cURL works from Terminal, but not from PHP
我遇到了一个相当奇怪的问题。
我正在尝试使用 PHP 中的 curl 登录远程 moodle 安装。
我有一个 curl 命令,可以在终端中完美运行。
当我将同样的东西翻译成 PHP 时,它可以工作,但它只是无法登录。通过终端成功登录的完全相同的值,以某种方式通过 PHP 跳闸登录系统并且它没有登录。相反,它会再次返回登录页面。
我的 cURL 命令(数据部分省略,因为它有我的用户名和密码):
1 2 3 4 5 6 7 8 9 10 11 12 | curl 'http://moodle.tsrs.org/login/index.php' -H 'Pragma: no-cache' -H 'Origin: http://moodle.tsrs.org' -H 'Accept-Encoding: gzip, deflate' -H 'Accept-Language: en-US,en;q=0.8' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.65 Safari/537.36' -H 'Content-Type: application/x-www-form-urlencoded' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8' -H 'Cache-Control: no-cache' -H 'Referer: http://moodle.tsrs.org/login/index.php' -H 'Cookie: MoodleSession=ngcidh028m37gm8gbdfe07mvs7; MOODLEID_=%25F1%25CD%2519D%25B2k%25FE%251D%25EFH%25E5t%25B1%2503%258E; MoodleSessionTest=NhzaTNij6j; _ga=GA1.2.925953522.1416155774; _gat=1; __utmt=1; __utma=147409963.925953522.1416155774.1416642544.1416692798.3; __utmb=147409963.1.10.1416692798; __utmc=147409963; __utmz=147409963.1416155774.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)' -H 'Connection: keep-alive' |
对应的PHP代码:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 | function login() { $username = $_POST['username']; $password = $_POST['password']; if(!isset($_POST['username']) || !isset($_POST['password'])) { echo"No login data received"; return; } $creq = curl_init(); $data = array('username' => $username, 'password' => $password, 'testcookies'=> '1'); $headers = array('Pragma: no-cache', 'Origin: http://moodle.tsrs.org', 'Accept-Encoding: ', 'Accept-Language: en-US,en;q=0.8', 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.65 Safari/537.36', 'Content-Type: application/x-www-form-urlencoded', 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8', 'Cache-Control: no-cache', 'Cookie: MoodleSession=ngcidh028m37gm8gbdfe07mvs7; MOODLEID_=%25F1%25CD%2519D%25B2k%25FE%251D%25EFH%25E5t%25B1%2503%258E; MoodleSessionTest=NhzaTNij6j; _ga=GA1.2.925953522.1416155774; _gat=1; __utmt=1; __utma=147409963.925953522.1416155774.1416642544.1416692798.3; __utmb=147409963.1.10.1416692798; __utmc=147409963; __utmz=147409963.1416155774.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)', 'Connection: keep-alive' ); curl_setopt_array($creq, array( CURLOPT_URL => 'http://moodle.tsrs.org/login/index.php', CURLOPT_RETURNTRANSFER => true, CURLOPT_POST => true, CURLOPT_ENCODING => '', CURLINFO_HEADER_OUT => true, CURLOPT_POSTFIELDS => $data, CURLOPT_HTTPHEADER => $headers, CURLOPT_FOLLOWLOCATION => false )); $output = curl_exec($creq); echo print_r(curl_getinfo($creq)); echo"\ " . $output ."\ "; } |
以及 curlinfo 的输出:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 | Array ( [url] => http://moodle.tsrs.org/login/index.php [content_type] => text/html; charset=utf-8 [http_code] => 200 [header_size] => 541 [request_size] => 945 [filetime] => -1 [ssl_verify_result] => 0 [redirect_count] => 0 [total_time] => 1.462409 [namelookup_time] => 0.002776 [connect_time] => 0.330766 [pretransfer_time] => 0.330779 [size_upload] => 365 [size_download] => 8758 [speed_download] => 5988 [speed_upload] => 249 [download_content_length] => -1 [upload_content_length] => 365 [starttransfer_time] => 0.694866 [redirect_time] => 0 [certinfo] => Array ( ) [primary_ip] => 125.22.33.149 [redirect_url] => [request_header] => POST /login/index.php HTTP/1.1 Host: moodle.tsrs.org Pragma: no-cache Origin: http://moodle.tsrs.org Accept-Language: en-US,en;q=0.8 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.65 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Cache-Control: no-cache Cookie: MoodleSession=ngcidh028m37gm8gbdfe07mvs7; MOODLEID_=%25F1%25CD%2519D%25B2k%25FE%251D%25EFH%25E5t%25B1%2503%258E; MoodleSessionTest=NhzaTNij6j; _ga=GA1.2.925953522.1416155774; _gat=1; __utmt=1; __utma=147409963.925953522.1416155774.1416642544.1416692798.3; __utmb=147409963.1.10.1416692798; __utmc=147409963; __utmz=147409963.1416155774.