Jul
24

Maintaining PHP session when using CURL.

By Julian  //  PHP  //  11 Comments

Working now on some iGoogle like dashboard for the system I’m developing.

I was trying some stuff out with CURL and was having a hard time to maintain my current session when making a curl request to another page. I needed to stay authenticated in order to retrieve my widget.

Here is my initial code:

$strCookie = 'PHPSESSID=' . $_COOKIE['PHPSESSID'] . '; path=/';
$ch = curl_init($rssFeedLink);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt( $ch, CURLOPT_COOKIE, $strCookie );
$response = curl_exec($ch);
curl_close($ch);

The problem with that piece of code is that it was generating a new session id instead of sending my current session.

The solution? Put session_write_close() before you make the CURL request.

$strCookie = 'PHPSESSID=' . $_COOKIE['PHPSESSID'] . '; path=/';

session_write_close();

$ch = curl_init($rssFeedLink);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt( $ch, CURLOPT_COOKIE, $strCookie );
$response = curl_exec($ch);
curl_close($ch);

What does session_write_close() do? It, ends the current session and store session data. Apparently, PHP does not like when multiple scripts play around with the session, so, it locks it. Putting session_write_close makes sure that your current session is stored so you can retrieve it and use it.

This little issue had my head spinning for a few hours, so, I hope this article helps you.

Tags: , ,

Author: Julian Castaneda

Julian Castaneda has written 18 articles for us.

This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.

11 Comments to “Maintaining PHP session when using CURL.”

  • James September 3, 2009 at 8:09 pm

    Hi,

    I’m having trouble maintaining the session with PHP curl running in Linux.

    Here is an example that successfully logs into Amazon then should reload a homepage to demonstrate the use of cookies to maintain the session on the server.
    http://jgeewax.wordpress.com/2007/01/03/using-php-curl-to-sign-in-to-amazoncom/

    The first part of the script does log into Amazon, but it doesn’t return my name in the homepage refresh.

    Any advice is much appreciated.
    Cheers
    J

    Reply
  • Julian September 3, 2009 at 8:47 pm

    James,

    It would help if you gave me a little bit more info regarding the issue. What response do you get when it logs into amazon? are you sure the cookies are being stored into a cookies files?
    I would suggest you verify the content of the cookies file generated by cURL.

    Reply
  • James September 4, 2009 at 4:20 am

    Julian,

    I have tried the script from the above link in two ways, both all contained in the same file and seperating the two CURL instances into seperate files. Both received the same results.

    Here is the contents of the cookie file after the successful Amazon logon:
    # Netscape HTTP Cookie File
    # http://curlm.haxx.se/rfc/cookie_spec.html
    # This file was generated by libcurl! Edit at your own risk.

    .amazon.com TRUE / FALSE 1252566000 session-id-time 1252566000l
    .amazon.com TRUE / FALSE 1252566000 session-id 191-4393894-7071610

    Here is the contents of the cookie file after the homepage request, which failed:
    # Netscape HTTP Cookie File
    # http://curlm.haxx.se/rfc/cookie_spec.html
    # This file was generated by libcurl! Edit at your own risk.

    .amazon.com TRUE / FALSE 1252566000 session-id-time 1252566000l
    .amazon.com TRUE / FALSE 1252566000 session-id 191-4393894-7071610

    Cheers
    J

    Reply
  • James September 4, 2009 at 6:40 am

    Julain,

    Here is a dump of the source code. I’d appreciate it if you could try and run and let me know what you think.

    http://pastebin.ca/1553723

    Cheers

    Reply
  • David September 10, 2009 at 6:37 am

    I am searching for a solution to the same issue. You’ve shown a very good solution. But, I’m wondering how this works.

    I’ve got 3 separate curl scripts that connect to a site to post data for a separate conclusion. If the code was all in one file everything would probably work fine, but I’m thinking that the separate curl handles makes for unexpected issues.

    Do you put this line of session_write_close in every file? Do you call something else?

    Thanks for your post!

    Reply
  • Julian September 10, 2009 at 7:08 am

    @James – I’m sorry I didn’t get back to you sooner, I was out of town. I will try the code out and let you know my findings.

    @David – Are the 3 separate script files in the same project? meaning will they carry the same session? I would try putting it in all 3 scripts, and see what the outcome is!

    Reply
  • Mike Branski October 28, 2009 at 10:28 am

    Good to know that after a few hours of trying different things, I was simply missing session_write_close(). Thanks for posting this!

    Reply
  • Julian October 28, 2009 at 10:34 am

    No Problem Mike. I’m glad to hear it helped you..

    Reply
  • owsome November 6, 2009 at 1:40 pm

    owsome, should be a google's sticky search

    Reply
  • Joe December 18, 2009 at 3:49 pm

    I believe you just solved my troubles! Thanks for dropping some wisdom.

    Reply
    • juliancc December 18, 2009 at 4:22 pm

      Awesome Joe!
      it's great to hear that my post helped you solve your troubles.

      Reply

Leave a comment