I have a cURL script that is sending login info to a script.
//open connection
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url;
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields1);
//execute post
$result = curl_exec($ch);
//close connection
curl_close($ch);
//open connection
The script has a setcookie function.
setcookie("cookie_email",$email,time()+(3600*24*$i),"/");
setcookie("cookie_password",$password,time()+(3600*24*$i),"/");
When I login to the form using the form everything works as expected. For some reason when you run the cURL it's skipping the setcookies function.
I've been all over the net and I can't find a solution. I'm not sure why it's failing to set the cookies.
Any step in the right direction would be much appreciated.
Thanks,
Phil
UPDATE! - Getting Closer
Okay I have made some changes that grab cookies and put them into a cookie file. Two Issues I set.
1. The cookied password in the file reads: deleted
2. The cookies aren't being set in the browser.
How do I get the md5($password) into the file and how does:
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookies/cookies.txt');
set the cookies in the browser?
You must set the CURL_COOKIEJAR and CURL_COOKIEFILE options for curl to set where cookies should be stored and loaded from respectively.
EDIT: Your example rewritten:
//open connection
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url;
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields1);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookies/cookies.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookies/cookies.txt');
//execute post
$result = curl_exec($ch);
//close connection
curl_close($ch);
This assumes you have created a directory 'cookies/' and will save the cookies in a file called 'cookies.txt' (as long as your webserver can write to that directory, it will create the file itself)
Subsequent requests will then use any cookies stored in cookies.txt when sending their request (assuming you set the cookiefile for that request as well)
Related
Im trying to integrate 3rd part API in PHP curl.
It is working fine and got the response when I tried in postman. But it is not working in my PHP CURL code.
I find the there is JSESSIONID is set in header in postman. I don't know how to create that JSESSIONID in php curl and set in cookies.
Anyone know about this?
PHP code
$url = "http://website.com/Public/login/";
$dataa["userNo"] = "username";
$dataa["userPassword"] = "password";
$data = json_encode($dataa);
$ch = curl_init($url);
$headers = array(
'Content-type: application/json',
"Cookie: JSESSIONID=2cba2d9d7dc5455b76t90f4ccac3; httpOnly"
);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt( $ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch,CURLOPT_POSTFIELDS,$data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
// Instruct cURL to store cookies in this file.
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookies.txt');
// Instruct cURL to read this file when asked about cookies.
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookies.txt');
$response1 = curl_exec($ch);
curl_close($ch);
$res = json_decode($response1,true);
The URL you're accessing is trying to set cookies.
To accept cookies with cURL, you'll need to specify a "cookie jar", a file where cURL can store the cookies it receives:
// Instruct cURL to store cookies it receives in this file.
curl_setopt($ch, CURLOPT_COOKIEJAR, '/tmp/cookies.txt');
// Instruct cURL to read this file when asked about cookies.
curl_setopt($ch, CURLOPT_COOKIEFILE, '/tmp/cookies.txt');
JSESSIONID sounds like a "session ID" cookie, something that keeps track of a session, or a series of requests. The session ID 2cba2d9d7dc5455b76t90f4ccac3 is tied to the session you started with Postman, you'll need to remove that from your PHP request.
Im trying to set a cookie through PHP CURL for more than twenty four hour for no avail.
Before i have been setting cookies in my browser by adding them as parameters in a url as shown below
http://localhost/setc.php?userid=123&panelid=1
but now i need to set the cookie when i run a script(setcookie.php)
below is the latest of various types of code that i tried.
setcookie.php
$c = curl_init('http://localhost/atst.php?userid=628929&panelid=1');
curl_setopt($c, CURLOPT_VERBOSE, 1);
curl_setopt($c, CURLOPT_COOKIE, 'userid=123; panelid=1');
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
$page = curl_exec($c);
curl_close($c);
it still does not create the cookie, can anybody help out
P.S : if you guys too cant figure this out at least give me a hint/guide on how to set a simple cookie without any complications
The cookiejar is only saved when you close the curl handle using curl_close($ch).
From the manual:
CURLOPT_COOKIEFILE The name of the file containing the cookie data. The cookie file can be in Netscape format, or just plain HTTP-style headers dumped into a file. If the name is an empty string, no cookies are loaded, but cookie handling is still enabled.
CURLOPT_COOKIEJAR The name of a file to save all internal cookies to when the handle is closed, e.g. after a call to curl_close.
http://www.php.net/manual/en/function.curl-setopt.php
$ckfile = tempnam ("/tmp/", "CURLCOOKIE");
$BASEURL='http://localhost/openx/www/api/json/index.php/main/authenticate/';
$POSTFIELDS='username='.$username.'&password='.$password.'';
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_COOKIEJAR, "/tmp/cookieFileName");
curl_setopt($ch, CURLOPT_URL,'http://localhost/openx/www/api/json/index.php/main/authenticate/');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $POSTFIELDS);
ob_start(); // prevent any output
$result=curl_exec ($ch); // execute the curl command
ob_end_clean(); // stop preventing output
$result = curl_exec($ch);
curl_close($ch);
I have a php proxy server to which email and password are posted on the beginning (login). I then use
$ch = curl_init($url);
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $myvars);
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_COOKIEJAR, $cookieJar);
curl_setopt( $ch, CURLOPT_HEADER, 1);
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1);
to post forward to some API that expects certain parameters. As you can see I save a cookie in a cookie jar file.
