PHP Consuming RESTful APIs Fetching a URL with Cookies - Web Development and Design | Tutorial for Java, PHP, HTML, Javascript PHP Consuming RESTful APIs Fetching a URL with Cookies - Web Development and Design | Tutorial for Java, PHP, HTML, Javascript

Breaking

Post Top Ad

Post Top Ad

Wednesday, June 19, 2019

PHP Consuming RESTful APIs Fetching a URL with Cookies

PHP Consuming RESTful APIs


Fetching a URL with Cookies


Problem

You want to retrieve a page that requires a cookie to be sent with the request for the page.

Solution

Use the CURLOPT_COOKIE option with cURL:

       $c = curl_init('http://www.example.com/needs-cookies.php');
       curl_setopt($c, CURLOPT_COOKIE, 'user=ellen; activity=swimming');
       curl_setopt($c, CURLOPT_RETURNTRANSFER, true);
       $page = curl_exec($c);
       curl_close($c);

With HTTP_Request2, use the addCookie() method:

       require 'HTTP/Request2.php';
       $r = new HTTP_Request2('http://www.example.com/needs-cookies.php');
       $r->addCookie('user', 'ellen');
       $r->addCookie('activity', 'swimming');
       $page = $r->send()->getBody();
       echo $page;

Discussion

Cookies are sent to the server in the Cookie request header. Although in practice just another HTTP header, due to their importance, both the cURL extension and the HTTP_Request2 package have specific functions to set cookies.

The examples in the Solution send two cookies: one named user with value ellen and one named activity with value swimming.

To request a page that sets cookies and then make subsequent requests that include those newly set cookies, use cURL’s “cookie jar” feature. On the first request, set CURLOPT_COOKIEJAR to the name of a file in which to store the cookies. On subsequent requests, set CURLOPT_COOKIEFILE to the same filename, and cURL reads the cookies from the file and sends them along with the request. This is especially useful for a sequence of requests in which the first request logs in to a site that sets session or authentication cookies, and then the rest of the requests need to include those cookies to be valid.

Here’s such a sequence of requests:

       // A temporary file to hold the cookies
       $cookie_jar = tempnam('/tmp','cookie');

       // log in
       $c = curl_init('https://bank.example.com/login.php?user=donald&password=b1g$');
       curl_setopt($c, CURLOPT_RETURNTRANSFER, true);
       curl_setopt($c, CURLOPT_COOKIEJAR, $cookie_jar);
       $page = curl_exec($c);
       curl_close($c);

       // retrieve account balance
       $c = curl_init('http://bank.example.com/balance.php?account=checking');
       curl_setopt($c, CURLOPT_RETURNTRANSFER, true);
       curl_setopt($c, CURLOPT_COOKIEFILE, $cookie_jar);
       $page = curl_exec($c);
       curl_close($c);

       // make a deposit
       $c = curl_init('http://bank.example.com/deposit.php');
       curl_setopt($c, CURLOPT_POST, true);
       curl_setopt($c, CURLOPT_POSTFIELDS, 'account=checking&amount=122.44');
       curl_setopt($c, CURLOPT_RETURNTRANSFER, true);
       curl_setopt($c, CURLOPT_COOKIEFILE, $cookie_jar);
       $page = curl_exec($c);
       curl_close($c);

       // remove the cookie jar
       unlink($cookie_jar) or die("Can't unlink $cookie_jar");

Be careful where you store the cookie jar. It needs to be in a place your web server has write access to, but if other users can read the file, they may be able to poach the authentication credentials stored in the cookies.

HTTP_Request2 offers a similar cookie-tracking feature. You need to invoke the setCookieJar() method to enable it. Then, if you make multiple requests with the same HTTP_Request2 object, cookies are automatically preserved from one request to the next.For example:

      require 'HTTP/Request2.php';

      $r = new HTTP_Request2;
      $r->setCookieJar(true);

      // log in
     $r->setUrl('https://bank.example.com/login.php?user=donald&password=b1gmoney$');
     $page = $r->send()->getBody();

     // retrieve account balance
     $r->setUrl('http://bank.example.com/balance.php?account=checking');
     $page = $r->send()->getBody();

     // make a deposit
     $r->setUrl('http://bank.example.com/deposit.php');
     $r->setMethod(HTTP_Request2::METHOD_POST)
              ->addPostParameter('account', 'checking')
              ->addPostParameter('amount','122.44');

     $page = $r->send()->getBody();



No comments:

Post a Comment

Post Top Ad