I'm trying to authenticate a user using fsockopen(), get the session id and pass it to subsequent page requests I make using fsockopen(). I can successfully authenticate the user by sending required username/password values to the login page. When I read the response, I was under the impression the session would be contained in the header "Set-Cookie" that is returned. I have tried using this value however with no luck.
Secondly when I have the correct session value how do I pass it to subsequent pages? just via ?PHPSESSID=abc ? thanks for the help.
fsockopen() and sessions
Moderator: General Moderators
Re: fsockopen() and sessions
put session_start(); at the top of the page to initiate the session
session_id() returns the current session id and the global array $_SESSION[''] allows you to get and put values.
e.g.
example code would output
f52299eb60b30025a21c7cb43878bcc7 Hello World!
(although your session id will be different).
session_id() returns the current session id and the global array $_SESSION[''] allows you to get and put values.
e.g.
Code: Select all
<?php
session_start();
$_SESSION['test'] = 'Hello World!';
echo session_id() . " " . $_SESSION['test'];
?>
f52299eb60b30025a21c7cb43878bcc7 Hello World!
(although your session id will be different).
Re: fsockopen() and sessions
Thanks for your response, but I'm not sure it's as simple as that. I'm aware of how to use sessions and the $_SESSION array, and have tried what you suggested without luck. The problem lies in getting the correct session id set as a result of sending a request via fsockopen e.g.
Now I know from the data I get in $response that the request has been authenticated using the details I submit. What I need to know is the PHPSESSID from that response somehow, so as I can pass it to future requests using fsockopen(), thanks.
Code: Select all
$request = "POST /login.php HTTP/1.1\n " .
"Host: http://www.example.com\n " .
"User-Agent: Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 6.0)\n " .
"Content-Type: application/x-www-form-urlencoded\n " .
"Connection: keep-alive\n " .
"Content-Length: 38\n " .
"\n " .
"username=abcd&password=1234\n";
fwrite($fp, $request);
while (!feof($fp)) {
$response[] = fgets($fp, 128);
}
Re: fsockopen() and sessions
Fixed via getting the session from the response header "Set-Cookie: session=abcd" and sending this via "Cookie: session=abcd" in subsequent requests, simple really 