I'm writing a function to fetch the captcha, of course it needs to keep the session. I'm using cookie file for curl and use it for every request but it does not work. When I view the cookie file, I see that the PHPSESSID changed each time I call the function. How could I solve it?
Here is my code
<?php
function fetch_captcha($url, $cookie_file = false, $user_agent = DEFAULT_USER_AGENT, $timeout = 10) {
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_VERBOSE, true);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
if ($cookie_file) {
curl_setopt($curl, CURLOPT_COOKIESESSION, true);
curl_setopt($curl, CURLOPT_COOKIEJAR, $cookie_file);
curl_setopt($curl, CURLOPT_COOKIEFILE, $cookie_file);
}
curl_setopt($curl, CURLOPT_USERAGENT, $user_agent);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, $timeout);
$response = curl_exec($curl);
curl_close($curl);
return $response;
}
Don't use:
curl_setopt($curl, CURLOPT_COOKIESESSION, true);
PHPSESSID is a session cookie, and this option causes each cURL call to start a new session, so it ignores all session cookies in the file.
Related
Is there any way to get file contents of external webiste, say https://www.example.com/.
For eg. Using Python from shell_exec. I tried python but got blank.
Not sure why you want to use shell_exec but
you can use
$data = file_get_contents('https://www.example.com/');
or
$url = 'https://www.example.com/';
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_HEADER, false);
$data = curl_exec($curl);
curl_close($curl);
if you want to maintain the session you could use curl with CURLOPT_COOKIEFILE
eg:
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_COOKIEFILE, "cookiefile");
curl_setopt($ch, CURLOPT_COOKIEJAR, "cookiefile");
curl_setopt($ch, CURLOPT_COOKIE, session_name() . '=' . session_id());
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_URL, 'https://www.example.com/');
$data = curl_exec($ch);
or if you really want to use the shell_exec the use follwing
$data = shell_exec('curl -I https://www.example.com/');
echo "<pre>$data</pre>";
however for above to work you have to have curl installed check following for instillation of curl
https://curl.se/
hope this works
I'm trying to realize a simple authorization using login and password. I get a cookie but not sure if authorized or not (how to check?), also I am trying to redirect after authorization but as a result, I get Error 404 after my code tried to redirect (followlocation, true).
Here's my php code
Trying just to redirect but 404 occurred.
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
$result = curl_exec($curl);
echo $result;
curl_close($curl);
And here's trying to authorize, not sure if it works (but I get cookie and in header I get 200 OK)
$loginData = [
urlencode('j_username') => 'someName',
urlencode('j_password') => 'somePassword'
];
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_HEADER, true);
curl_setopt($curl, CURLOPT_VERBOSE, 2);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($loginData));
curl_setopt($curl, CURLOPT_COOKIEJAR, $_SERVER['DOCUMENT_ROOT'].'/authCookie.txt');
curl_setopt($curl, CURLOPT_COOKIEFILE, $_SERVER['DOCUMENT_ROOT'].'/authCookie.txt');
$result = curl_exec($curl);
echo $result;
curl_close($curl);
Also, I use urlencode but not sure if I use it in the right way (I have it in curl like $curl --location --request POST 'http://someFullName' \ --data-urlencode 'j_username=someUsername' \ --data-urlencode 'j_password=somePassword')
for auth you can use http basic auth it very simple in use for client and server, client code in this case will be look like:
<?php
const COOKIE_FILE = '/tmp/authCookie';
$host = 'localhost';
$username = 'login';
$password = 'pass';
$ch = curl_init($host);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_USERPWD, sprintf('%s:%s', $username, $password));
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_COOKIEJAR, COOKIE_FILE);
curl_setopt($ch, CURLOPT_COOKIEFILE, COOKIE_FILE);
$return = curl_exec($ch);
curl_close($ch);
about your 4xx error, i think you have problems with server, for test redirections you can do something like:
<?php
//stable route with redirect
$host = 'https://bitly.is/EnterpriseButton';
$userAgent = 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:76.0) Gecko/20100101 Firefox/76.0';
$curl = curl_init($host);
curl_setopt($curl, CURLOPT_USERAGENT, $userAgent);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, $host);
//with enabled followlocation
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($curl, CURLOPT_HEADER, true);
$result = curl_exec($curl);
curl_close($curl);
var_dump($result);
$curl = curl_init($host);
curl_setopt($curl, CURLOPT_USERAGENT, $userAgent);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, $host);
//with disabled followlocation
