As Yevgen mentioned earlier sometimes we can't use CURLOPT_COOKIEJAR and CURLOPT_COOKIEFILE. Below is a header callback function I wrote back in January that lets you maintain cookies between cURL requests. Cookies are added to $ch during all requests even during redirection, so you can use it together with CURLOPT_FOLLOWLOCATION.
Here is the code:
function read_header($ch, $string)
{
global $location; #keep track of location/redirects
global $cookiearr; #store cookies here
global $ch;
# ^overrides the function param $ch
# this is okay because we need to
# update the global $ch with
# new cookies
$length = strlen($string);
if(!strncmp($string, "Location:", 9))
{ #keep track of last redirect
$location = trim(substr($string, 9, -1));
}
if(!strncmp($string, "Set-Cookie:", 11))
{ #get the cookie
$cookiestr = trim(substr($string, 11, -1));
$cookie = explode(';', $cookiestr);
$cookie = explode('=', $cookie[0]);
$cookiename = trim(array_shift($cookie));
$cookiearr[$cookiename] = trim(implode('=', $cookie));
}
$cookie = "";
if(trim($string) == "")
{ #execute only at end of header
foreach ($cookiearr as $key=>$value)
{
$cookie .= "$key=$value; ";
}
curl_setopt($ch, CURLOPT_COOKIE, $cookie);
}
return $length;
}
Using the header function with curl (add this before curl_exec):
#don't forget globals, especially if you are using this in function
curl_setopt($ch, CURLOPT_HEADERFUNCTION, 'read_header');
This code assumes that you will reuse $ch without initializing it every time (call curl_init only once, in the beginning). If you need to initialize $ch again at any point in your code you can access the currently stored cookies in $cookiearr and include them in the new $ch.
I wrote this function before I had enough experience with regular expressions so you won't find any preg_match calls here. I have used this code for quite a while and without any problems accessing gmail, yahoo, hotmail, aol etc. where I had to go through login and a few pages before getting to what I was looking for.
Svetlozar Petrov (http://svetlozar.net)
curl_setopt
Description
bool curl_setopt ( resource ch, int option, mixed value )Set an option for a CURL session identified by the ch parameter. option specifies which option to set, and value specifies the value for the option given.
value should be a bool for the following values of the option parameter:
| Option | Set value to | Notes |
|---|---|---|
| CURLOPT_AUTOREFERER | TRUE to automatically set the Referer: field in requests where it follows a Location: redirect. | Available since PHP 5.1.0. |
| CURLOPT_BINARYTRANSFER | TRUE to return the raw output when CURLOPT_RETURNTRANSFER is used. | |
| CURLOPT_COOKIESESSION | TRUE to mark this as a new cookie "session". It will force libcurl to ignore all cookies it is about to load that are "session cookies" from the previous session. By default, libcurl always stores and loads all cookies, independent if they are session cookies are not. Session cookies are cookies without expiry date and they are meant to be alive and existing for this "session" only. | Available since PHP 5.1.0. |
| CURLOPT_CRLF | TRUE to convert Unix newlines to CRLF newlines on transfers. | |
| CURLOPT_DNS_USE_GLOBAL_CACHE | TRUE to use a global DNS cache. This option is not thread-safe and is enabled by default. | |
| CURLOPT_FAILONERROR | TRUE to fail silently if the HTTP code returned is greater than 300. The default behavior is to return the page normally, ignoring the code. | |
| CURLOPT_FILETIME | TRUE to attempt to retrieve the modification date of the remote document. You can then retrieve this value using the CURLINFO_FILETIME option with curl_getinfo(). | |
| CURLOPT_FOLLOWLOCATION | TRUE to follow any "Location: " header that the server sends as part of the HTTP header (note this is recursive, PHP will follow as many "Location: " headers that it is sent, unless CURLOPT_MAXREDIRS is set). | |
| CURLOPT_FORBID_REUSE | TRUE to force the connection to explicitly close when it has finished processing, and not be pooled for reuse. | |
| CURLOPT_FRESH_CONNECT | TRUE to force the use of a new connection instead of a cached one. | |
| CURLOPT_FTP_USE_EPRT | TRUE to use EPRT (and LPRT) when doing active FTP downloads. Use FALSE to disable EPRT and LPRT and use PORT only. | Added in PHP 5.0.0. |
| CURLOPT_FTP_USE_EPSV | TRUE to first try an EPSV command for FTP transfers before reverting back to PASV. Set to FALSE to disable EPSV. | |
| CURLOPT_FTPAPPEND | TRUE to append to the remote file instead of overwriting it. | |
| CURLOPT_FTPASCII | An alias of CURLOPT_TRANSFERTEXT. Use that instead. | |
| CURLOPT_FTPLISTONLY | TRUE to only list the names of an FTP directory. | |
| CURLOPT_HEADER | TRUE to include the header in the output. | |
| CURLOPT_HTTPGET | TRUE to reset the HTTP request method to GET. Since GET is the default, this is only necessary if the request method has been changed. | |
| CURLOPT_HTTPPROXYTUNNEL | TRUE to tunnel through a given HTTP proxy. | |
| CURLOPT_MUTE | TRUE to be completely silent with regards to the CURL functions. | |
| CURLOPT_NETRC | TRUE to scan your ~/.netrc file to find your username and password for the remote site that you're establishing a connection with. | |
| CURLOPT_NOBODY | TRUE to exclude the body from the output. | |
| CURLOPT_NOPROGRESS |
TRUE to disable the progress meter for CURL transfers.
