CURL模拟SESSION登陆

黄振国

常规登陆行为由form.php、action.php、main.php完成
模拟登陆由curl.php完成

黄振国

form.php

<html>
<head>
<title>表单提交</title>
<meta charset='utf-8'>
</head>
<body>
<form name='curl' method='post' action='action.php'>
用户名:<input type='text' name='user' ><br/>
密码:<input type='password' name='pwd'><br/>
<input type='submit' name='sub' value="sub">
</form>
</body>
</html>

黄振国

action.php

<?php
header("content-type:text/html;charset='utf-8'");
session_start();
$u=@$_POST['user'];
$p=@$_POST['pwd'];
if($u=='hzgtest'&&$p=='test1234'){
   $_SESSION['keykey']='okokok';
    header("location:main.php");
    echo "欢迎，有权限访问action.php";
//    print_r($_SESSION);

}else{
    echo "无权访问";

}
?>

黄振国

main.php

<?php
header("content-type:text/html;charset='utf-8'");
session_start();
if(@$_SESSION['keykey']=='okokok')
{
echo "<br/>main.php","欢迎访问";
}else{
echo "<br/>无权访main.php面";
}
?>

黄振国

curl.php

<?php
header("content-type:text/html;charset='utf-8'");
$post_url="http://www.test.com//session/action.php";
$post_data="user=hzgtest&pwd=test1234";
session_start();
$strCookie="PHPSESSID=".$_COOKIE['PHPSESSID'];
session_write_close();
$ch=curl_init();
curl_setopt($ch,CURLOPT_URL,$post_url);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch,CURLOPT_POST,1);
curl_setopt($ch, CURLOPT_COOKIE, $strCookie);
curl_setopt($ch,CURLOPT_POSTFIELDS,$post_data);
$con=curl_exec($ch);
curl_close($ch);

echo $strCookie;
echo "<hr/>";


$url="http://www.test.com/session/main.php";
$ch=curl_init();


session_write_close();
curl_setopt($ch, CURLOPT_COOKIE, $strCookie);
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
$con=curl_exec($ch);
curl_close($ch);

echo $con;
$href=$_SERVER['PHP_SELF'];
//print_r($_SESSION);
/*
echo <<<EEE
<script type="text/javascript">
window.location.href='{$href}';
</script>
EEE;
*/
?>