next »

[nattsurfaren]

I want to speed up submitting with an auto submitter tool.
So if I'm using curl in php I first load the page and save cookies in a file.
Then I submit the page with the given cookies.

So lets say I want to submit immediately without loading the page first then I need to generate the cookie file myself because I'm reading cookies from  a web browser.

Will I get any problems just submitting without loading if I generate a cookie file?

curl gave me this example in the cookie file:

Code:

# Netscape HTTP Cookie File
# http://curlm.haxx.se/rfc/cookie_spec.html
# This file was generated by libcurl! Edit at your own risk.

www.mydomain.info FALSE / FALSE 1216591646 user Alex+Porter

I don't understand the format. I tried to understand the spec but couldn't find any match for this example.


How do I figure this out?
Where can I find information of the parameters?

I appreciate any help you can offer on this.

Cheers!
Natt

[perkiset]

The problem is that the cookie value *may* be matching a session ID on the server side... so you may generate a cookie but it might be meaningless to the server.

On the other hand, if this is not the case, then a cookie value is a very simple name/value pair sent up to the server just like POST parameters. You can see an example of exactly how they must look by downloading the webRequest2 class in the php repository here - look at the function that builds the header - you'll see that the "cookie string" or the header containing cookies is pretty darn simple to construct. I am not sure, but I believe that cookies are set with a property or member function or something with cURL - it's not tough.

[nattsurfaren]

Thanks for your response
I will check out your class.
I read a bit more about cookies and there is also an Expires member that need to be considered I think.

/Natt

[nutballs]

actually I dont think 'expires' is readable by the server? I think it is only set by the server. I could be wrong though. But anyway, even if it can, I doubt it is being read, since its actually for the browser to know when it can toss out the cookie.

if they are not matching any key info, then faking a cookie is the way to go. But most likely they are, since otherwise, really what is the point in a temporary cookie, but to track a user across transactions.

[nop_90]

IMHO easiest to load the page first, do what u need to get the cookies etc.
It is only 1 page load, and if u enable gzip compression etc, uses very little BW.

[vsloathe]

Yeah, you can specify a header with cURL.

curl_setopt($ch, CURLOPT_HTTPHEADER, $header);

or something like that.

I typically do it that way because it gives me more control than allowing a cookie file to just do all the storage.

[perkiset]

expires is a value sent from the server to the client, so that it will be invalid after a certain period of time. I don't think it is passed back to the server.

[nattsurfaren]

Thanks for your help.

BTW How do you deal with cookies and javascript. I'm a bit worried about that curl, webRequest2 or snoopy could get a different cookie than from a  browser that handle javascript. figure I could solve this to just insert the missing information along with the fetched cookie data.
I don't really know how I should handle this. Maybe there is method for reading and writing cookie members that I don't know of so that I don't have to figure out cookie.txt file.

Any help on this is most appreciated.

Sincerely
Natt

[nutballs]

you want to get really worried, what about cookies that are requested via ajax, after the page has finished loading. 

[nattsurfaren]

you want to get really worried, what about cookies that are requested via ajax, after the page has finished loading. 

Ajax can be Evil