| |
| CURLOPT_NOSIGNAL | TRUE to ignore any CURL function that causes a signal to be sent to the PHP process. This is turned on by default in multi-threaded SAPIs so timeout options can still be used. | Added in CURL 7.10 and PHP 5.0.0. |
| CURLOPT_POST | TRUE to do a regular HTTP POST. This POST is the normal application/x-www-form-urlencoded kind, most commonly used by HTML forms. | |
| CURLOPT_PUT | TRUE to HTTP PUT a file. The file to PUT must be set with CURLOPT_INFILE and CURLOPT_INFILESIZE. | |
| CURLOPT_RETURNTRANSFER | TRUE to return the transfer as a string of the return value of curl_exec() instead of outputting it out directly. | |
| CURLOPT_SSL_VERIFYPEER | FALSE to stop CURL from verifying the peer's certificate. Alternate certificates to verify against can be specified with the CURLOPT_CAINFO option or a certificate directory can be specified with the CURLOPT_CAPATH option. CURLOPT_SSL_VERIFYHOST may also need to be TRUE or FALSE if CURLOPT_SSL_VERIFYPEER is disabled (it defaults to 2). | TRUE by default as of CURL 7.10. Default bundle installed as of CURL 7.10. |
| CURLOPT_TRANSFERTEXT | TRUE to use ASCII mode for FTP transfers. For LDAP, it retrieves data in plain text instead of HTML. On Windows systems, it will not set STDOUT to binary mode. | |
| CURLOPT_UNRESTRICTED_AUTH | TRUE to keep sending the username and password when following locations (using CURLOPT_FOLLOWLOCATION), even when the hostname has changed. | Added in PHP 5.0.0. |
| CURLOPT_UPLOAD | TRUE to prepare for an upload. | |
| CURLOPT_VERBOSE | TRUE to output verbose information. Writes output to STDERR, or the file specified using CURLOPT_STDERR. |
value should be an integer for the following values of the option parameter:
| Option | Set value to | Notes |
|---|---|---|
| CURLOPT_BUFFERSIZE | The size of the buffer to use for each read. There is no guarantee this request will be fulfilled, however. | Added in CURL 7.10 and PHP 5.0.0. |
| CURLOPT_CLOSEPOLICY | Either CURLCLOSEPOLICY_LEAST_RECENTLY_USED or CURLCLOSEPOLICY_OLDEST. There are three other CURLCLOSEPOLICY_ constants, but CURL does not support them yet. | |
| CURLOPT_CONNECTTIMEOUT | The number of seconds to wait whilst trying to connect. Use 0 to wait indefinitely. | |
| CURLOPT_DNS_CACHE_TIMEOUT | The number of seconds to keep DNS entries in memory. This option is set to 120 (2 minutes) by default. | |
| CURLOPT_FTPSSLAUTH | The FTP authentication method (when is activated): CURLFTPAUTH_SSL (try SSL first), CURLFTPAUTH_TLS (try TLS first), or CURLFTPAUTH_DEFAULT (let CURL decide). | Added in CURL 7.12.2 and PHP 5.1.0. |
| CURLOPT_HTTP_VERSION | CURL_HTTP_VERSION_NONE (default, lets CURL decide which version to use), CURL_HTTP_VERSION_1_0 (forces HTTP/1.0), or CURL_HTTP_VERSION_1_1 (forces HTTP/1.1). | |
| CURLOPT_HTTPAUTH |
The HTTP authentication method(s) to use. The options are: CURLAUTH_BASIC, CURLAUTH_DIGEST, CURLAUTH_GSSNEGOTIATE, CURLAUTH_NTLM, CURLAUTH_ANY, and CURLAUTH_ANYSAFE. You can use the bitwise | (or) operator to combine more than one method. If you do this, CURL will poll the server to see what methods it supports and pick the best one. CURLAUTH_ANY is an alias for CURLAUTH_BASIC | CURLAUTH_DIGEST | CURLAUTH_GSSNEGOTIATE | CURLAUTH_NTLM. CURLAUTH_ANYSAFE is an alias for CURLAUTH_DIGEST | CURLAUTH_GSSNEGOTIATE | CURLAUTH_NTLM. | Added in PHP 5.0.0. |
| CURLOPT_INFILESIZE | The expected size, in bytes, of the file when uploading a file to a remote site. | |
| CURLOPT_LOW_SPEED_LIMIT | The transfer speed, in bytes per second, that the transfer should be below during CURLOPT_LOW_SPEED_TIME seconds for PHP to consider the transfer too slow and abort. | |
| CURLOPT_LOW_SPEED_TIME | The number of seconds the transfer should be below CURLOPT_LOW_SPEED_LIMIT for PHP to consider the transfer too slow and abort. | |
| CURLOPT_MAXCONNECTS | The maximum amount of persistent connections that are allowed. When the limit is reached, CURLOPT_CLOSEPOLICY is used to determine which connection to close. | |
| CURLOPT_MAXREDIRS | The maximum amount of HTTP redirections to follow. Use this option alongside CURLOPT_FOLLOWLOCATION. | |
| CURLOPT_PORT | An alternative port number to connect to. | |
| CURLOPT_PROXYAUTH | The HTTP authentication method(s) to use for the proxy connection. Use the same bitmasks as described in CURLOPT_HTTPAUTH. For proxy authentication, only CURLAUTH_BASIC and CURLAUTH_NTLM are currently supported. | Added in CURL 7.10.7 and PHP 5.1.0. |
| CURLOPT_PROXYPORT | The port number of the proxy to connect to. This port number can also be set in CURLOPT_PROXY. | Added in PHP 5.0.0. |
| CURLOPT_PROXYTYPE | Either CURLPROXY_HTTP (default) or CURLPROXY_SOCKS5. | Added in CURL 7.10 and PHP 5.0.0. |
| CURLOPT_RESUME_FROM | The offset, in bytes, to resume a transfer from. | |
| CURLOPT_SSL_VERIFYHOST | 1 to check the existence of a common name in the SSL peer certificate. 2 to check the existence of a common name and also verify that it matches the hostname provided. | |
| CURLOPT_SSLVERSION | The SSL version (2 or 3) to use. By default PHP will try to determine this itself, although in some cases you must set this manually. | |
| CURLOPT_TIMECONDITION | How CURLOPT_TIMEVALUE is treated. Use CURL_TIMECOND_IFMODSINCE to return the page only if it has been modified since the time specified in CURLOPT_TIMEVALUE. If it hasn't been modified, a "304 Not Modified" header will be returned assuming CURLOPT_HEADER is TRUE. Use CURL_TIMECOND_ISUNMODSINCE for the reverse effect. CURL_TIMECOND_IFMODSINCE is the default. | Added in PHP 5.1.0. |
| CURLOPT_TIMEOUT | The maximum number of seconds to allow CURL functions to execute. | |
| CURLOPT_TIMEVALUE | The time in seconds since January 1st, 1970. The time will be used by CURLOPT_TIMECONDITION. By default, CURL_TIMECOND_IFMODSINCE is used. |
value should be a string for the following values of the option parameter:
| Option | Set value to | Notes |
|---|---|---|
| CURLOPT_CAINFO | The name of a file holding one or more certificates to verify the peer with. This only makes sense when used in combination with CURLOPT_SSL_VERIFYPEER. | |
| CURLOPT_CAPATH | A directory that holds multiple CA certificates. Use this option alongside CURLOPT_SSL_VERIFYPEER. | |
| CURLOPT_COOKIE | The contents of the "Set-Cookie: " header to be used in the HTTP request. | |
| CURLOPT_COOKIEFILE | The name of the file containing the cookie data. The cookie file can be in Netscape format, or just plain HTTP-style headers dumped into a file. | |
| CURLOPT_COOKIEJAR | The name of a file to save all internal cookies to when the connection closes. | |
| CURLOPT_CUSTOMREQUEST |
A custom request method to use instead of
"GET" or "HEAD" when doing
a HTTP request. This is useful for doing
"DELETE" or other, more obscure HTTP requests.
