Avatar of Xplisit
Xplisit asked on

PHP fsockopen Cookie Problem

I am having a problem with my PHP script expiring cookies.

I'm using fsockopen to do a POST to a forum with the login details then using explode to grab the Cookie headers and after that using another fsockopen to do a GET to view a thread.

The problem is, the minute it logs in and takes the cookies, those cookies expire and no longer work on the second fsockopen.

I've tried manually logging in using my browser and taking the cookies and adding them to my GET fsockopen and it works well the first time but the minute you try the script again by refreshing or something, the cookie is expired and no longer works.

Is there a fix for this so PHP does not expire cookies? I'm guessing it's producing the same effect as me closing my browser which gets rid of session cookies.
PHP

Avatar of undefined
Last Comment
Ray Paseur

8/22/2022 - Mon
Ray Paseur

Please post your code.  It's not easy to guess what is going on without seeing it.
ASKER
Xplisit

Here is the part i'm having trouble at.
$e = '';
$fp = fsockopen($tosearch, 80, $errno, $errstr, 30);
    $out = "POST /login.php HTTP/1.1\r\n";
    $out .= "Host: www.".$tosearch."\r\n";
    $out .= "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.14)  Gecko/20080404 Firefox/2.0.0.14\r\n";
    $out .= "Accept:  text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/pn g,*/*;q=0.5\r\n";
    $out .= "Accept-Language: en-us,en;q=0.5\r\n";
    $out .= "Accept-Encoding: gzip,deflate\r\n";
    $out .= "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n";
    $out .= "Keep-Alive: 300\r\n";
    $out .= "Content-Type: application/x-www-form-urlencoded\r\n";
    $out .= "Content-Length: 72\r\n";
    $out .= "Connection: Keep-Alive\r\n\r\n";
    $out .= "username=REMOVED&password=REMOVED&autologin=on&redirect=&login=Log+in";
    fwrite($fp, $out);
    while (!feof($fp)) {
        $e.=fgets($fp, 128000);
    }
    fclose($fp);
$source = $d;
$lol = explode("Set-Cookie: phpBB_data=", $source);
$lol2 = explode(";",$lol[1]);
$bbdata = $lol2[0];
$lol3 = explode("Set-Cookie: phpBB_sid=", $source);
$lol4 = explode(";",$lol3[1]);
$bbcid = $lol4[0];
$thread = "1234778";
$d = '';
$fp = fsockopen($tosearch, 80, $errno, $errstr, 30);
    $out = "GET /viewtopic.php?t=".$thread." HTTP/1.1\r\n";
    $out .= "Host: www.".$tosearch."\r\n";
    $out .= "Cookie: phpBB_data=".$bbdata."; phpBB_sid=".$bbcid.";\r\n";
    $out .= "Keep-Alive: 300\r\n";
    $out .= "Connection: Keep-Alive\r\n\r\n";
    fwrite($fp, $out);
    while (!feof($fp)) {
        $d.=fgets($fp, 128000);
    }
    fclose($fp);
$source = $d;

Open in new window

Ray Paseur

Xplisit: I think your instincts are correct about the second fsockopen causing the cookies to "expire"

Please see the code snippet - this is a segment from the script I use for PayPal instant payment notification.  Note that after the fsockopen I can do both puts and gets, and I don't need to do a different fsockopen().

HTH, ~Ray
// READ THE POST FROM PayPal AND ADD 'cmd'
$postdata	= '';
$req		= 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
	$postdata	.= "\n $key = $value ";				// SAVE THE COLLECTION
	$$key		= trim($value);						// ASSIGN LOCAL VARIABLES
	$value		= urlencode(stripslashes($value));	// ENCODE FOR BOUNCE-BACK
	$req		.= "&$key=$value";
}
 
// POST BACK TO PayPal SYSTEM TO VALIDATE
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);
 
 
// TEST FOR VERIFICATION
if (!$fp) { // HTTP ERROR
	warning_RAY("IPN HTTP ERROR", "fsockopen failed \n\n ERRNO=$errno \n\n ERRSTR=$errstr \n\n");
	die();
}
 
// HTTP OPEN - WRITE HEADER AND REQUEST
fputs ($fp, $header . $req);
 
// HTTP OPEN - READ PayPal RESPONSE, DISCARDING HEADERS TO THE VERY END
$paypal_reply 	= '';
$paypal_headers	= '';
while (!feof($fp)) {
	$paypal_reply	= fgets ($fp, 1024);
	$paypal_headers	.= $paypal_reply;
}
 
// IF THIS IS TRULY A POST FROM PAYPAL, PROCESS ORDER NOTIFICATION
if (strcmp ($paypal_reply, "VERIFIED") == 0) {
	$errormsg = "";
	if ($payment_status == "Completed") { } else { $errormsg .= "\nE: payment_status"; } // ETC with ERROR PROCESSING

Open in new window

Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
ASKER CERTIFIED SOLUTION
Ray Paseur

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER
Xplisit

Thank you Ray, you've helped me a lot and I fixed my script.
Ray Paseur

Excellent!  That's what we like to do here at EE.