST, true); (because it tells curl to do a POST request instead of the default GET request, your browser does a GET request) and curl_setopt($ch, CURLOPT_POSTFIELDS, $data); (because it tells curl to send it in the request body, while your browser send it in the url), and change your CURLOPT_URL to
curl_setopt($ch, CURLOPT_URL, $uri."?".http_build_query($data));
then your php curl request should roughly match your browser request, and get the same response. (there will still be minor differences, like a different User-Agent header, Accept header, and Accept-Encoding header, but that usually doesn't matter)
If I load in a cookie, I am able to get to the page that requires cookies, like this:
$cookie = ".ASPXAUTH=Secret";
curl_setopt($ch, CURLOPT_COOKIE, $cookie);
No problem here, I can run curl_exec, and see the page that requires cookies.
If I also want to send some post data, I can do like this:
$data = array(
'index' => "Some data is here"
);
$cookie = ".ASPXAUTH=Secret";
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_COOKIE, $cookie);
I have set up a dump script on my local server, to see if it is working. If i send only the cookie, I can see it in the http headers, and if I send only the post data, I can see the post data.
When I send both, I see only the cookie.
Why?
I finally found a solution.
If I manually set the cookie, using a custom http_header, I am able to get the results wanted.
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Cookie:.ASPXAUTH=secretData"));
Even tried on different servers - same results.
I would like to perform an http request and pass all cookies received by the current script (in particular session identifying cookies) to this request. Then I would like to save the result in a string for further manipulation. What is the best way to do this in PHP ?
cURL ? - it is simple and supprot cookies .
Edit 19.1 - Here is example
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://www.example.com/");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_COOKIEJAR, '/tmp/cookies.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, '/tmp/cookies.txt');
$output = curl_exec($ch);
$info = curl_getinfo($ch);
curl_close($ch);
CURLOPT_COOKIEJAR is file where cURL put cookies sent from server and CURLOPT_COOKIEFILE is file with cookies for sending by cURL ( setting it to same one will make it cookies file ).
Another option is manually read cookies from result ( set CURLOPT_HEADER to '1' - it will put result header into $output ) and send cookies via CURLOPT_COOKIE ( set it to list of cookies in format 'foo=bar;bar=foo;' )
Note - libcurl must be enabled in php.ini