使用Curl和PHP保持会话
我试图连接到一个API,authentication一个用户,然后查看用户的详细信息。 这是通过首先访问login端点
http://api.example.com/login/<username>/<password>
login,然后再查看用户详细信息:
http://api.example.com/user/
这一切都可以在网页浏览器中使用。 但是,一旦我尝试使用curl,login工作正常,但是当试图查看用户的详细信息时,我得到一个401,未经授权的错误。 我相信这是因为Curl没有正确保存会话cookie? 有人能指出为什么它不工作,以及如何解决它? 我尝试过search堆栈交换,但是我所尝试的解决scheme没有一个适用于我的情况。 下面显示了我用来curl端点的代码。 谢谢!
define("COOKIE_FILE", "cookie.txt"); // Login the user $ch = curl_init('http://api.example.com/login/joe/smith'); curl_setopt ($ch, CURLOPT_COOKIEJAR, COOKIE_FILE); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_HEADER, true); echo curl_exec ($ch); // Read the session saved in the cookie file echo "<br/><br/>"; $file = fopen("cookie.txt", 'r'); echo fread($file, 100000000); echo "<br/><br/>"; // Get the users details $ch = curl_init('http://api.example.com/user'); curl_setopt ($ch, CURLOPT_COOKIEJAR, COOKIE_FILE); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_HEADER, true); echo curl_exec ($ch);
这段代码将输出:
HTTP/1.1 200 OK Date: Mon, 22 Oct 2012 21:23:57 GMT Server: LiteSpeed Connection: close X-Powered-By: PHP/5.3.14 Set-Cookie: cfapi=f481129c9616b8f69cc36afe16466545; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: application/json X-Powered-By: CFWAPI 0.1a Content-Length: 46 {"status":200,"msg":"Successfully Logged In."} # Netscape HTTP Cookie File # http://curl.haxx.se/rfc/cookie_spec.html # This file was generated by libcurl! Edit at your own risk. api.example.com FALSE / FALSE 0 cfapi 94f63b07ccf7e34358c1c922341c020f HTTP/1.1 401 Unauthorized Date: Mon, 22 Oct 2012 21:23:57 GMT Server: LiteSpeed Connection: close X-Powered-By: PHP/5.3.14 Set-Cookie: cfapi=a8eb015a7c423dde95aa01579c4729a4; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: application/json X-Powered-By: CFWAPI 0.1a Content-Length: 49 {"status":401, "msg":"You need to login first!"}
您还需要设置选项CURLOPT_COOKIEFILE
。
手册将其描述为
包含Cookie数据的文件的名称。 cookie文件可以是Netscape格式,也可以是简单的HTTP风格的头文件转储到文件中。 如果该名称是一个空string,则不加载cookie,但仍然启用cookie处理。
由于您使用cookie jar,当请求完成时,您最终将保存cookie,但由于未提供CURLOPT_COOKIEFILE
,因此cURL不会在随后的请求中发送任何已保存的cookie。
您已经正确使用“CURLOPT_COOKIEJAR”(书写),但是您还需要设置“CURLOPT_COOKIEFILE”(阅读)
curl_setopt ($ch, CURLOPT_COOKIEJAR, COOKIE_FILE); curl_setopt ($ch, CURLOPT_COOKIEFILE, COOKIE_FILE);
这是你怎么做CURL与会话
//initial request with login data $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'http://www.example.com/login.php'); curl_setopt($ch, CURLOPT_USERAGENT,'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/32.0.1700.107 Chrome/32.0.1700.107 Safari/537.36'); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, "username=XXXXX&password=XXXXX"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_COOKIESESSION, true); curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie-name'); //could be empty, but cause problems on some hosts curl_setopt($ch, CURLOPT_COOKIEFILE, '/var/www/ip4.x/file/tmp'); //could be empty, but cause problems on some hosts $answer = curl_exec($ch); if (curl_error($ch)) { echo curl_error($ch); } //another request preserving the session curl_setopt($ch, CURLOPT_URL, 'http://www.example.com/profile'); curl_setopt($ch, CURLOPT_POST, false); curl_setopt($ch, CURLOPT_POSTFIELDS, ""); $answer = curl_exec($ch); if (curl_error($ch)) { echo curl_error($ch); }
我在ImpressPages上看到过这个
是的,经常被称为“cookiesjar”Google应该提供很多例子:
http://devzone.zend.com/16/php-101-part-10-a-session-in-the-cookie-jar/
http://curl.haxx.se/libcurl/php/examples/cookiejar.html < – 很好的例子恕我直言
复制最后一个,所以它不会消失…
login到一个页面,然后从另一个页面将第一页的所有cookies传递给Mitchell
<?php /* This script is an example of using curl in php to log into on one page and then get another page passing all cookies from the first page along with you. If this script was a bit more advanced it might trick the server into thinking its netscape and even pass a fake referer, yo look like it surfed from a local page. */ $ch = curl_init(); curl_setopt($ch, CURLOPT_COOKIEJAR, "/tmp/cookieFileName"); curl_setopt($ch, CURLOPT_URL,"http://www.myterminal.com/checkpwd.asp"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "UserID=username&password=passwd"); ob_start(); // prevent any output curl_exec ($ch); // execute the curl command ob_end_clean(); // stop preventing output curl_close ($ch); unset($ch); $ch = curl_init(); curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); curl_setopt($ch, CURLOPT_COOKIEFILE, "/tmp/cookieFileName"); curl_setopt($ch, CURLOPT_URL,"http://www.myterminal.com/list.asp"); $buf2 = curl_exec ($ch); curl_close ($ch); echo "<PRE>".htmlentities($buf2); ?>