PHP cURL Authentication Issue
Authentication fails due to the mismatch between token
and cookie(s) passed.
When you load the page to retrieve the token with get_token()
the server is sending you a cookie that you are not saving.
Later when you try to login the server expects to receive same cookie it sent you when you got the token
. But you're not sending it.
I suggest you to the rewrite get_token()
using curl and storing cookies in cookie.txt
. This will let you pass them later when you'll call login()
Like this:
function get_token() { $url = 'https://www.foo.com/'; $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl, CURLOPT_COOKIEJAR, "cookie.txt"); curl_setopt($curl, CURLOPT_COOKIEFILE, "cookie.txt"); curl_setopt($curl, CURLOPT_TIMEOUT, 40000); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); $result = curl_exec($curl); curl_close($curl); unset($curl); $html = str_get_html( $result ); $token = ""; foreach($html->find('input') as $element) { if($element->name == "token") { $token = $element->value; } } if (!$token) { die('No token found'); } return $token;}
Important:
Remove
$fp = fopen("cookie.txt", "w");fclose($fp);
From login()
as that truncates to zero bytes the cookie.txt
file, and you don't want to delete the cookie just retrieved.
Note that curl_exec()
creates the speciefied cookie file if it doesn't exist.