Keeping session alive with Curl and PHP

Question

I m trying to connect to an API  authenticate a user and then view the user details  This is accomplished by first accessing the login endpoint at  http   api example com login  lt username gt   lt password gt    to log in and then the following to view user details   http   api example com user    This all works in a web browser  However  once I try to use Curl  the login works fine  but when attempting to view user details  I get back a 401  unauthorized error  I believe this is because Curl isn t saving the session cookies properly  Can someone point out why it isn t working and how to fix it  I ve tried searching stack exchange  however  none of the solutions I ve tried have worked for my situation  The code I m using to curl the endpoints is shown below  Thanks   define  COOKIE FILE    cookie txt        Login the user  ch   curl init  http   api example com login joe smith    curl setopt   ch  CURLOPT COOKIEJAR  COOKIE FILE    curl setopt   ch  CURLOPT RETURNTRANSFER  true   curl setopt  ch  CURLOPT HEADER  true   echo curl exec   ch       Read the session saved in the cookie file echo   lt br  gt  lt br  gt     file   fopen  cookie txt    r    echo fread  file  100000000      echo   lt br  gt  lt br  gt        Get the users details  ch   curl init  http   api example com user    curl setopt   ch  CURLOPT COOKIEJAR  COOKIE FILE    curl setopt   ch  CURLOPT RETURNTRANSFER  true   curl setopt  ch  CURLOPT HEADER  true   echo curl exec   ch     This code will output   HTTP 1 1 200 OK Date  Mon  22 Oct 2012 21 23 57 GMT Server  LiteSpeed Connection  close X-Powered-By  PHP 5 3 14 Set-Cookie  cfapi f481129c9616b8f69cc36afe16466545  path   Expires  Thu  19 Nov 1981 08 52 00 GMT Cache-Control  no-store  no-cache  must-revalidate  post-check 0  pre-check 0 Pragma  no-cache Content-Type  application json X-Powered-By  CFWAPI 0 1a Content-Length  46   status  200  msg   Successfully Logged In       Netscape HTTP Cookie File   http   curl haxx se rfc cookie spec html   This file was generated by libcurl  Edit at your own risk  api example com FALSE       FALSE   0   cfapi 94f63b07ccf7e34358c1c922341c020f   HTTP 1 1 401 Unauthorized Date  Mon  22 Oct 2012 21 23 57 GMT Server  LiteSpeed Connection  close X-Powered-By  PHP 5 3 14 Set-Cookie  cfapi a8eb015a7c423dde95aa01579c4729a4  path   Expires  Thu  19 Nov 1981 08 52 00 GMT Cache-Control  no-store  no-cache  must-revalidate  post-check 0  pre-check 0 Pragma  no-cache Content-Type  application json X-Powered-By  CFWAPI 0 1a Content-Length  49   status  401   msg   You need to login first

User · Answer

Yup  often called a  cookie jar   Google should provide many examples   http   devzone zend com 16 php-101-part-10-a-session-in-the-cookie-jar   http   curl haxx se libcurl php examples cookiejar html  lt - good example IMHO  Copying that last one here so it does not go away        Login to on one page and then get another page passing all cookies from the first page along Written by Mitchell    lt  php    This script is an example of using curl in php to log into on one page and  then get another page passing all cookies from the first page along with you  If this script was a bit more advanced it might trick the server into  thinking its netscape and even pass a fake referer  yo look like it surfed  from a local page       ch   curl init    curl setopt  ch  CURLOPT COOKIEJAR    tmp cookieFileName    curl setopt  ch  CURLOPT URL  http   www myterminal com checkpwd asp    curl setopt  ch  CURLOPT POST  1   curl setopt  ch  CURLOPT POSTFIELDS   UserID username amp password passwd     ob start            prevent any output curl exec   ch      execute the curl command ob end clean        stop preventing output  curl close   ch   unset  ch     ch   curl init    curl setopt  ch  CURLOPT RETURNTRANSFER 1   curl setopt  ch  CURLOPT COOKIEFILE    tmp cookieFileName    curl setopt  ch  CURLOPT URL  http   www myterminal com list asp      buf2   curl exec   ch    curl close   ch    echo   lt PRE gt   htmlentities  buf2     gt

User · Answer

You also need to set the option CURLOPT COOKIEFILE   The manual describes this as     The name of the file containing the cookie data  The cookie file can   be in Netscape format  or just plain HTTP-style headers dumped into a   file  If the name is an empty string  no cookies are loaded  but   cookie handling is still enabled    Since you are using the cookie jar you end up saving the cookies when the requests finish  but since the CURLOPT COOKIEFILE is not given  cURL isn t sending any of the saved cookies on subsequent requests

User · Answer

This is how you do CURL with sessions    initial request with login data   ch   curl init    curl setopt  ch  CURLOPT URL   http   www example com login php    curl setopt  ch  CURLOPT USERAGENT  Mozilla 5 0  X11  Linux x86 64  AppleWebKit 537 36  KHTML  like Gecko  Ubuntu Chromium 32 0 1700 107 Chrome 32 0 1700 107 Safari 537 36    curl setopt  ch  CURLOPT POST  true   curl setopt  ch  CURLOPT POSTFIELDS   username XXXXX amp password XXXXX    curl setopt  ch  CURLOPT RETURNTRANSFER  true   curl setopt  ch  CURLOPT COOKIESESSION  true   curl setopt  ch  CURLOPT COOKIEJAR   cookie-name       could be empty  but cause problems on some hosts curl setopt  ch  CURLOPT COOKIEFILE    var www ip4 x file tmp       could be empty  but cause problems on some hosts  answer   curl exec  ch   if  curl error  ch         echo curl error  ch        another request preserving the session  curl setopt  ch  CURLOPT URL   http   www example com profile    curl setopt  ch  CURLOPT POST  false   curl setopt  ch  CURLOPT POSTFIELDS        answer   curl exec  ch   if  curl error  ch         echo curl error  ch       I ve seen this on ImpressPages

User · Answer

You have correctly used  CURLOPT COOKIEJAR   writing  but you also need to set  CURLOPT COOKIEFILE   reading   curl setopt   ch  CURLOPT COOKIEJAR  COOKIE FILE    curl setopt   ch  CURLOPT COOKIEFILE  COOKIE FILE

[php] Keeping session alive with Curl and PHP

Examples related to php

Examples related to session

Examples related to curl