php CURL - multiple independent sessions - need help!
Here is my dilemma... I basically have a script which by means of CURL posts to a 3rd party website to perform a login and then makes another post to update a users details based on that login session. Now as my site is getting busy I have multiple users doing the same thing and it seems that on occasion curl is getting confused and updating one users details with a different users information. This is causing real problems. It seems to be that the cookie开发者_如何转开发 which is being used by a user after one login is being shared by other users and they end up logging in with the same cookie - confusing the 3rd party system. My code is posted below and I need to use the cookiefile and cookiejar to maintain the php session to allow me to do what I need to do. But it seems like the same cookie is being reused by all users.... Does that make sense? Is there anything I can do to change this? Please advise.... Thanks so much!
Below is the code i use to both login and post the user update
function hitForm($postURL, $postFields, $referer="", $showerr = FALSE, $ispost = TRUE) {
global $islocal, $path_escape;
$ch = curl_init();
curl_setopt($ch, CURLOPT_COOKIEJAR, "cookies.txt");
curl_setopt($ch, CURLOPT_COOKIEFILE, "cookies.txt");
curl_setopt($ch, CURLOPT_URL, $postURL);
if ($ispost)
curl_setopt($ch, CURLOPT_POST, 1);
else
curl_setopt($ch, CURLOPT_HTTPGET, 1);
curl_setopt($ch, CURLOPT_REFERER, $referer);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postFields);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
$ret = curl_exec($ch);
if ($error = curl_error($ch)) {
if ($showerr)
echo 'ERROR: ' . $error;
return -1;
exit;
}
$CU_header = curl_getinfo($ch);
$CU_header["err"] = curl_errno($ch);
$CU_header["errmsg"] = curl_error($ch);
curl_close($ch);
$returnout = $ret;
//for debugging purposes for now we are logging all form posts
SaveLog("hitform", "F[".$this->curruserid." - ".$this->currfunc." - ".date("d-m-y h:i:s")."]".$postFields);
return $ret;
}
You're using the same cookies.txt file for each session, so that's where the shared cookie problem is coming from. You'd need to specify a seperate file for each parallel session you want to run.
You are using a shared cookie jar for all users. Each user needs a separate cookie jar.
You need to use different cookie files for each user.
I assume your postFields includes some unique identifier for each user (like a user id, or a username), so try something like:
$cookie_file = 'cookies_' . $postFields['user_id'] . '.txt';
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file);
As far as I understand the problem, your script is getting wrong user information. How do you store user info anyway?
I'd say that's the source of the problem - you don't assign a unique identifier to user info, and that's where it gets nasty ;)
So, first of all, I'd associate session id with user information (or let's say, store user information in session, which is unique for everyone), and load it from there. And I guess it should do the trick ;)
精彩评论