使用cURL设置cookie
[英]Set cookie using cURL
问题描述
I'm building a login system in php where I need to use credentials from another website, I'm using an API to login to another server and I'm doing it using cURL. 
我正在用php构建一个登录系统,我需要使用其他网站的凭据,正在使用API登录到另一台服务器,并使用cURL进行登录。 The server where the login credentials are stored does create a cookie with a unique tolken after the user has logged in correctly and this cookie is important to view other webpages and interrogate this pages using other APIs. 在用户正确登录后,存储登录凭据的服务器确实会创建一个带有唯一tolken的cookie,并且该cookie对于查看其他网页和使用其他API审阅该页面很重要。 This is what I've done so far and it seems to work fine, in the login controller php file I've got this code 这是我到目前为止所做的,并且似乎工作正常,在登录控制器php文件中,我已获得此代码
$km_username = filter_var($_POST['userName'], FILTER_SANITIZE_STRING);
$km_user_password = $_POST['userPassword'];
$cookieFile = "cookies.txt";
if(!file_exists($cookieFile)) {
$fh = fopen($cookieFile, "w");
fwrite($fh, "");
fclose($fh);
}
$url = 'https://www.apiwebsite.com/api/login.jsp?';
$fields = array(
'userid' => $km_username,
'password' => $km_user_password
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($fields));
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookieFile); // Cookie aware
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookieFile); // Cookie aware
$content = curl_exec($ch);
curl_close($ch);
In the page where I want to interrogate the server to get other datas I've got 在我要询问服务器以获取其他数据的页面中
$dates = array(
'd_inizio' => '01/01/2017',
'd_fine' => '31/12/2017'
);
$url = "https://www.apiwebsite.com/api/ricevute.jsp?";
$cookie = "../../km-controllers/cookies.txt";
$ch = curl_init ($url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($dates));
curl_setopt ($ch, CURLOPT_COOKIEFILE, $cookie);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
$output = curl_exec ($ch);
So basically after user has logged into the website cURL saves a cookie txt file into my server and this allows me to use that file any other time i want to make another call using for example a different api 因此,基本上,在用户登录网站后,cURL将cookie txt文件保存到我的服务器中,这使我可以在其他任何时间使用其他API(例如使用不同的api)进行调用时使用该文件
Now the question is: what happen if I've got more than one user logging into the system? 现在的问题是:如果我有多个用户登录系统,该怎么办? Do I need to create x number of cookies according on how many users log into the system? 我是否需要根据登录系统的用户数创建x个cookie? Would it not be simpler to save the cookie into the user's browser? 将cookie保存到用户的浏览器中会更简单吗?
1 个解决方案
解决方案1
1 已采纳 2018-10-02 17:49:02
Yes, you should use a different file for each client. 是的,您应该为每个客户端使用不同的文件。 What you can do is use tempnam() to generate a unique filename for the client, and save this in a session variable, then use it as the cookie jar. 您可以做的是使用tempnam()为客户端生成一个唯一的文件名,并将其保存在会话变量中,然后将其用作cookie jar。 The login controller can do this: 登录控制器可以执行以下操作:
session_start();
if (!isset($_SESSION['cookiefile'])) {
$cookiefile = tempnam(".", "cookie");
$_SESSION['cookiefile'] = basename($cookiefile);
}
And then the later page can use 然后下一页可以使用
$cookie = "../../km-controllers/" . $_SESSION['cookiefile'];
When the user logs out, you should delete this file and remove the session variable. 用户注销后,应删除该文件并删除会话变量。
There's nothing that will automatically pass the cookies through from the curl session to the client browser or vice versa. 没有什么可以自动将cookie从curl会话传递到客户端浏览器,反之亦然。 If you don't want to save the cookies in a file, you can use curl_getinfo($ch, CURLINFO_COOKIELIST) to get the cookies, but you'll then have to parse the info yourself, and later use CURLOPT_COOKIE to set each cookie when making future calls. 如果您不希望将cookie保存到文件中,则可以使用curl_getinfo($ch, CURLINFO_COOKIELIST)获取cookie,但是随后您必须自己解析信息,然后使用CURLOPT_COOKIE来设置每个cookie。打未来的电话。 The cookie file automates all this. Cookie文件可自动执行所有操作。
Full code for login controller. 登录控制器的完整代码。
session_start(); // This needs to be at the very beginning of your script, before anything that produces output
//...
$km_username = filter_var($_POST['userName'], FILTER_SANITIZE_STRING);
$km_user_password = $_POST['userPassword'];
if (!isset($_SESSION['cookiefile'])) {
$cookieFile = tempnam(".", "cookie");
$_SESSION['cookiefile'] = basename($cookiefile);
file_put_contents($cookieFile, "");
}
$cookieFile = $_SESSION['cookiefile'];
$url = 'https://www.apiwebsite.com/api/login.jsp?';
$fields = array(
'userid' => $km_username,
'password' => $km_user_password
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($fields));
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookieFile); // Cookie aware
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookieFile); // Cookie aware
$content = curl_exec($ch);
curl_close($ch);
And the later interrogator: 和后来的询问者:
session_start(); // at very beginning
// ...
$dates = array(
'd_inizio' => '01/01/2017',
'd_fine' => '31/12/2017'
);
$url = "https://www.apiwebsite.com/api/ricevute.jsp?";
if (!isset($_SESSION['cookiefile'])) {
die("no cookie file");
}
$cookie = "../../km-controllers/" . $_SESSION['cookiefile'];
$ch = curl_init ($url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($dates));
curl_setopt ($ch, CURLOPT_COOKIEFILE, $cookie);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
$output = curl_exec ($ch);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.