Valid values are things like "GET",
"POST", "CONNECT" and so on;
i.e. Do not enter a whole HTTP request line here. For instance,
entering "GET /index.html HTTP/1.0\r\n\r\n"
would be incorrect.
| |
| CURLOPT_EGBSOCKET | Like CURLOPT_RANDOM_FILE, except a filename to an Entropy Gathering Daemon socket. | |
| CURLOPT_ENCODING | The contents of the "Accept-Encoding: " header. This enables decoding of the response. Supported encodings are "identity", "deflate", and "gzip". If an empty string, "", is set, a header containing all supported encoding types is sent. | Added in CURL 7.10. |
| CURLOPT_FTPPORT | The value which will be used to get the IP address to use for the FTP "POST" instruction. The "POST" instruction tells the remote server to connect to our specified IP address. The string may be a plain IP address, a hostname, a network interface name (under Unix), or just a plain '-' to use the systems default IP address. | |
| CURLOPT_INTERFACE | The name of the outgoing network interface to use. This can be an interface name, an IP address or a host name. | |
| CURLOPT_KRB4LEVEL | The KRB4 (Kerberos 4) security level. Any of the following values (in order from least to most powerful) are valid: "clear", "safe", "confidential", "private".. If the string does not match one of these, "private" is used. Setting this option to NULL will disable KRB4 security. Currently KRB4 security only works with FTP transactions. | |
| CURLOPT_POSTFIELDS | The full data to post in a HTTP "POST" operation. | |
| CURLOPT_PROXY | The HTTP proxy to tunnel requests through. | |
| CURLOPT_PROXYUSERPWD | A username and password formatted as "[username]:[password]" to use for the connection to the proxy. | |
| CURLOPT_RANDOM_FILE | A filename to be used to seed the random number generator for SSL. | |
| CURLOPT_RANGE | Range(s) of data to retrieve in the format "X-Y" where X or Y are optional. HTTP transfers also support several intervals, separated with commas in the format "X-Y,N-M". | |
| CURLOPT_REFERER | The contents of the "Referer: " header to be used in a HTTP request. | |
| CURLOPT_SSL_CIPHER_LIST | A list of ciphers to use for SSL. For example, RC4-SHA and TLSv1 are valid cipher lists. | |
| CURLOPT_SSLCERT | The name of a file containing a PEM formatted certificate. | |
| CURLOPT_SSLCERTPASSWD | The password required to use the CURLOPT_SSLCERT certificate. | |
| CURLOPT_SSLCERTTYPE | The format of the certificate. Supported formats are "PEM" (default), "DER", and "ENG". | Added in CURL 7.9.3 and PHP 5.0.0. |
| CURLOPT_SSLENGINE | The identifier for the crypto engine of the private SSL key specified in CURLOPT_SSLKEY. | |
| CURLOPT_SSLENGINE_DEFAULT | The identifier for the crypto engine used for asymmetric crypto operations. | |
| CURLOPT_SSLKEY | The name of a file containing a private SSL key. | |
| CURLOPT_SSLKEYPASSWD |
The secret password needed to use the private SSL key specified in
CURLOPT_SSLKEY.
