PHP CURL将cookie保存到cookiejar中,但不使用它 [英] PHP CURL saves cookie into cookiejar but doesn't use it
问题描述
我有一个PHP脚本,该脚本使用CURL登录带有简单登录页面的站点。它会向站点发送初始请求,并查看其是否已经登录(由于cookie)或登录页面是否出现-如果登录,则登录。
I have a PHP script which uses CURL to log into a site with a simple login page. It sends an initial request to the site and sees if it's already logged in (due to cookies) or if the login page comes up - and if it does, logs in.
但是,最近我注意到,每次脚本运行时,它都永远不会登录。使用VERBOSE深入探查头表明,从未使用过COOKIEFILE / COOKIEJAR中的cookie,只有该站点接收的特定cookie会议。如果我在运行过程中手动将cookie添加到cookiejar中(以前可以正常使用)-它不再起作用,因为实际上没有使用COOKIEFILE中的cookie。
However, recently I noticed that every time the script runs it is never logged in. Deep diving into the headers using VERBOSE shows that the cookie in the COOKIEFILE/COOKIEJAR is never used, only the cookies that are received by the site for that particular session. If I manually add cookies to the cookiejar in the middle of the run (something that used to work) - it doesn't work anymore as the cookies in the COOKIEFILE aren't actually used.
这同时在本地和生产服务器上发生,这似乎不是系统问题。我为其他登录页面创建了具有相同结果的测试版本。
我使用cookie文件的完整路径(使用cookie更新,但未使用),并使用curl_close()。
This happens both locally and on the production server, meaning it doesn't seem to be a system issue. I created test versions for other login pages with the same results. I use a fullpath to the cookie file (which is updated with cookies, just not used) and use curl_close().
以下是CURL函数:
Following is the CURL function:
private function curlPage($url, $postParameters) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postParameters);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_COOKIEJAR, __DIR__.'/cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, __DIR__.'/cookie.txt');
curl_setopt($ch, CURLOPT_ENCODING, '');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($ch, CURLOPT_POSTREDIR, 3);
if ($this->verbose == 1) curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
curl_setopt($ch, CURLOPT_TIMEOUT, $this->defaultTimeout);
curl_setopt($ch, CURLOPT_USERAGENT, $this->useragent);
$pageResponse = curl_exec($ch);
curl_close($ch);
return $pageResponse;
}
以下是CURL请求对主页的详细响应应该检查它是否已登录。由于该站点是客户端,因此我对其进行了编辑。
Following is the verbose response of the CURL request to the main page, where it is supposed to check whether or not it is logged in. As the site is of a client, I redacted it.
* Rebuilt URL to: *********
* Hostname was NOT found in DNS cache
* Trying : *********...
* Connected to : ********* (*********) port 80 (#0)
> GET / HTTP/1.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/600.6.3 (KHTML, like Gecko) Version/8.0.6 Safari/600.6.3
Host: *********
Accept: */*
< HTTP/1.1 200 OK
< Date: Wed, 20 Jul 2016 20:42:22 GMT
< Content-Type: text/html
< Transfer-Encoding: chunked
< Connection: keep-alive
< Keep-Alive: timeout=15
< Vary: Accept-Encoding
< Expires: Mon, 26 Jul 1980 00:00:00 GMT
< Pragma: no-cache
< Cache-Control: no-cache, no-store, must-revalidate
* Server ********* is not blacklisted
< Server: *********
<
可以看到-尽管有可用的COOKIEFILE,但看不到cookie。
As can be seen - no cookie in sight, despite having a COOKIEFILE available.
任何帮助将不胜感激。
推荐答案
首先,您必须确保 __ DIR __ 具有写权限。
The first you must make sure __DIR__ have write permission.
运行代码的第二个时间。您可以检查 cookie.txt 文件是否已创建。
The second when you run code. You can check cookie.txt file had been create or not.
第三个您必须对所有文件使用一个cookie会议。这样受害者就知道您已登录。
The third you must use ONE cookie for all session. So the victim know you logged in.
并尝试我的消息源
$cookies = tempnam('/tmp','cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookies);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookies);
这篇关于PHP CURL将cookie保存到cookiejar中,但不使用它的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