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false);
curl_setopt($curl, CURLOPT_HEADER, true);
$result = curl_exec($curl);
curl_close($curl);
var_dump($result);
and for check auth work you can auth through browser with cookies from curl
I am trying to access a page, say http://www.domain.com/profile. The action and login urls are the same, and I am trying to save cookies to http://www.example.com/cookies.txt for authentication. Here is the code I'm using:
$loginURL = 'http://www.domain.com/login';
$COOKIE_FILE = 'http://wwww.example.com/cookies.txt';
$postValues = array(
'username' => 'myusername',
'password' => 'mypassword'
);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $loginURL);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postValues));
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_COOKIEJAR, $COOKIE_FILE);
curl_setopt($curl, CURLOPT_USERAGENT, 'Chrome/35.0.2309.372');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_REFERER, $loginURL);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
curl_exec($curl);
if(curl_errno($curl)){throw new Exception(curl_error($curl));}
// now we are logged in, attempt to access a password-protected page
curl_setopt($curl, CURLOPT_URL, 'http://www.domain.com/profile');
curl_setopt($curl, CURLOPT_COOKIEJAR, $COOKIE_FILE);
curl_setopt($curl, CURLOPT_USERAGENT, USER_AGENT);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
echo curl_exec($curl);
It seems like the curl requests are successful, but I am getting echoed a page from the server saying "Unauthorized Access". I don't think my cookies system is working correctly? How can I check that? How do I fix it?
Set CURLOPT_COOKIEFILE to same path as CURLOPT_COOKIEJAR. curl reads from file and writes to jar.
ETA: One likely reason your script doesn't work is that you don't send the cookie data from the first request in the second request.
So the actual answer was that the login was through CAS, which necessitates a much more complicated authentication process. However, my code above was improperly using CURLOPT_COOKIEFILE and CURLOPT_COOKIEJAR, so after I made those fixes I discovered I needed a rework of the approach.
I got problem which is session out. The problem is I can connect to website with login panel, but after all when I click other links onto website , it was like as if i did not log in the website. So, how can i code something to keep online to website? What should i do for this?
<?php
function login ($url,$information){
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION,true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $information);
curl_setopt($curl, CURLOPT_COOKIEJAR, "cookie.txt");
curl_setopt($curl, CURLOPT_COOKIEFILE, "cookie.txt");
curl_exec($curl);
curl_close($curl);
}
login("http://www.na.edu/online/login/index.php","username=user&password=blablabla");
?>
I have a problem with my requests with cURL.
I want to log-in, it works. I want to conserve the cookie to keeep the connexion available, it works.
$lien = 'https://thewebsite.com';
$postfields = array(
'username' => 'test123',
'password' => 'test123'
);
$path_cookie = 'connexion.txt';
if (!file_exists(realpath($path_cookie))) touch($path_cookie);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $lien);
curl_setopt($curl, CURLOPT_COOKIESESSION, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $postfields);
curl_setopt($curl, CURLOPT_COOKIEJAR, realpath($path_cookie));
$return = curl_exec($curl);
echo($return);
curl_close($curl);
Second part :
$lien2 = 'https://thewebsite.com/myaccount';
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $lien2);
curl_setopt($curl, CURLOPT_COOKIESESSION, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $postfields);
curl_setopt($curl, CURLOPT_COOKIEFILE, realpath($path_cookie));
$return = curl_exec($curl);
echo realpath($path_cookie);
curl_close($curl);
But when I want to make an other requests, it won't work, the output is :
Object moved to here.
Here is the page of the login (https://thewebsite.com) ...
So the connexion doesn't stay available and the server has been kicked out when I try to achieve the second curl command.
Any one can help me please?
Maybe the first request isn't complete before the second one, how can I make a pause between the 2 requests? (sleep won't work)
Taken from php documentation:
CURLOPT_COOKIESESSION:
TRUE to mark this as a new cookie "session". It will force libcurl to ignore all cookies it is about to load that are "session cookies" from the previous session. By default, libcurl always stores and loads all cookies, independent if they are session cookies or not. Session cookies are cookies without expiry date and they are meant to be alive and existing for this "session" only.
So in other words, remove CURLOPT_COOKIESESSION from your second part code and your code should work.