| |
| CURLOPT_SSLKEYTYPE | The key type of the private SSL key specified in CURLOPT_SSLKEY. Supported key types are "PEM" (default), "DER", and "ENG". | |
| CURLOPT_URL | The URL to fetch. You can also set this when initializing a session with curl_init(). | |
| CURLOPT_USERAGENT | The contents of the "User-Agent: " header to be used in a HTTP request. | |
| CURLOPT_USERPWD | A username and password formatted as "[username]:[password]" to use for the connection. |
value should be an array for the following values of the option parameter:
| Option | Set value to | Notes |
|---|---|---|
| CURLOPT_HTTP200ALIASES | An array of HTTP 200 responses that will be treated as valid responses and not as errors. | Added in CURL 7.10.3 and PHP 5.0.0. |
| CURLOPT_HTTPHEADER | An array of HTTP header fields to set. | |
| CURLOPT_POSTQUOTE | An array of FTP commands to execute on the server after the FTP request has been performed. | |
| CURLOPT_QUOTE | An array of FTP commands to execute on the server prior to the FTP request. |
value should be a stream resource (using fopen(), for example) for the following values of the option parameter:
| Option | Set value to | Notes |
|---|---|---|
| CURLOPT_FILE | The file that the transfer should be written to. The default is STDOUT (the browser window). | |
| CURLOPT_INFILE | The file that the transfer should be read from when uploading. | |
| CURLOPT_STDERR | An alternative location to output errors to instead of STDERR. | |
| CURLOPT_WRITEHEADER | The file that the header part of the transfer is written to. |
value should be a string that is the name of a valid callback function for the following values of the option parameter:
| Option | Set value to | Notes |
|---|---|---|
| CURLOPT_HEADERFUNCTION | The name of a callback function where the callback function takes two parameters. The first is the CURL resource, the second is a string with the header data to be written. Using this callback function, it becomes your responsibility to write the header data. Return the number of bytes written. | |
| CURLOPT_PASSWDFUNCTION | The name of a callback function where the callback function takes three parameters. The first is the CURL resource, the second is a string containing a password prompt, and the third is the maximum password length. Return the string containing the password. | |
| CURLOPT_READFUNCTION | The name of a callback function where the callback function takes two parameters. The first is the CURL resource, and the second is a string with the data to be read. Using this callback function, it becomes your responsibility to read the data. Return the number of bytes read. Return 0 to signal EOF. | |
| CURLOPT_WRITEFUNCTION | The name of a callback function where the callback function takes two parameters. The first is the CURL resource, and the second is a string with the data to be written. Using this callback function, it becomes your responsibility to write the data. Must return the exact number of bytes written or this will fail. |
add a note
User Contributed Notes
zarko at svetlozar dot net
01-Oct-2006 07:51
01-Oct-2006 07:51
php at miggy dot org
24-Aug-2006 01:35
24-Aug-2006 01:35
Note that if you want to use a proxy and use it as a _cache_, you'll have to do:
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Pragma: "));
else by default Curl puts a "Pragma: no-cache" header in and thus force cache misses for all requests.
bendavis78 at gmail dot com
14-Jul-2006 06:58
14-Jul-2006 06:58
You can use CURLOPT_HEADERFUNCTION with a callback inside an object. This makes is it easy to capture the headers for later use. For example:
<?
class Test
{
public $headers;
//...
public function exec($opts)
{
$this->headers = array();
$opts[CURLOPT_HEADERFUNCTION] = array($this, '_setHeader');
$ch = curl_init();
curl_setopt_array($ch, $opts);
return curl_exec($ch);
}
private function _setHeader($ch, $header)
{
$this->headers[] = $header;
return strlen($header);
}
}
$test = new Test();
$opts = array(
//... your curl opts here
);
$data = $test->exec($opts);
print_r($test->headers);
?>
...something like that
(This works in php v. 5.1.4)
Philippe dot Jausions at 11abacus dot com
31-May-2006 02:31
31-May-2006 02:31
Clarification on the callback methods:
- CURLOPT_HEADERFUNCTION is for handling header lines received *in the response*,
- CURLOPT_WRITEFUNCTION is for handling data received *from the response*,
- CURLOPT_READFUNCTION is for handling data passed along *in the request*.
The callback "string" can be any callable function, that includes the array(&$obj, 'someMethodName') format.
-Philippe
mr at coder dot tv
14-Apr-2006 10:22
14-Apr-2006 10:22
Sometimes you can't use CURLOPT_COOKIEJAR and CURLOPT_COOKIEFILE becoz of the server php-settings(They say u may grab any files from server using these options). Here is the solution
1)Don't use CURLOPT_FOLLOWLOCATION
2)Use curl_setopt($ch, CURLOPT_HEADER, 1)
3)Grab from the header cookies like this:
preg_match_all('|Set-Cookie: (.*);|U', $content, $results);
$cookies = implode(';', $results[1]);
4)Set them using curl_setopt($ch, CURLOPT_COOKIE, $cookies);
Good Luck, Yevgen
giunta dot gaetano at sea-aeroportimilano dot it
27-Mar-2006 06:59
27-Mar-2006 06:59
- CURLOPT-HTTPAUTH is defined in php 4.4.2 9and maybe lower), even tough the manual says php 5.0 only...
- it is not clear from the manual what kind of http auth is carried out by default if user specifies username/pwd: it is BASIC auth
ps: note to manual writers: the version info on this page always looks a bit inaccurate, especially regarding the php version where a given option first appeared...
Dustin Hawkins
28-Dec-2005 06:24
28-Dec-2005 06:24
To further expand upon use of CURLOPT_CAPATH and CURLOPT_CAINFO...
In my case I wanted to prevent curl from talking to any HTTPS server except my own using a self signed certificate. To do this, you'll need openssl installed and access to the HTTPS Server Certificate (server.crt by default on apache)
You can then use a command simiar to this to translate your apache certificate into one that curl likes.
$ openssl x509 -in server.crt -out outcert.pem -text
Then set CURLOPT_CAINFO equal to the the full path to outcert.pem and turn on CURLOPT_SSL_VERIFYPEER.
If you want to use the CURLOPT_CAPATH option, you should create a directory for all the valid certificates you have created, then use the c_rehash script that is included with openssl to "prepare" the directory.
If you dont use the c_rehash utility, curl will ignore any file in the directory you set.
skyogre __at__ yandex __dot__ ru
22-Dec-2005 06:13
22-Dec-2005 06:13
There is really a problem of transmitting $_POST data with curl in php 4+ at least.
I improved the encoding function by Alejandro Moreno to work properly with mulltidimensional arrays.
