How to manage a simple PHP session using C++ cURL (libcurl)

Question

I'm writing a C++ client which is using libcurl for communicating with a PHP script.

The communication should be session based, and thus the first task is to login and make the PHP script set up a session.

I'm not used to working with sessions either from C++ or PHP. I basically know that it has to do with cookies and communicating session id.

I can't find any example on the curl homepage which demonstrates a simple session management use case.

I'm assuming it has something to do with one or many of the following options in curl:

CURLOPT_COOKIE
CURLOPT_COOKIEFILE
CURLOPT_COOKIEJAR
CURLOPT_COOKIESESSION
CURLOPT_COOKIELIST

But I can't really see the big picture just from the documentation of CURLOPT_COOKIESESSION for instance.

Anybody who has done this, please share a simple piece of code which shows the concept.

Regards

Robert

Answer 1

As far as I understand it, CURL will handle session cookies automatically for you if you enable cookies, as long as you reuse your CURL handle for each request in the session:

CURL *Handle = curl_easy_init();

// Read cookies from a previous session, as stored in MyCookieFileName.
curl_easy_setopt( Handle, CURLOPT_COOKIEFILE, MyCookieFileName );
// Save cookies from *this* session in MyCookieFileName
curl_easy_setopt( Handle, CURLOPT_COOKIEJAR, MyCookieFileName );

curl_easy_setopt( Handle, CURLOPT_URL, MyLoginPageUrl );
assert( curl_easy_perform( Handle ) == CURLE_OK );

curl_easy_setopt( Handle, CURLOPT_URL, MyActionPageUrl );
assert( curl_easy_perform( Handle ) == CURLE_OK );

// The cookies are actually saved here.
curl_easy_cleanup( Handle );

I'm not positive that you need to set both COOKIEFILE and COOKIEJAR, but the documentation makes it seem that way. In any case, you have to set one of the two in order to enable cookies at all in CURL. You can do something as simple as:

curl_easy_setopt( Handle, CURLOPT_COOKIEFILE, "" );

That won't read any cookies from disk, but it will enable session cookies for the duration of the curl handle.

Answer 2

I have an example for command line curl in bash - logging in to PHPMyAdmin and then using its export function. Maybe it will help you:

#!/bin/bash

PHPMYADMINURL="http://www.example.com/phpmyadmin/"

# Username and password, has to be URL-encoded
MYUSERNAME="username"
MYPASSWORD="password"

TMPCOOKIES="$(mktemp)" || exit 1

TOKEN=$(
        curl \
                --silent \
                --show-error \
                --data @- \
                --data "lang=en-utf-8" \
                --cookie-jar "$TMPCOOKIES" \
                --dump-header - \
                --url "$PHPMYADMINURL" \
                <<< "pma_username=$MYUSERNAME&pma_password=$MYPASSWORD" \
                | egrep 'token=[0-9a-h]+' \
                | head -1 \
                | sed -r 's/^(.*token=)([0-9a-h]+)(.*)/\2/' \
        ) || exit 1

curl \
       --cookie "$TMPCOOKIES" \
       --data "token=$TOKEN" \
       --data "export_type=server" \
       --data "what=sql" \
       --data "asfile=sendit" \
       --data "sql_data=something" \
       --data "sql_columns=something" \
       --data "sql_hex_for_blob=something" \
       --data "compression=gzip" \
       --url "$PHPMYADMINURL"export.php 1>&2 || exit 1

rm -f "$TMPCOOKIES" || exit 1

PHPMyAdmin uses tokens besides cookies so the code is a little more complicated than normally needed.