cURL / Mailing Lists / curl-and-php / Single Mail

curl-and-php

RE: How do I keep the $_SESSION info when I curl?

From: Edward E. Murphy <ted_at_speak-tome.com>
Date: Tue, 5 May 2009 17:25:39 -0400

Liu,

 

Thank you for the awesome explanation.

 

I am using IIS on a Windows server, so http rewriting is not native. I
wanted to use the 404 error page and cURL to take care of what should have
been handled using an .htaccess file.

 

In the end, I purchased Helicon's http_rewrite app to do the http rewrites
using a .htaccess file.

 

Thanks again,

 

Ted

 

  _____

From: Liu Shan Shui [mailto:me_at_lx.sg]
Sent: Tuesday, May 05, 2009 4:37 PM
To: ted_at_tedmurph.com; 'curl with PHP'
Subject: RE: How do I keep the $_SESSION info when I curl?

 

Hi Ted,

 

That's because the PHP session handler identifies them as two separate
sessions, and I don't see how the COOKIEJAR/FILE settings would help in any
way because all it does would be to store the second session ID. You'll need
to pass along the session ID in the cURL request as well by setting the
CURLOPT_COOKIE option, but there's an issue there - the native session
handler in PHP doesn't allow concurrent access of the same session.

 

Say, when a visitor visits test1.php for the first time, session_start() is
called and generates a session ID, eg. 12345, for this visitor. Now your
script goes on to send a cURL request containing the session ID 12345 to
test2.php. And when test2.php is executed and tries to load the session with
the ID of 12345, the session handler would tell him "I'm sorry, dude, but
test1.php is still using session 12345," and test2.php goes on waiting for
the session to be freed, and test1.php goes on waiting for test2.php to
finish execution in order to get its output. This continues on in an
infinite loop until one of them say "Hey, I can't wait anymore", times out
and terminates script execution. So in short, it won't work.

 

You can see that in action in the URL below. Test.php corresponds to your
test1.php, and dump.php would be your test2.php. Here, the script uses the
session ID 12345 for the visitor, and sends two cURL requests to dump.php,
first passing a session ID 1234 (different from 12345), and second an ID of
12345. You would see that the first request to dump.php works fine, but you
get a timeout error on the second one.

http://submeower.com/p215/test.php

 

Source code:

Curlx.php - http://code.google.com/p/curlx/

Test.php - http://submeower.com/p215/test.phps

Dump.php - http://submeower.com/p215/dump.phps

 

One workaround for this would be to serialize the session data in test1.php
and pass it to test2.php as a GET variable, though doing so would sacrifice
the integrity of the session data since anyone can pass a GET variable to
test2.php as well. I'm just wondering why you couldn't just do a HTTP
redirect for your visitor to go to test2.php. Maybe you can tell us more
about what you're trying to accomplish here?

 

With regards,

Liu Shan Shui

me_at_lx.sg

"Life would be much easier if I had the source code." - Anonymous

 

From: curl-and-php-bounces_at_cool.haxx.se
[mailto:curl-and-php-bounces_at_cool.haxx.se] On Behalf Of Edward E. Murphy
Sent: Tuesday, May 05, 2009 8:15 PM
To: 'Stephen Pynenburg'; 'curl with PHP'
Subject: RE: How do I keep the $_SESSION info when I curl?

 

Yes, that one as well. All of the files include session_start() by the
line:

 

require_once 'init.php';

 

Here is the example again.

 

First, go here to set the $_SESSION variable to something:

 

http://live-answers.com <http://live-answers.com/>

 

Now, this page shows the headers and $_SESSION variable before curling:

 

http://live-answers.com/test.php

 

This page shows the headers and $_SESSION variable after curling:

 

http://live-answers.com/test1.php

 

The cookie "myCurlCookie.txt" is created at that point with the following
content:

 

# Netscape HTTP Cookie File

# http://www.netscape.com/newsref/std/cookie_spec.html

# This file was generated by libcurl! Edit at your own risk.

 

www.live-answers.com FALSE / FALSE 0 PHPSESSID
3l12o08g1q158too3v3l3knvi1

 

Ted

 

 

  _____

From: Stephen Pynenburg [mailto:spynenburg_at_gmail.com]
Sent: Tuesday, May 05, 2009 7:58 AM
To: ted_at_tedmurph.com; curl with PHP
Subject: Re: How do I keep the $_SESSION info when I curl?

 

Session_start() also has to be called from the second page you're requesting
(test2.php).
-Stephen

On Mon, May 4, 2009 at 22:12, Edward E. Murphy <ted_at_speak-tome.com> wrote:

Yes, session_start() is called within init.php.

 

Ted

 

 

  _____

From: Stephen Pynenburg [mailto:spynenburg_at_gmail.com]
Sent: Monday, May 04, 2009 8:50 PM
To: ted_at_tedmurph.com; curl with PHP
Subject: Re: How do I keep the $_SESSION info when I curl?

 

Just to ensure the PHP side is correct, if you want PHP to resume a session
from cookies in the request, you need to call session_start() at the
beginning of that script.
-Stephen

On Mon, May 4, 2009 at 20:12, Edward E. Murphy <ted_at_speak-tome.com> wrote:

Hello all,

 

I have searched for this to no avail, please help.

 

I want to use cURL to redirect from one file to another. The redirect works
fine, but I am losing the $_SESSION information. How do I keep that info?

 

Here is what I am using now (doesn't work). The COOKIEJAR file at
"/tmp/myCurlCookie.txt" is being created, but the $_SESSION info is still
lost:

 

<?php

// fileurl is http://www.live-answers.com/test1php

 

// this sets a bunch of $_SESSION cookie info

require_once 'init.php';

 

// use curl to redirect the url

function useCurl($URL)

{

            $ch = curl_init();

            curl_setopt($ch, CURLOPT_URL,"$URL");

            curl_setopt($ch, CURLOPT_COOKIEJAR, "/tmp/myCurlCookie.txt" );

            curl_setopt($ch, CURLOPT_COOKIEFILE, "/tmp/myCurlCookie.txt");

            curl_exec ($ch);

            curl_close ($ch);

}

 

// this calls the second test file, where the $_SESSION info is not
available

$URL="http://www.live-answers.com/test2.php";

useCurl($URL);

exit;

 

?>

 

Best regards,

 

Ted

 

_______________________________________________
http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-and-php

 

 

_______________________________________________
http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-and-php
Received on 2009-05-05