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) Connection: keep-alive Content-Length: 365 Expect: 100-continue Content-Type: application/x-www-form-urlencoded; boundary=----------------------------83564ee60d56 ) |
有人知道这有什么可能的原因吗?我尝试用 COOKIEFILE 和 COOKIEJAR 替换硬编码的 cookie,但它没有改变任何东西。
这可以通过查看 cURL 实际完成的所有内容来更好地调试。这是通过在命令中添加详细标志来完成的:
1 | $ curl localhost/login [...] -v |
我们可以通过添加
1 |
通过这样做,您可以获得两个 HTTP 请求的一致且可比较的输出,它应该看起来像这样:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | POST / HTTP/1.1 Host: localhost:3000 Pragma: no-cache Origin: http://moodle.tsrs.org Accept-Language: en-US,en;q=0.8 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.65 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Cache-Control: no-cache Cookie: MoodleSession=ngcidh028m37gm8gbdfe07mvs7; MOODLEID_=%25F1%25CD%2519D%25B2k%25FE%251D%25EFH%25E5t%25B1%2503%258E; MoodleSessionTest=NhzaTNij6j; _ga=GA1.2.925953522.1416155774; _gat=1; __utmt=1; __utma=147409963.925953522.1416155774.1416642544.1416692798.3; __utmb=147409963.1.10.1416692798; __utmc=147409963; __utmz=147409963.1416155774.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) Connection: keep-alive Content-Length: 250 Expect: 100-continue Content-Type: application/x-www-form-urlencoded; boundary=------------------------b4d79f17a3887f2d < HTTP/1.1 100 Continue < HTTP/1.1 200 OK < X-Powered-By: Express < Content-Type: application/json; charset=utf-8 < Content-Length: 2 < ETag: W/"2-mZFLkyvTelC5g8XnyQrpOw" < Date: Thu, 22 Dec 2016 19:13:40 GMT < Connection: keep-alive |
左:问题中提供的命令行 cURL(带有额外的
右:问题中发布的 PHP cURL(启用
如您所见,标题并不相同,这说明了这一点。 PHP 调用缺少
如果没有出现任何问题,让我们尝试将 PHP 中的一些 cURL 设置改回原来的 cURL 默认值。
在内部,PHP 选择在不告诉您的情况下覆盖 cURL 中的一些默认值。虽然这些设置应该没问题,但让我们通过将它们显式重置回 cURL 默认值来更改它们:
1 2 3 4 | curl_setopt($curl, CURLOPT_DNS_CACHE_TIMEOUT, 60); curl_setopt($curl, CURLOPT_DNS_USE_GLOBAL_CACHE, 0); curl_setopt($curl, CURLOPT_MAXREDIRS, -1); curl_setopt($curl, CURLOPT_NOSIGNAL, 0); |
在传递给 curl 之前在
1 |
如下重塑你的 curl 请求:
向登录页面发出 GET 请求,并将 cookie 文件指向
1 2 3 4 5 6 7 8 9 10 11 12 | $creq = curl_init(); curl_setopt_array($creq, array( CURLOPT_URL => 'http://moodle.tsrs.org/login/index.php', CURLOPT_RETURNTRANSFER => true, CURLOPT_ENCODING => '', CURLINFO_HEADER_OUT => true, CURLOPT_HTTPHEADER => $headers, CURLOPT_FOLLOWLOCATION => false, CURLOPT_COOKIEJAR => $cookies // save cookie )); $output = curl_exec($creq); curl_close($creq); |
现在使用第二个 curl 请求发出 POST 请求。这个时间点与 COOKIEFILE 选项相同的 cookie 文件。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | $creq = curl_init(); curl_setopt_array($creq, array( CURLOPT_URL => 'http://moodle.tsrs.org/login/index.php', CURLOPT_RETURNTRANSFER => true, CURLOPT_POST => true, CURLOPT_ENCODING => '', CURLINFO_HEADER_OUT => true, CURLOPT_POSTFIELDS => http_build_query ($data), CURLOPT_HTTPHEADER => $headers, CURLOPT_FOLLOWLOCATION => false, CURLOPT_COOKIEJAR => $cookies, // save cookie CURLOPT_COOKIEFILE => $cookies // load cookie ); $output = curl_exec($creq); curl_close($creq); |
有时服务器会在发出登录请求时查找 cookie(以确保请求是在访问登录页面后发出的)。
您的问题很可能与 cURL 默认为每个 POST 请求发送的 HTTP 标头
当客户端不确定服务器是否会接受此类请求时,在包含大数据的 POST 请求中使用
问题在于并非所有的 Web 服务器都能正确处理此标头。在这种情况下,不希望发送此标头。
解决方案是通过将
在您的情况下,您可以简单地将 \\'Expect:\\' 字符串添加到
1 | $headers[] = 'Expect:'; |
我怀疑您第一次尝试使用 curl 命令是在 index.php 文件中使用 GET 方法。我建议您在命令行中的第一个 curl 请求上启用