<?php
function data_encode($data, $keyprefix = "", $keypostfix = "") {
assert( is_array($data) );
$vars=null;
foreach($data as $key=>$value) {
if(is_array($value)) $vars .= data_encode($value, $keyprefix.$key.$keypostfix.urlencode("["), urlencode("]"));
else $vars .= $keyprefix.$key.$keypostfix."=".urlencode($value)."&";
}
return $vars;
}
curl_setopt($ch, CURLOPT_POSTFIELDS, substr(data_encode($_POST), 0, -1) );
?>
phpnet at wafflehouse dot de
23-Oct-2005 09:34
23-Oct-2005 09:34
Resetting CURLOPT_FILE to STDOUT won't work by calling curl_setopt() with the STDOUT constant or a php://output stream handle (at least I get error messages when trying the code from phpnet at andywaite dot com). Instead, one can simply reset it as a side effect of CURLOPT_RETURNTRANSFER. Just say
curl_setopt($this->curl,CURLOPT_RETURNTRANSFER,0);
and following calls to curl_exec() will output to STDOUT again.
webmaster () stauceni.com
21-Oct-2005 04:42
21-Oct-2005 04:42
A little mistake, that took a half-day to fix it:
When specifing CURLOPT_COOKIEFILE or CURLOPT_COOKIEJAR options, don't forget to "chmod 777" that directory where cookie-file must be created.
mcknight at chek dot com
23-Aug-2005 11:10
23-Aug-2005 11:10
when specifing the file for either CURLOPT_COOKIEFILE or CURLOPT_COOKIEJAR you may need to use the full file path instead of just the relative path.
phpnet at andywaite dot com
08-Jun-2005 05:08
08-Jun-2005 05:08
After setting CURLOPT_FILE, you may want want to revert back to the normal behaviour of displaying the results. This can be achieved using:
$fp = fopen ("php://output", "w") or die("Unable to open stdout for writing.\n");
curl_setopt($ch, CURLOPT_FILE, $fp);
ikendra at yken dot nospam dot org
10-May-2005 12:26
10-May-2005 12:26
Using cURL, I needed to call a third-party script which was returning binary data as attachment to pass on retrieved data again as attachment.
Problem was that the third-party script occassionally returned HTTP errors and I wanted to avoid passing on zero-length attachment in such case.
Combination of using CURLOPT_FAILONERROR and CURLOPT_HEADERFUNCTION callback helped to process the third-party script HTTP errors neatly:
<?
function curlHeaderCallback($resURL, $strHeader) {
if (preg_match('/^HTTP/i', $strHeader)) {
header($strHeader);
header('Content-Disposition: attachment; filename="file-name.zip"');
}
return strlen($strHeader);
}
$strURL = 'http://www.somesite.com/script-whichs-dumps-binary-attachment.php';
$resURL = curl_init();
curl_setopt($resURL, CURLOPT_URL, $strURL);
curl_setopt($resURL, CURLOPT_BINARYTRANSFER, 1);
curl_setopt($resURL, CURLOPT_HEADERFUNCTION, 'curlHeaderCallback');
curl_setopt($resURL, CURLOPT_FAILONERROR, 1);
curl_exec ($resURL);
$intReturnCode = curl_getinfo($resURL, CURLINFO_HTTP_CODE);
curl_close ($resURL);
if ($intReturnCode != 200) {
print 'was error: ' . $intReturnCode;
}
?>
ale at desarrolloweburuguay dot com
05-May-2005 08:00
05-May-2005 08:00
I don't know if in PHP 5+ this problem is solved, but, when I send via POST using CURLOPT_POSTFIELDS some times it doesnt work an associative array as parameter... and, if I need to send non-ascii characters (like ,,,,etc..) this problem appears too.
The solution is to encode in a unique string all the post key=>values
Possibly this code doesnt work:
<?php
$post_data = array();
$post_data['var1'] = "Diseo web uruguay";
$post_data['var2'] = "Other string";
$url = "http://www.someurl.com/";
$ch = curl_init();
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_URL, );
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
$result = curl_exec($ch);
?>
But this works:
<?php
$post_data = array();
$post_data['var1'] = "Diseo web uruguay";
$post_data['var2'] = "Other string";
$url = "http://www.someurl.com/";
$o="";
foreach ($post_data as $k=>$v)
{
$o.= "$k=".utf8_encode($v)."&";
}
$post_data=substr($o,0,-1);
$ch = curl_init();
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_URL, );
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
$result = curl_exec($ch);
?>
Rgds.
Alejandro Moreno.-
azcappy at azcappy dot com
24-Mar-2005 02:03
24-Mar-2005 02:03
AZAds is a traffic exchange that we wrote. We wanted to come up with a way to check the UP or DOWN status of a submitted URL. Here is the solution we came up with. Can also be used for a site monitoring service.
<?
$uServer="$url";
@$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "$uServer");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
@curl_exec($ch);
$errnum=curl_errno($ch);
@curl_close($ch);
if($errnum != "0") {
print "Remote Site Status: DOWN";
} else {
print "Remote Site Status: UP";
}
?>
Simply feed the URL to be tested into $url. The code will check the site and return the error code if there is one and display to appropriate message.
Hope this is useful.
Keith
www.azads.net
mcknight at chek dot com
22-Feb-2005 01:38
22-Feb-2005 01:38
Another way to automate a login process and store multiple cookies for additional transfers.
(The easiest way is probably just to use CURLOPT_COOKIEJAR and CURLOPT_COOKIEFILE and save them to a file. But if you need to change those cookie values or add/delete them then you can use the code below to set them.)
Continuing with Paul Ebermann's parsing function.
