我有以下代码:
public function get_session($data){
$this->ch = curl_init("http://example.com/login");
curl_setopt($this->ch, CURLOPT_COOKIEJAR, "cookie.txt");
curl_setopt($this->ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($this->ch, CURLOPT_HEADER, 0);
curl_setopt($this->ch, CURLOPT_POSTFIELDS,$data);
curl_setopt($this->ch, CURLOPT_POST, 1);
curl_setopt($this->ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($this->ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:32.0) Gecko/20100101 Firefox/32.0");
$result = curl_exec($this->ch);
curl_close($this->ch);
$this->ch = curl_init("http://example.com/profile/0354258911/");
curl_setopt($this->ch, CURLOPT_COOKIEFILE, "cookie.txt");
curl_setopt($this->ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($this->ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($this->ch, CURLOPT_HEADER, 0);
curl_setopt($this->ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:32.0) Gecko/20100101 Firefox/32.0");
$result = curl_exec($this->ch);
echo $result;
curl_close($this->ch);
}
问题是发送的第二个请求是在没有正确会话的情况下发送的。 我尝试使用Web代理工具复制登录请求..没有我错过的反CSRF防御。 我希望我的代码所做的就是发送请求,在到达登录页面时获取cookie。然后使用cookie发送我的凭证..并在通过身份验证后收到回复。