tags:

views:

50

answers:

1
Q: 

How to obtain the returned cookie after a POST in PHP?

Hi,

Let's say I have a website called (example.com) which will have a php file (example.com/call.php). call.php will have a post method that will post to the website exampleOne.com/login.php with the right parameters. exampleOne.com will return a header with a cookie that will confirm the authentication of the user, how do I obtain the cookie or at least check if the header includes Set-Cookie in order to be informed that the user is authenticated?

If this is not clear enough please let me know in the comments and I will try my best to clear everything up.

(UPDATE 1: so the idea is that, how do I know that the other domain I am posting to has set up the cookie because the fact that the cookie has been set up (Set-cookie != null or "") means that the username and password are in fact correct)

(Update 2 so my issue is that I want to make sure that user is a member of some forum which does not have an API and I cannot authenticate to that forum because i don't have access to their records, however, that forum authenticate the user and sets a cookie if the information is right and I want to be able to see that cookie to make sure I understand that the user is authenticated - hope this helps)

+2  A: 

You can use this code to do what you want. Pretty much you're just simulating a client when you do this by writing a HTTP request to a page and then processing the response headers that it sends back. This is also how you would build a proxy server, but that is sort of what you're doing.

Let me know if you need any help.

//
// OPEN SOCKET TO SERVER
//

$_socket = @fsockopen($host, $port, $err_no, $err_str, 30);

//
// SET REQUEST HEADERS
//

$_request_headers  = '... CONSTRUCT FULL HEADERS HERE ...'; 

fwrite($_socket, $_request_headers);

//
// PROCESS RESPONSE HEADERS
//

$_response_headers = $_response_keys = array();
$line = fgets($_socket, 8192);

while (strspn($line, "\r\n") !== strlen($line))
{
    @list($name, $value) = explode(':', $line, 2);
    $name = trim($name);
    $_response_headers[strtolower($name)][] = trim($value);
    $_response_keys[strtolower($name)] = $name;
    $line = fgets($_socket, 8192);
}

sscanf(current($_response_keys), '%s %s', $_http_version, $_response_code);

if (isset($_response_headers['set-cookie']))
{
    // DO WHAT YOU WANT HERE
}

For reference, you can find similar code in PHProxy that goes into much more detail. It will create headers for you, process response headers, and more. If you find that this example doesn't do everything you need, you should reference that software.

gnucom  2010-07-20 23:07:42
I am a little bit confused with some of the information above: 1) what should i replace (host, port, etc) with? ||| 2) what should i replace the information in (request_headers) with, what do you mean by constructing a full header because i just want to pull the information and not post a header. ((THANK YOU SO MUCH FOR THE HELP))
 2010-07-20 23:12:58
I understand that I will send the request through the headers i believe but not sure how to set up the parameters through the header (if let's say the website takes the parameters username and password. (Thanks again :))
 2010-07-20 23:19:29
First, you'll need to familiarize yourself with how HTTP headers work. You're going to write your $request_url as one large string that contains all the request information. See example here http://www.jmarshall.com/easy/http/#postmethod. Second, if you want to get any information out of the server (like a set-cookie response) you NEED to make a request, so this is what you want to do. In your code, after you write the request, the server will write back a response (and in that response will be your set-cookie field - which is also detailed in HTTP header tutorials). Good Luck.
gnucom  2010-07-20 23:23:19
gnucom  2010-07-20 23:31:27
so I supplied this in the header and it gave me an error: "Content-type: application/x-www-form-urlencoded\nContent-Length: 61\nusername=something%40email.comWarning: fgets(): supplied argument is not a valid stream resource in /path/auth.php on line 18(line 18: $line = fgets($_socket, 8192);
 2010-07-20 23:33:36
gnucom  2010-07-21 00:07:00
The returned array is empty but that's something I will investigate, thank you so much for the help :)
 2010-07-21 00:17:14
Yay, great. Glad to help.
gnucom  2010-07-21 00:40:40

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases