Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PHP, cURL and Session Cookies

Status
Not open for further replies.
disord3r

disord3r

Programmer
Apr 12, 2002
189
0
0
US
I suppose this has more to do with cURL than it does PHP, but I couldn't find a forum for cURL, so here goes...

I'm attempting to create a script that will POST a form to a remote server through cURL, essentially mimicing the action of a user filling out the form through their browser. I setup a test web server and am able to post forms to it fine (read data from a text file [one line per customer, pipe-separated fields], break each line into an array, use the array elements as the POST data), but now I am at the point where I switch away from my test server to the actual server.

The actual server uses a login form with what I'm assuming to be session cookies. The first time you visit the page, you redirected through a login form. If you attempt to POST the form without going through the login form, you get a message saying you're not logged in. Since this isn't an IE dialog asking for your username and password, I can't send the username and password along in the headers.

The reason I believe this is a session cookie is because I don't see a cookie file appear on my system from this domain, and as soon as I close the browser and go back to the server, I'm forced to log in again.

What I need to do is find out: first, if this is indeed a session cookie, then how to read the data, and finally how to send that uid/pw combo along with the mimiced form so the remote server believes I actually did go through the login form.

I do have a valid username/password combo for this server, so I'm not trying to hack into anything. I just hope to automate a process of filling out a standard HTTP form that is normally submitted hundreds of times per day. It would be nice if I can just dump a text file to the client script which parses and submits everything nearly instantly, versus spending upwards of 2 hours a day doing it all by hand.

Any help would be greatly appreciated!

/<
 
Sort by date Sort by votes
Just to test it out, I modified my script to first login by POSTing the necessary items to the login page, and then (within the same php script) attempt to POST the form that was read in from the text file. The first transaction finished fine (received a "Thank you for logging in" confirmation page), but the second transaction produced a "You are not logged in" page, as expected.

Even though the transactions happen within the same PHP script, the cURL executions are treated as separate sessions, so the login information does not persist between them. If I were able to bridge that one little gap, I'd be all set. :)


/<
 
Upvote 0 Downvote
I would do the following:

1. Establish a session with the server by posting to the LOGIN form with cURL. (You figured out how to post, eh?)

2. Look at the cookie that is returned from the sucessful login, there's probably somewhere a session ID. Save it and send it with the POST request to the next page.

 
Upvote 0 Downvote
DRJ: I am able to successfully login. The result of my first curl_exec show the login conformation page. The sessionid, and all other session variables, are written out to a file using cURLs cookiejar option, so I know that's going fine.

I then attempt to do another curl_init/curl_exec using the same cookiejar, expecting it to just magically pass the sessionid back to the 2nd page, but it's still telling me that I'm not logged in. I'm guessing the section init/exec isn't being treated as the same session, thusly invalidating everything in the cookiejar.

(I also tried doing 2 separate curl_exec()s from the same curl_init, thinking this might equate to a single browser session, and that produced some unexpected results. That was also before I found out about the cookiejar, so I might go back and try to combine both.)

Your suggestion (item #2) to save the session ID and send it with the 2nd POST is interesting. I wasn't aware that was how session variables worked, but I'm willing to give it a shot.

Thanks!!
 
Upvote 0 Downvote
Heya

you might wanna dig into the curl docs more deeply. I've used Curl in similar operation to the one you describe, and I remember that there existed a "cookiejar" option and a "cookiefile" option as well - my guess is that you can collect the cookie sent to you by the login operation and then have it manually added as an HTTP header in the POST operation.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SashaBuilder3
  • Locked
  • Question
import CSV file into MySql table in PhpMyAdmin
Replies
0
Views
120
SashaBuilder3
SashaBuilder3
PeDa
  • Locked
  • Question
Unwanted spaces in php HTML mail 1
Replies
4
Views
108
PeDa
PeDa
Mandy_crw
  • Locked
  • Question
How to send sms in PHP using usb gsm modem?
Replies
1
Views
121
vishvajit
vishvajit
lflynnlrf
  • Locked
  • Question
wordpress/ shortcode/ PHP duplicating code
Replies
1
Views
67
spamjim
spamjim
cmayo
  • Locked
  • Question
Is PHP/PEAR MDB2 dead? Which PHP abstraction layer should I use?
Replies
1
Views
52
spamjim
spamjim

Part and Inventory Search

Sponsor

Back
Top