Header(), cookies and redirect?? What's next?

[phpdolan]

Need some help with header() function, please.

 

I've kinda stuck on 2 issues. I'm trying to redirect to a target site after using curl to login. The logged-in cookie value has be stored in $_SESSION['cookie'] (not sure how to check that during this redirect). This is the only piece of the header that's not being added to the request header. Second, (and more importantly) how does one get the server to follow that 302 and supply all the header info again? It seems to be out of the scripts' hands now?

 

Here's the code in no_two_bot.php: (this page is result of form action, method = get)

 

<?php

# session_start();

$cookie_session_id = $_SESSION['cookie'];

 

header("User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1.13) Gecko/20080311 Firefox/2.0.0.13\n");

header("Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5\n");

header("Accept-language: en\n");

header("Accept-Encoding: gzip,deflate\n");

header("Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\n");

header("Location: https://www.bbbbbb.com/private/private_home.asp/\n");

header("Cookie: $cookie_session_id\n");

header("Referer: https://www.bbbbbb.com/private/index.asp");

exit;

?>

 

Here's the LiveHTTPHeaders info:

 

http://www.xxxxx.com/no_two_bot.php?

 

GET /no_two_bot.php? HTTP/1.1

Host: www.xxxxx.com

User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1.13) Gecko/20080311 Firefox/2.0.0.13

Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5

Accept-Language: en-us,en;q=0.5

Accept-Encoding: gzip,deflate

Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7

Keep-Alive: 300

Connection: keep-alive

Referer: http://www.xxxxx.com/no_one_bot.php

Cookie: PHPSESSID=c8b3f9357750f22ffaa7d72411849765

 

HTTP/1.x 302 Found

Date: Sat, 26 Apr 2008 03:10:02 GMT

Server: Apache/1.3.39 (Unix) PHP/5.2.4 mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.30 OpenSSL/0.9.7a

X-Powered-By: PHP/5.2.4

User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1.13) Gecko/20080311 Firefox/2.0.0.13

Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5

Accept-Language: en

Accept-Encoding: gzip,deflate

Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7

Location: https://www.bbbbbbb.com/private/private_home.asp/

Referer: https://www.bbbbbbb.com/private/index.asp

Keep-Alive: timeout=2, max=10000

Connection: Keep-Alive

Transfer-Encoding: chunked

Content-Type: text/html

 

All the header data looks good and compares to the real thing, except for the Cookie: (missing) Thanks for looking. Appreciate the help figuring this out.

David

[Daniel0]

There is no Cookie response header. There is a Set-Cookie response header which must be formed like this:

 

Set-Cookie: <name>=<value>[; <name>=<value>][; expires=<date>][; domain=<domain_name>][; path=<some_path>][; secure][; httponly]

 

It would be much easier to just use the setcookie() function though. It'll handle it for you. You might also want to check up on sessions and cookies, because you seem to be using it incorrectly. The session id will automatically be sent if you use session_start().

[phpdolan]

Thanks for reply, Daniel.

 

I do not believe I need set_cookie() because I'm trying to reuse a cookie obtained by a curl session, that is then being passed back to the target server. What's being attempted is to use curl to login to a site, go to a certain page, and display it. I would like the option of transfering from that page (my server is the host) to the target server without having to login again.

 

The problem is, if there are links on the curl obtained page, they are something like "/private/helpme.php" and if they are selected, my host returns, "File not found". I thought the header function would transfer hosts from mine (where the php script resides) to the target.

 

David