I can then use this cookie file to call any other requests to proxy -> API and successfully get the response. Everything works just fine. I use
curl_setopt ($ch, CURLOPT_COOKIEFILE, $cookieJar);
to make other requests after user successfully signed in.
The problem is that only one user can login(and call other requests) at the time, because there is only one cookie jar file. I could probably generate unique cookie files on proxy and access them somehow with each new request by each user. But that is a load on the server and definitely not a good idea.
So what I would like to do is to save a cookie that is received into variable instead of a file and then send this to user...
This didn't work for me unfortunately; I can probably manage to write my own regex but I am wondering if there is a possibility to directly save a cookie into variable with curl or do I have to parse headers manually? (I want to be able to feed CURLOPT_COOKIEFILE with cookie in variable rathen than cookie in file)
Lets try this with a single curl handle($ch):
Making my first request:
$url= "http://www.google.com";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt ($ch, CURLOPT_COOKIEJAR, '-'); // <-- see here
$result = curl_exec($ch);
// remember i didn't close the curl yet!
Now make another curl request with the same handle:
$url= "http://www.google.com";
curl_setopt($ch, CURLOPT_URL,$url);
$result = curl_exec($ch);
// if you are done, you can close it.
curl_close($ch);
In this example, I have used the - for the cookiejar. Which means it will not use any file. So during second curl request, it will use the cookiejar of previous call.
One problem: It will print the cookie jar values into std-output.
I have got this code:
public function get_thead_page($cookie=null) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this->url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_COOKIEFILE,'');
if($cookie) curl_setopt($ch, CURLOPT_COOKIE, $cookie);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
Now I dont want to use my cookie value, but I want the browser to handle it for me. I wan tthe request to behave as if it was given by the browser.
So I want to the cookie to be loaded with the request instead of providing a value...
There is that value..
curl_setopt($ch, CURLOPT_COOKIEFILE,'');
which asks for the cookie file location...but I dont want to specify the location, I want the request to be sent with a cookie being loaded somehow without specifying the path on the system..
Is there any solution?
The browser can't do that. CURLOPT_COOKIEFILE refers to a server-side file which the browser have no access.
You're the one who made this app. It's to you to choose the cookie's location when you create it.
I've got NTLM (Active Directory) based service, and I need to write a PHP application. Normally, users are logging in to website with Activre Directory credentials, and it's ok.
But what I want to do, is to let them type in their credentials to PHP-written site, which in next step will use cURL to authenticate users to that Active Directory based site where they normally log in.
And this part is hard. I need then to keep session of users that through PHP cURL script authenticated to Active Directory based site in order to use them again later
(CRON querying site to determine that it has changed and automatically do some operations when this happens, which normally user has do manually).
In order to NOT store their credentials to authenticate again when this change happens, I somehow need to store NTLM session in PHP cURL site to every user that authenticated to
that site through this PHP cURL site.
My question is: Is that even possible?
Thanks in advance.
#Willem Mulder
The code you've posted actually does cookie-storing, but that is not my point becouse I've already done that (sorry for not writing it before). What I got so far is:
$cookie_file_path = dirname(__FILE__) . '/cookies.txt';
$ch = curl_init();
//==========================================================================
curl_setopt($ch, CURLOPT_USERPWD, $username. ':' . $password);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
curl_setopt($ch, CURLOPT_FAILONERROR, 0);
curl_setopt($ch, CURLOPT_MAXREDIRS, 100);
//==========================================================================
$ret = curl_exec($ch);
By using options CURLOPT_COOKIEFILE and CURLOPT_COOKIEJAR, cURL does the cookie storing in local file "cookies.txt". The problem is, that when I comment CURLOPT_USERPWD option (after authenticating and storing cookie, so theoretically I have session), I cannot authorize to website. Perhaps it reinitializes NTLM Handshake authorisation and is expecting username and password, which I don't want to store.
I want to store session info only, to provide service this session info and omit second authentication, but cURL seems to not take this data from cookie file, and REWRITES it with not relevant data send to me from service as response to NOT AUTHRORISED access request.
Well, yes you could
$ch = curl_init('http://www.google.com/');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
// Get headers too with this line
curl_setopt($ch, CURLOPT_HEADER, 1);
$result = curl_exec($ch);
// Get cookie
preg_match('/^Set-Cookie:\s*([^;]*)/mi', $result, $m);
var_dump(parse_url($m[1]));
// And then of course store it somewhere :-)
As seen here how to get the cookies from a php curl into a variable