function parse_response($this_response)
{
// Split response into header and body sections
list($response_headers, $response_body) = explode("\r\n\r\n", $this_response, 2);
$response_header_lines = explode("\r\n", $response_headers);
// First line of headers is the HTTP response code
$http_response_line = array_shift($response_header_lines);
if(preg_match('@^HTTP/[0-9]\.[0-9] ([0-9]{3})@',$http_response_line, $matches)) { $response_code = $matches[1]; }
// put the rest of the headers in an array
$response_header_array = array();
foreach($response_header_lines as $header_line)
{
list($header,$value) = explode(': ', $header_line, 2);
$response_header_array[$header] .= $value."\n";
}
return array("code" => $response_code, "header" => $response_header_array, "body" => $response_body);
}
// Do transfer, and make sure to include header in response
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "[login process]");
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec($ch);
curl_close($ch);
// Parse the response message
$response = parse_response($response);
// Create the basic header
$this_header = array(
"MIME-Version: 1.0",
"Content-type: text/html; charset=iso-8859-1",
"Content-transfer-encoding: text"
);
// Add each cookie that has been returned in the response
// If cookies need to be added/deleted or value changed, then add code here
$cookies = explode("\n", $response["header"]["Set-Cookie"]);
foreach($cookies as $this_cookie) { array_push($this_header, "Cookie: ".$this_cookie); }
// Next set of transfers
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "[new transfer]");
curl_setopt($ch, CURLOPT_HTTPHEADER, $this_header);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec($ch);
curl_close($ch);
Aaron Stephanic
11-Nov-2004 01:51
11-Nov-2004 01:51
The parse_response code below does not return multiple cookies as the value of 'Set-Cookie' if multiple cookies are set by the server. It appears to only return the last cookie set.
Yura Pylypenko (plyrvt at mail dot ru)
09-Oct-2004 05:10
09-Oct-2004 05:10
Each example of CURLOPT_POSTFIELDS in these comments has missing urlencode() on variable values. This should be applied according to RFC1738
<?php
$vars=null;
foreach($data as $key=>$value)
if($key && $value)
$vars.=$key."=".urlencode($value)."&";
?>
Paul dot Ebermann at esperanto dot de
22-Aug-2004 11:51
22-Aug-2004 11:51
I changed the parse_response() function given by "brett at brettbrewer dot com", so it now ignores 1xx-responses, which may come before the real response.
<?php
function parse_response($response){
/*
***original code extracted from examples at
***http://www.webreference.com/programming
/php/cookbook/chap11/1/3.html
***returns an array in the following format which varies depending on headers returned
[0] => the HTTP error or response code such as 404
[1] => Array
(
[Server] => Microsoft-IIS/5.0
[Date] => Wed, 28 Apr 2004 23:29:20 GMT
[X-Powered-By] => ASP.NET
[Connection] => close
[Set-Cookie] => COOKIESTUFF
[Expires] => Thu, 01 Dec 1994 16:00:00 GMT
[Content-Type] => text/html
[Content-Length] => 4040
)
[2] => Response body (string)
*/
do
{
list($response_headers,$response) = explode("\r\n\r\n",$response,2);
$response_header_lines = explode("\r\n",$response_headers);
// first line of headers is the HTTP response code
$http_response_line = array_shift($response_header_lines);
if (preg_match('@^HTTP/[0-9]\.[0-9] ([0-9]{3})@',$http_response_line,
$matches)) {
$response_code = $matches[1];
}
else
{
$response_code = "Error";
}
}
while (substr($response_code, 0,1) == "1");
$response_body = $response;
// put the rest of the headers in an array
$response_header_array = array();
foreach ($response_header_lines as $header_line) {
list($header,$value) = explode(': ',$header_line,2);
$response_header_array[$header] = $value;
}
return array($response_code,$response_header_array,$response_body);
}
?>
raul at navenetworks dot com
22-Jul-2004 04:19
22-Jul-2004 04:19
Hi!
I have found some information I am sure it could help lot of programmers when they want to connect with curl to any https website and they haven't a good or right CA Cert :)
I give you just one example It has resolved me 2 hours of my time looking for a solution.
It is simple, just if you get any error in the curl_exec (use curl_error(...) to see the error to trace it) add the next line and everything is solved:
(note: replace $ch with the right curl variable)
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
<?php
$ch = curl_init();
$res= curl_setopt ($ch, CURLOPT_URL,"https://yoururl/cgi");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "Idc=si&");
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
$xyz = curl_exec ($ch);
curl_close ($ch);
echo $xyz;
if ($xyz == NULL) {
echo "Error:<br>";
echo curl_errno($ch) . " - " . curl_error($ch) . "<br>";
}
?>
I hope this helps.
Raul Mate Galan
Ceo Navenetworks Corp.
Note: Thanks to Ruben Lopez Gea for his help too.
ron at ttvavanti dot nl
07-May-2004 11:00
07-May-2004 11:00
If you specify a CAINFO, note that the file must be in PEM format! (If not, it won't work).
Using Openssl you can use:
openssl x509 -in <cert> -inform d -outform PEM -out cert.pem
To create a pem formatted certificate from a binary certificate (the one you get if you download the ca somewhere).
brett at brettbrewer dot com
29-Apr-2004 10:48
29-Apr-2004 10:48
I found it very annoying that cURL did not offer any easy way to extract the response headers. If you do
curl_setopt($ch, CURLOPT_HEADER, 1);
then you only get the headers output inline with the rest of your response. Here's a nice little function to parse the cURL response when you use CURLOPT_HEADER. I took it from an example on another site and turned it into a function. It assumes you're using CURLOPT_RETURNTRANSFER to return the response to some variable that is then passed to the function. You just pass it a curl_exec result and it returns the result parsed into an array with headers broken up into their correct parts.
<?php
function parse_response($response){
/*
***original code extracted from examples at
***http://www.webreference.com/programming
/php/cookbook/chap11/1/3.html
***returns an array in the following format which varies depending on headers returned
[0] => the HTTP error or response code such as 404
[1] => Array
(
[Server] => Microsoft-IIS/5.0
[Date] => Wed, 28 Apr 2004 23:29:20 GMT
[X-Powered-By] => ASP.NET
[Connection] => close
[Set-Cookie] => COOKIESTUFF
[Expires] => Thu, 01 Dec 1994 16:00:00 GMT
[Content-Type] => text/html
[Content-Length] => 4040
)
[2] => Response body (string)
*/
list($response_headers,$response_body) = explode("\r\n\r\n",$response,2);
$response_header_lines = explode("\r\n",$response_headers);
// first line of headers is the HTTP response code
$http_response_line = array_shift($response_header_lines);
if (preg_match('@^HTTP/[0-9]\.[0-9] ([0-9]{3})@',$http_response_line,
$matches)) {
$response_code = $matches[1];
}
// put the rest of the headers in an array
$response_header_array = array();
foreach ($response_header_lines as $header_line) {
list($header,$value) = explode(': ',$header_line,2);
$response_header_array[$header] = $value;
}
return array($response_code,$response_header_array,$response_body);
}
?>
Jakub Horky <jakub dot php at horky dot net>
05-Apr-2004 04:20
05-Apr-2004 04:20
A bit more documentation (without minimum version numbers):
- CURLOPT_WRITEFUNCTION
- CURLOPT_HEADERFUNCTION
Pass a function which will be called to write data or headers respectively. The callback function prototype:
long write_callback (resource ch, string data)
The ch argument is CURL session handle. The data argument is data received. Note that its size is variable. When writing data, as much data as possible will be returned in all invokes. When writing headers, exactly one complete header line is returned for better parsing.
