So I have a script that gets passed a URL as a get param, and consequently tries to write the contents of that page to a file. On non-authenticated pages, it works fine, but it breaks when I try to use it on pages that require authentication.
Specifically, these are pages that I have already logged in to, so I assumed making a standard cURL request with all my currently set cookies would work, but it doesn't. Initially, I receive a 302 response, but if I set 'FOLLOWLOCATION' to true, I end up at the site's log-in page instead of the page I wanted.
$client = curl_init();
//curl_setopt($client, CURLOPT_HEADER, true);
curl_setopt($client, CURLOPT_RETURNTRANSFER, true);
curl_setopt($client, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($client, CURLOPT_URL, $pageToLoad);
/* Supposedly libcurl loads all cookies auto-magically if you don't set CURL_COOKIESESSION
if (isset($_SERVER['HTTP_COOKIE'])) {
curl_setopt($client, CURLOPT_COOKIE, $_SERVER['HTTP_COOKIE']);
}
*/
$response = curl_exec($client);
curl_close($client);
I have the sinking feeling that I'll need to set a cookiejar file for this to work ('sinking', because my script doesn't have write permissions on the dev server), but what are your thoughts?
EDIT:
So, being sort of an idiot, turns out I do have some write access... anyway, made a temp folder in my home directory, where I've verified my script can write:
$fname = '/home/temp/cookies.txt';
if( $save = fopen($fname, 'w') ) {
fwrite($save, 'testing');
}
Run the script, and low and behold, 'testing' shows up on line one.
I've added the following 2 lines to my cURL request:
curl_setopt($ch, CURLOPT_COOKIEJAR, '/home/temp/cookies.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, '/home/temp/cookies.txt');
And nothing has changed in my scenario. The cookies.txt file still just says 'testing' and doesn't have any cookies stored in it, nor does the 'last access' time change, which to me means these lines aren't doing anything.
Any further thoughts? I'm kinda stumped :\
Yes, you'll need both the CURLOPT_COOKIEFILE and CURLOPT_COOKIEJAR options set. the 'file' version is where to load cookies from. the jar is where cookies should be saved when the curl object is terminated. They can be the same file.
If you don't have write permissions on the server to create an actual file (very odd if you didn't have at least write perms on /tmp or equivalent), you can use a memory file using the php://memory wrapper.
Here's my beloved pattern for tasks like this:
$loginUrl = 'http://www.remote_site.de/login.php';
$loginFields = array('username' => 'username', 'password' => 'password');
getUrl($loginUrl, 'post', $loginFields);
//now you're logged in and a session cookie was generated
$remote_page_content = getUrl('http://www.remote_site.de/some_page.php');
function getUrl($url, $method='', $vars='') {
$ch = curl_init();
if ($method == 'post') {
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $vars);
}
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookies.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookies.txt');
$buffer = curl_exec($ch);
curl_close($ch);
return $buffer;
}
So I took out the raw cURL code I had and copied in some Zend specific code from a different project, and that seemed to work for the most part (not really sure why...). The only other problems I've run into deal with CoSign (http://cosign.sourceforge.net/) and using proxy cookies. Thanks to those who offered answers!
Related
Im trying to set a cookie through PHP CURL for more than twenty four hour for no avail.
Before i have been setting cookies in my browser by adding them as parameters in a url as shown below
http://localhost/setc.php?userid=123&panelid=1
but now i need to set the cookie when i run a script(setcookie.php)
below is the latest of various types of code that i tried.
setcookie.php
$c = curl_init('http://localhost/atst.php?userid=628929&panelid=1');
curl_setopt($c, CURLOPT_VERBOSE, 1);
curl_setopt($c, CURLOPT_COOKIE, 'userid=123; panelid=1');
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
$page = curl_exec($c);
curl_close($c);
it still does not create the cookie, can anybody help out
P.S : if you guys too cant figure this out at least give me a hint/guide on how to set a simple cookie without any complications
The cookiejar is only saved when you close the curl handle using curl_close($ch).
