enable cURL by uncommenting the line
extension=php_curl.dll
in your php.ini file.
Set up cURL to either accept all certificates or add the needed certificate authority to cURLs CA list (check out http://unitstep.net/blog/2009/05/05/using-curl-in-php-to-access-https-ssltls-protected-sites/)
Then you need to load the page to get the session cookie:
// Create temp file to store cookies
$ckfile = tempnam ("/tmp", "CURLCOOKIE");
// URL to login page
$url = "https://www.securesiteexample.com";
// Get Login page and its cookies and save cookies in the temp file
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // Accepts all CAs
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_COOKIEJAR, $ckfile); // Stores cookies in the temp file
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$output = curl_exec($ch);
Now you have the cookie, you can POST login values (check the source of the login page to check if you need any other fields too)
$fields = array(
'username' => 'yourusername',
'password' => 'yourpassword',
);
$fields_string = '';
foreach($fields as $key=>$value) {
$fields_string .= $key . '=' . $value . '&';
}
rtrim($fields_string, '&');
// Post login form and follow redirects
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // Accepts all CAs
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, count($fields));
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
curl_setopt($ch, CURLOPT_COOKIEFILE, $ckfile); //Uses cookies from the temp file
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); // Tells cURL to follow redirects
$output = curl_exec($ch);
Now you should be able to access any pages within the password-restricted area by just including the cookies for each call:
$url = "https://www.securesiteexample.com/loggedinpage.html";
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // Accepts all CAs
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_COOKIEFILE, $ckfile); //Uses cookies from the temp file
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$output = curl_exec($ch);
Found from http://coderscult.com/php/php-curl/2008/05/20/php-curl-cookies-example/, http://davidwalsh.name/execute-http-post-php-curl, http://stackoverflow.com/questions/3519939/make-curl-follow-redirects, and http://www.php.net/manual/en/function.curl-setopt.php.
Also see http://php.net/manual/en/book.curl.php.
Thanks man... this helped me hours of work ! :)
ReplyDelete@Rohith.M - Glad it was helpful. :)
ReplyDeleteHi I was doing experiements with the script and found out that, we should include
ReplyDeletecurl_setopt($ch, CURLOPT_COOKIEJAR, $ckfile);
after the line
curl_setopt($ch, CURLOPT_COOKIEFILE, $ckfile); //Uses cookies from the temp file
So that new cookies changes will be saved :)
Ah, great!
DeleteWhen I wrote the script I was only interested in the first page after login, but that should absolutely be included.
Thanks. :)
im sorry, im beginner with curl. how to use all that code ? , only merge into one file .php ?
ReplyDeletethank you before
Hi
DeleteIt's been a while, but yes, pretty much. :)
Have a look at http://stackoverflow.com/a/2138534 for a good example and links to more. And maybe also http://code.tutsplus.com/tutorials/techniques-for-mastering-curl--net-8470 for a tutorial on usring cURL with PHP.
Good luck! :)
Regards,
Åsmund
hey, i try to logging in into a https website and take its contents,
ReplyDeletebut it return empty, and when i tried to check with curl_errno($ch)
it return 35 which means Unknown SSL protocol error in connection to [secure site]:443
any ideas or clue which i do wrong ?
Thanks before.
Regards,
Andy
Thanks for article .its really help me.
ReplyDelete