The function must return number of bytes actually taken care of. If that amount differs from the amount passed to this function, an error will occur.
- CURLOPT_READFUNCTION
Pass a function which will be called to read data. The callback function prototype:
string read_callback (resource ch, resource fd, long length)
The ch argument is CURL session handle. The fd argument is file descriptor passed to CURL by CURLOPT_INFILE option. The length argument is maximum length which can be returned.
The function must return string containing the data which were read. If length of the data is more than maximum length, it will be truncated to maximum length. Returning anything else than a string means an EOF.
[Note: there is more callbacks implemented in current cURL library but they aren't unfortunately implemented in php curl interface yet.]
tim dot php at ebw dot ca
19-Nov-2003 10:18
19-Nov-2003 10:18
The page http://curl.haxx.se/libcurl/c/curl_easy_setopt.html at the cURL site has a list of all the CURLOPTS, including many not mentioned here. Also see http://curl.haxx.se/libcurl/php/examples/ for cURL examples in PHP.
me
15-May-2003 12:36
15-May-2003 12:36
Just a reminder: When setting your CURLOPT_POSTFIELDS remember to replace the spaces in your values with %20
joeldegan AT yahoo.com
25-Feb-2003 05:38
25-Feb-2003 05:38
Often times people ask about how to get data from secure servers.
Here is an example of getting the balance page from Paypal
<?
# script by Joel De Gan
# http://listbid.com
function GetCurlPage ($pageSpec) {
$agent = "up.b";
$header[] = "Accept: text/vnd.wap.wml,*.*";
$ch = curl_init($pageSpec);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_VERBOSE, 1); ########### debug
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt ($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_COOKIEJAR, "cook");
curl_setopt($ch, CURLOPT_COOKIEFILE, "cook");
$tmp = curl_exec ($ch);
curl_close ($ch);
return $tmp;
}
function PostCurlPage ($pageSpec, $data) {
$agent = "up.b";
$header[] = "Accept: text/vnd.wap.wml,*.*";
$ch = curl_init($pageSpec);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_VERBOSE, 1); ########### debug
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt ($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_COOKIEJAR, "cook");
curl_setopt($ch, CURLOPT_COOKIEFILE, "cook");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
$tmp = curl_exec ($ch);
curl_close ($ch);
return $tmp;
}
$first = GetCurlPage("https://www.paypal.com/cgi-bin/phscr?cmd=login");
$exp = explode("=", $first);
$id = explode("\"", $exp[16]);
$second = PostCurlPage("https://www.paypal.com/cgi-bin/phscr?rs=".$id[0], "email=EMAIL@HOST.COM&pass=YOUR_PP_PASS&cmd=login-submit-pass");
echo $second."\n\n";
?>
yann dot corno at free dot fr
13-Nov-2002 08:19
13-Nov-2002 08:19
About the CURLOPT_HTTPHEADER option, it took me some time to figure out how to format the so-called 'Array'. It fact, it is a list of strings. If Curl was already defining a header item, yours will replace it. Here is an example to change the Content Type in a POST:
curl_setopt ($ch, CURLOPT_HTTPHEADER, Array("Content-Type: text/xml"));
Yann
24-Oct-2002 03:04
beware that not all cURLlib constants are supported under php :
e.g. CURLOPT_PROGRESSFUNCTION or CURLOPT_WRITEDATA are not supported.
CURLOPT_WRITEFUNCTION, although undocumented is supported. It takes the name of a user_defined function.
the function should take two arguments (the curl handle, and the inputdata) and return the length of the written data
e.g.
function myPoorProgressFunc($ch,$str){
global $fd;
$len = fwrite($fd,$str);
print("#");
return $len;
}
curl_setopt($ch,CURLOPT_WRITEFUNCTION,"myPoorProgressFunc");
Also be aware that CURLOPT_WRITEFUNCTION does NOT take the CURLOPT_FILE as a parameter!
in curl lib it would take CURLOPT_WRITEDATA but this is not supported by php; that's why I use "global $fd;" in my exemple function.
CURLOPT_HEADERFUNCTION works the same, and is guaranteed to receive complete header lines as input!
Hope this helps
Ivan
m dot fische at gmx dot net
09-Oct-2002 06:42
09-Oct-2002 06:42
note: if your option comes from a variable eg:
$option = "CURLOPT_RETURNTRANSFER";
$value = "1";
this will fail:
curl_setopt($ch,$option,$value);
because the curl option is a constant.
use the function constant() to get the value:
curl_setopt($ch,constant($option),$value);
mrcheezy at hotmail dot com
14-Sep-2002 05:34
14-Sep-2002 05:34
If you set return transfer to 1 and are sending a post form and find that this crashes php try setting follow location to 1 also. I'm not exactly sure why this crashed, but after i used follow it stopped.
curl_setopt ($sess, CURLOPT_FOLLOWLOCATION, '1');
curl_setopt ($sess, CURLOPT_RETURNTRANSFER, '1');
paul at zgtec dot com
27-Aug-2002 05:31
27-Aug-2002 05:31
To make a POST in multipart/form-data mode
this worked for me, the " \n" at the end of the variables was very important on my OS X server.
