stackoom
  简体   繁体   中英

Set cookie using cURL

 原文  2018-10-02 17:31:58       php/ curl/ cookies

Question

I'm building a login system in php where I need to use credentials from another website, I'm using an API to login to another server and I'm doing it using cURL. The server where the login credentials are stored does create a cookie with a unique tolken after the user has logged in correctly and this cookie is important to view other webpages and interrogate this pages using other APIs. This is what I've done so far and it seems to work fine, in the login controller php file I've got this code 

$km_username = filter_var($_POST['userName'], FILTER_SANITIZE_STRING);
$km_user_password = $_POST['userPassword'];

$cookieFile = "cookies.txt";
if(!file_exists($cookieFile)) {
    $fh = fopen($cookieFile, "w");
    fwrite($fh, "");
    fclose($fh);
}

$url = 'https://www.apiwebsite.com/api/login.jsp?';

$fields = array(
    'userid' => $km_username,
    'password' => $km_user_password
);

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($fields));
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookieFile); // Cookie aware
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookieFile); // Cookie aware
$content = curl_exec($ch);
curl_close($ch);

In the page where I want to interrogate the server to get other datas I've got 

$dates = array(
    'd_inizio' => '01/01/2017',
    'd_fine' => '31/12/2017'
);

$url = "https://www.apiwebsite.com/api/ricevute.jsp?";
$cookie = "../../km-controllers/cookies.txt";

$ch = curl_init ($url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($dates));
curl_setopt ($ch, CURLOPT_COOKIEFILE, $cookie); 
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
$output = curl_exec ($ch);

So basically after user has logged into the website cURL saves a cookie txt file into my server and this allows me to use that file any other time i want to make another call using for example a different api

Now the question is: what happen if I've got more than one user logging into the system? Do I need to create x number of cookies according on how many users log into the system? Would it not be simpler to save the cookie into the user's browser?

1 answers

solution1
 1 ACCPTED  2018-10-02 17:49:02

Yes, you should use a different file for each client. What you can do is use tempnam() to generate a unique filename for the client, and save this in a session variable, then use it as the cookie jar. The login controller can do this: 

session_start();
if (!isset($_SESSION['cookiefile'])) {
    $cookiefile = tempnam(".", "cookie");
    $_SESSION['cookiefile'] = basename($cookiefile);
}

And then the later page can use 

$cookie = "../../km-controllers/" . $_SESSION['cookiefile'];

When the user logs out, you should delete this file and remove the session variable.

There's nothing that will automatically pass the cookies through from the curl session to the client browser or vice versa. If you don't want to save the cookies in a file, you can use curl_getinfo($ch, CURLINFO_COOKIELIST) to get the cookies, but you'll then have to parse the info yourself, and later use CURLOPT_COOKIE to set each cookie when making future calls. The cookie file automates all this.

Full code for login controller. 

session_start(); // This needs to be at the very beginning of your script, before anything that produces output
//...
$km_username = filter_var($_POST['userName'], FILTER_SANITIZE_STRING);
$km_user_password = $_POST['userPassword'];

if (!isset($_SESSION['cookiefile'])) {
    $cookieFile = tempnam(".", "cookie");
    $_SESSION['cookiefile'] = basename($cookiefile);
    file_put_contents($cookieFile, "");
}
$cookieFile = $_SESSION['cookiefile'];


$url = 'https://www.apiwebsite.com/api/login.jsp?';

$fields = array(
    'userid' => $km_username,
    'password' => $km_user_password
);

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($fields));
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookieFile); // Cookie aware
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookieFile); // Cookie aware
$content = curl_exec($ch);
curl_close($ch);

And the later interrogator: 

session_start(); // at very beginning
// ...

$dates = array(
    'd_inizio' => '01/01/2017',
    'd_fine' => '31/12/2017'
);

$url = "https://www.apiwebsite.com/api/ricevute.jsp?";
if (!isset($_SESSION['cookiefile'])) {
    die("no cookie file");
}
$cookie = "../../km-controllers/" . $_SESSION['cookiefile'];

$ch = curl_init ($url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($dates));
curl_setopt ($ch, CURLOPT_COOKIEFILE, $cookie); 
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
$output = curl_exec ($ch);

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question retrieve cookie using curl, and set that cookie to user Using php cURL to set a cookie on a subdomain curl no cookie set, no cookie save Unable to set the cookie in curl Passing cookie using cURL Unable to set Cookie in curl Request set cookie throw curl request Is it possible to set the cookie content with CURL? using curl and storing cookie as a variable Passing a cookie using cURL to a website
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM