Yii Framework Forum: Yii Login Using Curl Post - Yii Framework Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Yii Login Using Curl Post Rate Topic: -----

#1 User is offline   Yii123 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 47
  • Joined: 13-March 13

Posted 30 June 2014 - 04:35 AM

Hi all, Is it possible the login by posting username and password from any other php application (using curl) to Yii application?
How set the login url?

This is the code i'm used for login
<?php
// INIT CURL
$ch = curl_init();

// SET URL FOR THE POST FORM LOGIN
curl_setopt($ch, CURLOPT_URL, 'http://localhost:8888/yiiapp/site/login');

// ENABLE HTTP POST
curl_setopt ($ch, CURLOPT_POST, 1);

// SET POST PARAMETERS : FORM VALUES FOR EACH FIELD
curl_setopt ($ch, CURLOPT_POSTFIELDS, 'user_mailid=yiiuser***@gmail.com&user_password=yii*****@');

// IMITATE CLASSIC BROWSER'S BEHAVIOUR : HANDLE COOKIES
curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookie.txt');

# Setting CURLOPT_RETURNTRANSFER variable to 1 will force cURL
# not to print out the results of its query.
# Instead, it will return the results as a string return value
# from curl_exec() instead of the usual true/false.
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);

// EXECUTE 1st REQUEST (FORM LOGIN)
$store = curl_exec ($ch);
print_r($store);


curl_setopt($ch, CURLOPT_URL, 'http://localhost:8888/yiiapp/');

$content = curl_exec ($ch);

print_r($content);
// CLOSE CURL
curl_close ($ch); 

?>



Thanks.
0

#2 User is offline   le_top 

  • Advanced Member
  • PipPipPip
  • Yii
  • Group: Members
  • Posts: 438
  • Joined: 08-June 10
  • Location:France (Ile-de-France/Val d'Oise)

Posted 03 July 2014 - 04:48 PM

This should be possible.
The login method depends on the way it is implemented in the application.
If you have a working app and you want to be "lazy" and not understand the code, open up a browser, enable debugging, track all network exchanges and find the login post.
If CSRF is enabled, you may need to go to the login page first to get the first cookie ensemble with the CSRF information, then do the login with that cookie collection which will get updated.

What is sure is that I have used curl for debugging purposes in order to repeat POSTs made from within a browser on a logged in account.
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users