Question

我正在尝试使用curl php检查网站的登录信息。 Request标头如下所示：

GET /loginpage.cgi HTTP/1.1
Host: test.com
Connection: keep-alive
pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Accept: */*
Referer: https://test.com/login.cgi
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.8
Cookie: QSESSIONID=**c0da73be1917324c157e5c45b1bccd4f**

QSESSIONID值每次都会更改，我需要将此值传递到标头中以便从php发出curl请求。我的php代码如下：

<?php

$username = 'user';
$password = 'pass';

$url = "https://test.com/login.cgi?key=GetLoginUserInfo";

$ch = curl_init();
$headers = array();
$headers[] = "Pragma: no-cache";
$headers[] = "Accept-Encoding: gzip, deflate, br";
$headers[] = "Accept-Language: en-US,en;q=0.8";
$headers[] = "User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) 
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36";
$headers[] = "Accept: */*";
$headers[] = "Referer: https://test.com/login.cgi?key=UDIT";
$headers[] = "Cookie: QSESSIONID=c0da73be1917324c157e5c45b1bccd4f";
$headers[] = "Connection: keep-alive";
$headers[] = "Cache-Control: no-cache, no-store, max-age=0, must-
revalidate";
$headers[] = "Expires: Fri, 01 Jan 1990 00:00:00 GMT";

curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);  
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); 
curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");
$result = curl_exec($ch);

print_r($result);
$ch_error = curl_error($ch);

if ($ch_error) {
    echo "cURL Error: $ch_error";
} else {
    echo $result;
}

curl_close($ch);
?>

现在我跑这个。当我从开发工具请求标头获取会话ID并在我的标头中更改它时，只有我可以登录，因为每次登录时值都会更改。

所以我的问题是，他们是一种可以从请求标头中获取该值的方法，以便我可以在php代码中将该值附加到我的标头中。或者你可以建议的任何其他方式，我愿意接受建议。如果我从php代码中删除此信息，请求将失败，如果

Answer 1

这看起来像是一个会话ID（名称有点离开），这些是在你的第一个连接上生成的。您应该将其存储并在后续请求中将其作为cookie发送，以便服务器可以跟踪您的会话。

如果你不发送这个cookie标题，你会得到一个随机的每个请求。

此代码的编写方式旨在教您如何处理Cookie。关于您尝试做什么有很多假设，但这使您基本了解如何解析/处理标头和会话ID。

我已经避免使用cookiejar（代码更简单，更清晰），因为它会自动为您完成所有这些操作，我建议您在了解会话ID的工作原理后再查看它们。

<?php

class MyService
{

    private $headers = [];
    private $cookies = [];
    private $loggedIn = false;


    function login($username, $password)
    {
        $ch = curl_init('https://test.com/login.cgi');

        #Assumption: Do whatever is needed for login here
        curl_setopt($ch, CURLOPT_USERPWD, $username . ':' . $password);

        # This is where we setup header processing
        curl_setopt($ch, CURLOPT_HEADERFUNCTION, [$this, 'parseHeaders']);

        #Assumption: Check for valid response
        $response = curl_exec($ch);

        $this->loggedIn = ($response == 'true');

        curl_close($ch);

        return $this->loggedIn;
    }


    function getHeader($header)
    {
        return array_key_exists($header, $this->headers) ? $this->headers[$header] : null;
    }

    function getCookie($cookie)
    {
        return array_key_exists($cookie, $this->cookies) ? $this->cookies[$cookie] : null;
    }

    function parseHeaders($ch, $header)
    {
        if (stristr($header, 'set-cookie')) {

            # If you can install PECL pecl_http this will work better
            // $this->cookies = http_parse_cookie(strstr('Set-Cookie', $header))['cookies'];

            # Otherwise

            $reserved_words = [
                'httponly',
                'expire',
                'path',
                'expires',
                'domain',
                'secure'
            ];

            preg_match("/Set-Cookie: (.*)/", $header, $cookies);

            foreach ($cookies as $cookie) {
                $cookie = explode(';', $cookie);

                foreach ($cookie as $cookie_part) {

                    $cookie_part = explode('=', $cookie_part);

                    array_walk($cookie_part, create_function('&$val', '$val = trim($val);'));

                    if (!in_array($cookie_part[0], $reserved_words) && isset($cookie_part[1])) {
                        $this->cookies[$cookie_part[0]] = $cookie_part[1];
                    }
                }
            }

        } else {

            $header_part = explode(':', $header, 2);

            if (isset($header_part[1])) {
                $this->headers[trim($header_part[0])] = trim($header_part[1]);
            }
        }

    }

    function otherInfo()
    {

        if (!$this->loggedIn) {
            throw new NotLoggedInException('Login first');
        }

        $headers = []; # Populate whatever headers are mandatory

        $url = "https://test.com/login.cgi?key=GetOtherInfo";

        $ch = curl_init();

        curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

        curl_setopt($ch, CURLOPT_COOKIE, 'QSESSIONID=' . $this->getCookie('QSESSIONID'));

        $result = curl_exec($ch);

        curl_close($ch);

        return $result;

    }

    function getUserInfo()
    {

        if (!$this->loggedIn) {
            throw new NotLoggedInException('Login first');
        }

        $headers = []; # Populate whatever headers are mandatory

        $url = "https://test.com/login.cgi?key=GetLoginUserInfo";

        $ch = curl_init();

        curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

        curl_setopt($ch, CURLOPT_COOKIE, 'QSESSIONID=' . $this->getCookie('QSESSIONID'));

        $result = curl_exec($ch);

        curl_close($ch);

        return $result;

    }

}

$username = 'user';
$password = 'pass';

$api = new MyService();
$api->login($username, $password);

$info = $api->getUserInfo();
$other = $api->otherInfo();

如何在curl php中获取请求标头中的Cookie

1 个答案: