I access a REST api service that utilizes a variable called session_id. The API calls for this to be stored in a cookie and I accomplish this as follows:
$ch = curl_init(); // initialize curl handle
curl_setopt($ch, CURLOPT_URL, $url); //set target URL
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);// allow redirects
curl_setopt($ch, CURLOPT_COOKIEFILE, './Cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEJAR, './Cookie.txt');
curl_setopt($ch, CURLOPT_POST, TRUE); // set POST method
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); //set headers
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_HEADER, TRUE); //return the headers so we can get session id
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, FALSE); //prevent unverified SSL certificate error
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE); //prevent unverified SSL ""
$contents = curl_exec($ch);
curl_close($ch);
Now the problem is this is called many different times by many different users. (so many different cookie files have to be saved) I’d like a way to simply store the session_id in a variable instead of referencing the cookie file. So far all my attempts are rejected by the service. Can anyone suggest methods to store the session id and cookie information without saving it to a file? Note that reading the session id is no problem, it’s returned in XML. For some reason passing it back without referencing the actual generated file does not pass security credentials. Any more information as to why this might be would also be helpful.
Cookies are simple text headers sent along with the request. CURL allows you to specify those directly using
CURLOPT_COOKIE.If you know what information to send, you can construct your own cookie header this way. The COOKIEJAR/COOKIEFILE options just automate parsing, saving and sending. You’ll have to do that manually (read received Cookie headers, create Cookie headers to be send), if you don’t want to write to a file.