<?php
$file = "file_to_upload.txt";
$submit_url = "http://www.url_to_upload_to.com/upload_page.php";
$formvars = array("cc"=>"us \n");
$formvars[variable_1] = "bla bla \n";
$formvars[variable_2] = "bla bla \n";
$formvars[variable_3] = "bla bla \n";
$formvars[variable_4] = "bla bla \n";
$formvars[upfile] = "@$file"; // "@" causes cURL to send as file and not string (I believe)
// init curl handle
$ch = curl_init($submit_url);
curl_setopt($ch, CURLOPT_COOKIEJAR, "my_cookies.txt"); //initiates cookie file if needed
curl_setopt($ch, CURLOPT_COOKIEFILE, "my_cookies.txt"); // Uses cookies from previous session if exist
curl_setopt($ch, CURLOPT_REFERER, "http://www.last_url_for_referer_logs.com"); //if server needs to think this post came from elsewhere
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION,1); // follow redirects recursively
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $formvars);
// perform post
echo $pnp_result_page = curl_exec($ch);
curl_close ($ch);
?>
jckim at iquick4u dot com
16-Apr-2002 11:05
16-Apr-2002 11:05
#!/usr/local/bin/php -q
<?php
$id = "xxxx";
$pw = "xxxx";
$LOGINURL = "http://login.daum.net/Mail-bin/login.cgi";
$GETURL = "http://www.daum.net/Mail-bin/mail_list";
$POSTFIELDS = "id=$id&pw=$pw";
function AUTH_SITE_COOKIE_STORE($LOGINURL,$POSTFIELDS)
{
$parseURL = parse_url($LOGINURL);
$ch = curl_init();
curl_setopt($ch, CURLOPT_COOKIEJAR, "$parseURL[host].cookie");
curl_setopt($ch, CURLOPT_URL,"$LOGINURL");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "$POSTFIELDS");
ob_start();
curl_exec ($ch);
ob_end_clean();
curl_close ($ch);
return "$parseURL[host].cookie";
}
function AUTH_SITE_GET($GETURL,$cookieFile)
{
$parseURL = parse_url($GETURL);
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_COOKIEFILE, "$cookieFile");
curl_setopt($ch, CURLOPT_URL,"$GETURL");
$result = curl_exec ($ch);
curl_close ($ch);
$fp = fopen ("$parseURL[host].html", "w");
fwrite($fp,$result);
fclose ($fp);
return $result;
}
$cookieFile = AUTH_SITE_COOKIE_STORE($LOGINURL,$POSTFIELDS);
echo $result = AUTH_SITE_GET($GETURL,$cookieFile);
?>
tychay at alumni dot caltech dot edu
03-Apr-2002 05:14
03-Apr-2002 05:14
CURLOPT_HTTPHEADER is NOT like the -H command line switch. The command line switch adds or replaces headers (much like the header() line in PHP, but for HTTP clients instead of servers), but the curl extension will eliminate the headers cURL sends by default.
For instance, your Authorization, Host, Referer, Pragma, and Accept headers which are normally written by default or by other CURLOPT_*'s.
Also, it might seem intuitive that this should accept an array hash of header->values, but this is not the case. It accepts an array of strings of the format "Header: Value", much like the -H command-line switch.
Hope this helps,
terry
asmith at crawlspace dot com
01-Mar-2002 11:18
01-Mar-2002 11:18
It's possible to take advantage of multiple URLs on the same host in one curl_exec transaction ... just use multiple instances of CURLOPT_URL.
Example:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://foo.com/a.html");
curl_setopt($ch, CURLOPT_URL, "http://foo.com/b.html");
curl_setopt($ch, CURLOPT_URL, "http://foo.com/c.html");
curl_exec($ch);
curl_close($ch);
... the URLs appear to be hit in the same order they are entered. This takes advantage of cURL's Persistant Connection capability if all the URLs are on the same host!
bvwj at swbell dot net
18-Dec-2001 05:35
18-Dec-2001 05:35
To collect cookies recieved with a request, set CURLOPT_COOKIEJAR "cookieFileName". Then use CURLOPT_COOKIEFILE "cookieFileName" to recall them in subsequent transactions.
23-Sep-2001 12:52
To make a POST in multipart/form-data mode
(to upload a file for example) you can use
curl_setopt($ch,CURLOPT_POSTFIELDS,$post);
where $post is an array :
$post['key1'] = 'data1'
// like a text field in a POST
$post['file1'] = '@filename1'
// upload filename1
For more informations see the
curl_formparse man page.
sr2899.at.hotmail.com
15-May-2001 05:00
15-May-2001 05:00
CURLOPT_RETURNTRANSFER has the interesting behaviour of tacking a null char onto the end of the string. This null char is actually on the end of the php string, and can cause some odd results if you're not expecting it to be there.
fil at rezox dot com
22-Feb-2001 09:50
22-Feb-2001 09:50
If you want to connect to a secure server for posting info/reading info, you need to make cURL with the openSSL options. Then the sequence is nearly identical to the previous example (except http_S_://, and possibly add the useragent):
curl_setopt($ch, CURLOPT_URL,"https://secure.website.com");
//some sites only accept your request if your browser looks legit, so send a useragent profile...
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
bvr at xs4all dot nl
07-Feb-2001 11:09
07-Feb-2001 11:09
If you'd like to include extra headers in your POST request, you can accomplish this by setting the following option:
CURLOPT_HTTPHEADER
This is similar to the CURL -H command line switch.
Thanks to Daniel Stenberg for pointing out this usefull feature!
Note: this option was first supported in PHP version 4.03 .
awestholm at imail dot usi dot net
26-Jan-2001 03:33
26-Jan-2001 03:33
Just because the docs are rather sparse on this, to set multiple values in a cookie, you separate them with a semicolon, as usual. An example, yo set j to j and k to k:
curl_setopt($ch,CURLOPT_COOKIE,"j=j;k=k");
-- Alex