tags:

views:

26

answers:

2
+1  Q: 

Posting within PHP and receiving only cookie

Hello

I have a question. It might be sound ridiculous, but let me explain what I want to accomplish. Right now I try to embed open source forum to by site and I want to leave forum and my site databases split. When my site users are logging in I want them also automatically be logged in to the forum system. For that I want to login within my PHP code after receiving username and password in post, but I don't know how I can get only cookies in response. I have found out that I can use curl_init(), curl_exec(), curl_close() functionality, but response from curl_exec returns whole response(page content, cookies, headers). Is there a way to receive only cookies?

P.S. - If my design is totally wrong please give an advise how I can embed this functionality! I would be very thankful!

+2  A: 

Yes, you can make a HEAD request. In that case, the server will send only the headers (this includes other things besides the cookie, but you'll have to live with that).

For curl, use the curl option CURLOPT_NOBODY:

$ch = curl_init();
curl_setopt($ch, CURLOPT_NOBODY, TRUE);

I suppose you then "forward" the cookies to the client -- the way I see it, your approach may or may not work, depending on several factors. You should see single sign-on implementations such as CAS and OpenID.

Artefacto  2010-05-21 17:41:48
His approach may require a POST of the username/password to the forum login page in order to receive the session cookie.
webbiedave  2010-05-21 17:45:43
You're right, it probably won't work unless the authentication to the forum is done with HTTP (basic/digest) and then relies on cookies (would be very unusual) or through GET (which would be a spec violation).
Artefacto  2010-05-21 17:49:37
Yes, it needs POST for that. I have already done what I wanted thnx guys :)
faya  2010-05-21 17:53:49
@faya: well how'd you do it?
webbiedave  2010-05-21 17:56:03
A: 

Most authentication response is redirect so there is no body anyway. In case someone use Javascript to redirect, the body is very small, just ignore it.

HEAD will not work in most cases. Almost all authentication servers require POST for security reasons.

ZZ Coder  2010-05-21 18:53:22

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases