Why PHP/Curl doesn't keep the cookie data for the session

Question

I am learning PHP Curl with Webbots, Spiders, and Screen Scrapers, 2nd Edition . The chapter about cookie authentication shows this code:

# Define target page 
$target = "http://www.WebbotsSpidersScreenScrapers.com/cookie_authentication/index.php";
# Define the login form data
$form_data="enter=Enter&username=webbot&password=sp1der3";
# Create the PHP/CURL session
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $target); // Define target site
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); // Return page in string
curl_setopt($ch, CURLOPT_COOKIEJAR, "cookies.txt"); // Tell PHP/CURL where to write cookies
curl_setopt($ch, CURLOPT_COOKIEFILE, "cookies.txt"); // Tell PHP/CURL which cookies to send
curl_setopt($ch, CURLOPT_POST, TRUE); 
curl_setopt($ch, CURLOPT_POSTFIELDS, $form_data);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE); // Follow redirects
# Execute the PHP/CURL session and echo the downloaded page
$page = curl_exec($ch);
echo $page; 
# Close the PHP/CURL session
curl_close($ch);

when I get log in the test website using the web browser, I get the message "Your login is good for another 3600 seconds" and whenever I reload the page I see the time goes down (which is a completely normal behaviour since the server recognize the session number and handle everything that goes with it, including the time before). Now when I run the example code (listed above), the authenticate value keeps changing every time I run the script. My guess is because of the curl_setopt($ch, CURLOPT_COOKIEJAR, "cookies.txt"); instruction. But here is the think: even if I comment that line which by the way prevent the script to change the cookie, The script still get the "same" response from the server (the login is still good for 3600 - 3599 secs). Can this be solved in some way?

Answer 1

Your problem, is that you are not using cookie sessions with curl.

Try setting cookie sessions like that:

curl_setopt( $ch, CURLOPT_COOKIESESSION, true );

Working example:

function getSessionTime($answer) {

    $parts      = explode('<font color="red">', $answer);
    $bottomPart = $parts[1];
    $parts      = explode('</font>', $bottomPart);
    $result     = $parts[0];

    return $result;
}

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://www.WebbotsSpidersScreenScrapers.com/cookie_authentication/index.php');
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/32.0.1700.107 Chrome/32.0.1700.107 Safari/537.36');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, "enter=Enter&username=webbot&password=sp1der3");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie-name'); //could be empty, but cause problems on some hosts
curl_setopt($ch, CURLOPT_COOKIEFILE, '/var/www/ip4.x/file/tmp'); //could be empty, but cause problems on some hosts

echo getSessionTime(curl_exec($ch));
sleep(1);
echo getSessionTime(curl_exec($ch));
sleep(1);
echo getSessionTime(curl_exec($ch));
sleep(1);
echo getSessionTime(curl_exec($ch));
sleep(1);
echo getSessionTime(curl_exec($ch));
sleep(1);
echo getSessionTime(curl_exec($ch));

Output:

<br>
Your login is good for another 3600 seconds
<br>
Your login is good for another 3599 seconds
<br>
Your login is good for another 3597 seconds
<br>
Your login is good for another 3596 seconds
<br>
Your login is good for another 3595 seconds
<br>
Your login is good for another 3594 seconds