Session cookies and curl in PHP
posted on: 2010-08-13 21:29:33
This is a quick example of how to use curl in PHP to send login information via POST using CURLOPT_POSTFIELDS to a webserver and the use the CURLOPT_COOKIEJAR and CURLOPT_COOKIEFILE store and re-send the cookie upon each subsequent request.
The curl library support available in PHP give us access to libcurl. libcurl is incredibly useful giving developers the ability to connect to servers using many different protocols including http, https, ftp, telnet, gopher......
libcurl is also relatively feature rich. We will need to use some of these features in order to create a curl session that will handle cookies for us.
You may need to install the libcurl packages if you don't already have them. I am using a debian based system, your package names and package management tool may vary.
sudo apt-get install php5-curl curl
I use the tempnam function to create a temporary file in which to store cookie information. The function curl_setopt is needed to set the properties of the curl handle. The CURLOPT_COOKIEJAR option is used to register the file you will be using to store the cookie. Upon each subsequent request, you will need to set the CURLOPT_COOKIEFILE with the same file name.
I will also set the CURLOPT_POSTFIELDS option. This option lets you specify an array of form values that you wish to post. This is the array that you would expect to see server side within the $_POST variable.
$tmp_fname = tempnam("/tmp", "COOKIE");
$curl_handle = curl_init ("http://server.com/restricted/login.php");
curl_setopt ($curl_handle, CURLOPT_COOKIEJAR, $tmp_fname);
curl_setopt ($curl_handle, CURLOPT_RETURNTRANSFER, true);
$post_array = array('username' => 'user1', 'password' => '*********');
curl_setopt($curl_handle, CURLOPT_POSTFIELDS, $post_array);
$output = curl_exec ($curl_handle);
$curl_handle = curl_init ("http://server.com/restricted/some_page.php");
curl_setopt ($curl_handle, CURLOPT_COOKIEFILE, $tmp_fname);
curl_setopt ($curl_handle, CURLOPT_RETURNTRANSFER, true);
$output = curl_exec ($curl_handle);
echo $output;
At the end of the script I just echo out the repsone from the second request where in reality you would want to process the returned data. This functionality leaves the door open for lots of scraping mayhem. Be good and Take care.