Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
S
S
siroper2020-08-19 22:51:18
PHP
siroper, 2020-08-19 22:51:18

How to pass cookie in curl to php page with json response?

There is a site with certain data, which is displayed in the user's personal account in a modal window (ajax). Accordingly, we get into the personal account after authorization. In js scripts, I found the path to the PHP file from which data is displayed via ajax.

Now the first thing I do with curl is authorization (successfully):

function send_post_get_cookie($URL='', $PostData=Array(), $cookie='')
  {
    if (strlen($URL)<=0) return false;
    $ua = 'User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; ru; rv:1.9.2.13) Gecko/20101203 MRA 5.7 (build 03796) Firefox/3.6.13';
    $ch = curl_init($URL);
    curl_setopt($ch, CURLOPT_HEADER, 1); 
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_NOBODY, 1); 
    curl_setopt($ch, CURLOPT_USERAGENT, $ua);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $PostData);
    if (strlen($cookie)>0)
      curl_setopt($ch, CURLOPT_COOKIE, $cookie);
    $result = curl_exec($ch);
    curl_close($ch);
    
    $lines = explode("\n", $result);
    
    for ($i=0, $cnt=count($lines); $i<$cnt; $i++) 
      if (strpos($lines[$i], 'Set-Cookie:') !== FALSE)
        $cookie .= substr($lines[$i], strpos($lines[$i], 'Set-Cookie:')+strlen('Set-Cookie:')); 
    return $cookie;
  }


Next, I try curl + post to send the session and post data to this same PHP file (for example , https://site.ru/js/dannye.php ) but no matter how hard I try, it says that the session is out of date or 400 bad request...

function open($URL='', $cook='')
{
    $ua = 'User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; ru; rv:1.9.2.13) Gecko/20101203 MRA 5.7 (build 03796) Firefox/3.6.13';
    $ch = curl_init($URL);
    curl_setopt($ch, CURLOPT_USERAGENT, $ua);
    curl_setopt($ch, CURLOPT_COOKIE, $cook);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, array(
        'page'=>'1'
    ));
    $answer = curl_exec($ch);
    curl_close ($ch);
    return $answer;
}


I run the whole thing like this:
$cookie = send_post_get_cookie('https://site.ru/login.php', array(
    'user'=>'[email protected]',
    'password'=>'12345'
  ));
  
  open('https://site.ru/js/dannye.php',$cookie);


But it constantly writes that the session has expired, as soon as it has not been tried. What's my mistake?

Request Headers from browser
:::::::::::::::::::::LOGIN
Request Headers:

POST /login.php HTTP/1.1
Host: sitename.ru
Connection: keep-alive
Content-Length: 72
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Origin: https://sitename.ru
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.106
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: https://sitename.ru/login.php
Accept-Encoding: gzip, deflate, br
Accept-Language: ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7
Cookie: PHPSESSID=i99n3d2s6v1oibcsdp4vpa9rs2; skin=1



:::::::::::::::::::::MODAL
Request Headers:

Accept: */*
Accept-Encoding: gzip, deflate, br
Accept-Language: ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7
Connection: keep-alive
Content-Length: 81
Content-Type: application/x-www-form-urlencoded
Cookie: skin=1; PHPSESSID=i99n3d2s6v1oibcsdp4vpa9rs2; skin=1
Host: sitename.ru
Method: POST /js/dannye.php HTTP/1.1
Origin: https://sitename.ru
Referer: https://sitename.ru/main.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.106

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
K
kocherman, 2020-08-20
@siroper

Why are you parsing cookies yourself?
When you make a request and want curl to store the cookie, you put this:

curl_setopt($ch, CURLOPT_COOKIEJAR, '/tmp/cookies.txt');
When you make a request and want curl to pass these saved cookies to the server, you write this:
curl_setopt($ch, CURLOPT_COOKIEFILE, '/tmp/cookies.txt');

They can be used together.
That is, the first request is made with
curl_setopt($ch, CURLOPT_COOKIEJAR, '/tmp/cookies.txt');

And all subsequent ones starting from the second request
curl_setopt($ch, CURLOPT_COOKIEJAR, '/tmp/cookies.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, '/tmp/cookies.txt');

Then curl will read and write to the same file

Similar questions
G
GRO242019-08-30 15:23:29
Why doesn't Bootstrap 4 align blocks? 2Reply
S
StayAtHome2015-04-01 12:24:02
How to distinguish a web request from a regular page from a request from the extension itself from a Chrome/Opera extension? 4Reply
I
ITpie2021-03-25 20:16:06
How to make docker to test python code with certain libraries? 3Reply
S
student_it2015-04-19 11:49:55
How can I prevent the Referer from being sent when playing an audio file via the HTML Audio tag? 2Reply
V
Victor2016-07-08 10:51:29
Why do vpn clients need a pool of addresses separate from the home network if I want to have access to the home network from the vpn client? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question