how to maintain session in cURL in php?

Question

how can we maintain session in cURL?

i'am having a code the sends login details of a site and logs in successfully i need to get the session maintained at the site to continue.

here is my code that used to login to the site using cURL

  <?php  
        $socket = curl_init();
        curl_setopt($socket, CURLOPT_URL, "http://www.XXXXXXX.com");
    curl_setopt($socket, CURLOPT_REFERER, "http://www.XXXXXXX.com");
    curl_setopt($socket, CURLOPT_POST, true);
    curl_setopt($socket, CURLOPT_USERAGENT, $agent);
    curl_setopt($socket, CURLOPT_POSTFIELDS, "form_logusername=XXXXX&form_logpassword=XXXXX");
    curl_setopt($socket, CURLOPT_COOKIESESSION, true);
    curl_setopt($socket, CURLOPT_COOKIEJAR, "cookies.txt");
    curl_setopt($socket, CURLOPT_COOKIEFILE, "cookies.txt");
    $data = curl_exec($socket);
    curl_close($socket); 
   ?>

Answer 1

Here is the best way i found to do this link :

the text bellow is a 'remixed' version of the content of the blogpost :

 $useragent = $_SERVER['HTTP_USER_AGENT'];
 $strCookie = 'PHPSESSID=' . $_COOKIE['PHPSESSID'] . '; path=/';

session_write_close();

$ch = curl_init();
$ch = curl_init($rssFeedLink); 
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_USERAGENT, $useragent);
curl_setopt( $ch, CURLOPT_COOKIE, $strCookie );

$response = curl_exec($ch); 
curl_close($ch); 

What does session_write_close() do? It, ends the current session and store session data. Apparently, PHP does not like when multiple scripts play around with the session, so, it locks it. Putting session_write_close makes sure that your current session is stored so you can retrieve it and use it.

if you don't use session_write_close() a new session id will be generated instead of using the current session id.

Also PHPSESSID should be replaced by the name of the session variable. According to OWSAP recommandations it should be something more general like anId.

Sometimes you will need to send a user agent with the post so i included the CURLOPT_USERAGENT parameter.

Answer 2

This is how you do CURL with sessions

//initial request with login data

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://www.example.com/login.php');
curl_setopt($ch, CURLOPT_USERAGENT,'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/32.0.1700.107 Chrome/32.0.1700.107 Safari/537.36');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, "username=XXXXX&password=XXXXX");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie-name');  //could be empty, but cause problems on some hosts
curl_setopt($ch, CURLOPT_COOKIEFILE, '/var/www/ip4.x/file/tmp');  //could be empty, but cause problems on some hosts
$answer = curl_exec($ch);
if (curl_error($ch)) {
    echo curl_error($ch);
}

//another request preserving the session

curl_setopt($ch, CURLOPT_URL, 'http://www.example.com/profile');
curl_setopt($ch, CURLOPT_POST, false);
curl_setopt($ch, CURLOPT_POSTFIELDS, "");
$answer = curl_exec($ch);
if (curl_error($ch)) {
    echo curl_error($ch);
}

I've seen this on ImpressPages

Answer 3

Since you're referring to a cookies.txt file without any reference to a folder my first guess would be that you're trying to write to a file in a folder that isn't writable. So first check if you actually find a cookies.txt file and if it contains the session cookie(s) you would expect.