From the manual:
CURLOPT_COOKIEFILE The name of the file containing the cookie data. The cookie file can be in Netscape format, or just plain HTTP-style headers dumped into a file. If the name is an empty string, no cookies are loaded, but cookie handling is still enabled.
CURLOPT_COOKIEJAR The name of a file to save all internal cookies to when the handle is closed, e.g. after a call to curl_close.
http://www.php.net/manual/en/function.curl-setopt.php
$ckfile = tempnam ("/tmp/", "CURLCOOKIE");
$BASEURL='http://localhost/openx/www/api/json/index.php/main/authenticate/';
$POSTFIELDS='username='.$username.'&password='.$password.'';
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_COOKIEJAR, "/tmp/cookieFileName");
curl_setopt($ch, CURLOPT_URL,'http://localhost/openx/www/api/json/index.php/main/authenticate/');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $POSTFIELDS);
ob_start(); // prevent any output
$result=curl_exec ($ch); // execute the curl command
ob_end_clean(); // stop preventing output
$result = curl_exec($ch);
curl_close($ch);
I have got this code:
public function get_thead_page($cookie=null) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this->url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_COOKIEFILE,'');
if($cookie) curl_setopt($ch, CURLOPT_COOKIE, $cookie);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
Now I dont want to use my cookie value, but I want the browser to handle it for me. I wan tthe request to behave as if it was given by the browser.
So I want to the cookie to be loaded with the request instead of providing a value...
There is that value..
curl_setopt($ch, CURLOPT_COOKIEFILE,'');
which asks for the cookie file location...but I dont want to specify the location, I want the request to be sent with a cookie being loaded somehow without specifying the path on the system..
Is there any solution?
The browser can't do that. CURLOPT_COOKIEFILE refers to a server-side file which the browser have no access.
You're the one who made this app. It's to you to choose the cookie's location when you create it.
I have a cURL script that is sending login info to a script.
//open connection
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url;
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields1);
//execute post
$result = curl_exec($ch);
//close connection
curl_close($ch);
//open connection
The script has a setcookie function.
setcookie("cookie_email",$email,time()+(3600*24*$i),"/");
setcookie("cookie_password",$password,time()+(3600*24*$i),"/");
When I login to the form using the form everything works as expected. For some reason when you run the cURL it's skipping the setcookies function.
I've been all over the net and I can't find a solution. I'm not sure why it's failing to set the cookies.
Any step in the right direction would be much appreciated.
Thanks,
Phil
UPDATE! - Getting Closer
Okay I have made some changes that grab cookies and put them into a cookie file. Two Issues I set.
1. The cookied password in the file reads: deleted
2. The cookies aren't being set in the browser.
How do I get the md5($password) into the file and how does:
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookies/cookies.txt');
set the cookies in the browser?
You must set the CURL_COOKIEJAR and CURL_COOKIEFILE options for curl to set where cookies should be stored and loaded from respectively.
EDIT: Your example rewritten:
//open connection
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url;
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields1);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookies/cookies.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookies/cookies.txt');
//execute post
$result = curl_exec($ch);
//close connection
curl_close($ch);
This assumes you have created a directory 'cookies/' and will save the cookies in a file called 'cookies.txt' (as long as your webserver can write to that directory, it will create the file itself)
Subsequent requests will then use any cookies stored in cookies.txt when sending their request (assuming you set the cookiefile for that request as well)
I'm trying to login to megaupload.com using cURL and PHP. What I want to do is login so I have premium access, and then download a file. This the code for my login method:
public function login()
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://www.megaupload.com/?c=login");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, "username={$this->username}&password={$this->password}&login=1");
curl_setopt($ch, CURLOPT_COOKIEJAR, "cookie.txt");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$store = curl_exec($ch);
curl_close ($ch);
}
And this is my index.php:
<?php
include_once("plugins/megaupload.class.php");
$megaupload = new Megaupload("username", "password");
$megaupload->login();
?>
But nothing seems to happen. When I run the script, cookie.txt isn't saved anywhere. I got the POST values from Firebug:
login=1&password=password&redir=1&username=username
This is what's being sent through the form when I log in using their site. And yeah, the username and password is correct.
