curl-and-php
RE: Question: Maintaining separate CURLOPT_COOKIEFILE cookie sessions across multiple browsers
Date: Wed, 1 Jul 2009 05:47:19 +0800
Hi Alex,
This is an easy one - ingredients as follow:
1. A cookies directory chmoded to 777.
2. Sessions
On first visit, generate a unique ID for the visitor and store it in a
session variable like $_SESSION['cookie_id']. Then whenever you need a
cookie for storage, set the COOKIE* options as
"cookies/$_SESSION[cookie_id].text".
Tips: Make sure the cookie ID is not revealed anywhere and is unguessable,
and remember to turn off the index listing for the cookies directory or
place a dummy index.html there. Also, do run a cleanup on the cookies
directory regularly before it is flooded with cookie files.
I wrote a web proxy script for my now-defunct proxy site several months ago,
and the source code is available here:
http://files.lx.sg/shadyproxy.r139.zip
You will probably want to look at line 14 of proxy.php for your case:
if (!isset($_SESSION['cookie_id'])) $_SESSION['cookie_id'] = time() . '_' .
str_pad(mt_rand(0, 9999), 4, '0', STR_PAD_LEFT);
Let me know if you have any further questions.
With regards,
Liu Shan Shui
me_at_lx.sg
"Life would be much easier if I had the source code." - Anonymous
From: curl-and-php-bounces_at_cool.haxx.se
[mailto:curl-and-php-bounces_at_cool.haxx.se] On Behalf Of Alex Judd
Sent: Tuesday, June 30, 2009 11:51 PM
To: curl-and-php_at_cool.haxx.se
Cc: 'Alex Judd'
Subject: Question: Maintaining separate CURLOPT_COOKIEFILE cookie sessions
across multiple browsers
Hi Daniel and everyone
First post here so a brief Hi and a quick question I wonder if anyone has
any experience (I've read around the mailing lists but couldn't find
anything that directly answered).
I'm building a PHP proxy server that uses Curl to read and write from an
existing website, and to return the response to PHP for me to manipulate as
I like.
Now the good news is this works pretty well, and POST and GET variables are
being maintained and passed backwards and forwards, as are COOKIES with the
CURLOPT_COOKIEFILE option.
However, the problem I have is that if two separate webbrowsers/users access
the system at the same time, they get to share the same cookies and thus can
see each other's session information etc. [which is obviously not what we
want]
Has anyone built a similar system where the COOKIEFILE settings are
maintained on a separate PHP user/session based approach?
Many thanks in advance
Alex
_______________________________________________
http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-and-php
Received on 2009-06-30