Thanks for any help!
EDIT: Okay, it seems it is actually logging in as I can access my account page, which I wouldn't be able to unless I'm logged in. But that still doesn't solve where the cookie.txt file is being saved...
You need to make sure the directory where you're trying to store the cookie is world-writable.
Also, you should use an absolute path (setup a separate folder outside of your webroot, if you're able), and ensure proper permissions.
You should also set the CURLOPT_COOKIEFILE option:
url_setopt($ch, CURLOPT_COOKIEFILE, ABS_PATH_TO_COOKIE_TXT);
It might be this error:
http://www.renownedmedia.com/blog/php-curl-cookies-not-saving-on-windows/
It seems CURLOPT_COOKIEJAR option have some problems with relative urls. Try setting an absolute path:
curl_setopt($ch, CURLOPT_COOKIEJAR, realpath("cookie.txt"));
I'm doing some cURL work in php 5.3.0.
I'm wondering if there is any way to tell the curl handle/object to keep the cookies in memory (assuming I'm reusing the same handle for multiple requests), or to somehow return them and let me pass them back when making a new handle.
Theres this long accepted method for getting them in/out of the request:
curl_setopt($ch, CURLOPT_COOKIEJAR, $filename);
curl_setopt($ch, CURLOPT_COOKIEFILE, $filename);
But I'm hitting some scenarios where I need to be running multiple copies of a script out of the same directory, and they step on each others cookie files. Yes, I know I could use tempnam() and make sure each run has its own cookie file, but that leads me to my 2nd issue.
There is also the issue of having these cookie files on the disk at all. Disk I/O is slow and a bottle neck I'm sure. I dont want to have to deal with cleaning up the cookie file when the script is finished (if it even exits in a way that lets me clean it up).
Any ideas? Or is this just the way things are?
You can use the CURLOPT_COOKIEJAR option, and set the file to "/dev/null" for Linux / MacOS X or "NULL" for Windows. This will prevent the cookies from being written to disk, but it will keep them around in memory as long as you reuse the handle and don't call curl_easy_cleanup().
Unfortunately, I don't think you can use 'php://memory' as the input and output stream. The workaround is to parse the headers yourself. This can be done pretty easily. Here is an example of a page making two requests and passing the cookies yourself.
curl.php:
<?php
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, 'http://localhost/test.php?message=Hello!');
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false);
curl_setopt($curl, CURLOPT_HEADER, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
$data = curl_exec($curl);
curl_close($curl);
preg_match_all('|Set-Cookie: (.*);|U', $data, $matches);
$cookies = implode('; ', $matches[1]);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, 'http://localhost/test.php');
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false);
curl_setopt($curl, CURLOPT_HEADER, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_COOKIE, $cookies);
$data = curl_exec($curl);
echo $data;
?>
test.php:
<?php
session_start();
if(isset($_SESSION['message'])) {
echo $_SESSION['message'];
} else {
echo 'No message in session';
}
if(isset($_GET['message'])) {
$_SESSION['message'] = $_GET['message'];
}
?>
This will output 'Hello!' on the second request.
Just set CURLOPT_COOKIEFILE to a file that doesn't exist, usually an empty string is the best option. Then DON'T set CURLOPT_COOKIEJAR, this is the trick. This will prevent a file from being written but the cookies will stay in memory. I just tested this and it works (my test: send http auth data to a URL that redirects you to a login URL that authenticates the request, then redirects you back to the original URL with a cookie).
There is but it's completely unintuitive.
curl_setopt($curl, CURLOPT_COOKIEFILE, "");
For more details please see my answer in the comments
If using Linux, you could set these to point somewhere within /dev/shm .. this will keep them in memory and you can be assured that they won't persist across re-boots.
I somehow thought that Curl's cleanup handled the unlinking of cookies, but I could be mistaken.
What works for me is using this setting:
curl_setopt($ch, CURLOPT_HEADER, 1);
And then parsing the result. Details in this blog post where I found out how to do this.
And since that is old, here is a gist replacing deprecated functions.