PHP 中 cURL 发出的 POST 请求与 Flash 中 loadVars 发出的 POST 请求有何不同?
抱歉
,这可能是一个非常奇怪的问题。
我正在开发 Flash RIA。 它所做的事情之一是调用 ASP 页(驻留在另一个域上)来检索一些数据。
但是,该 ASP 页面要求用户先登录该站点,然后才能调用该 ASP 页面。
因此,我第一次尝试在 Flash 应用程序中使用 loadVars.sendAndLoad() 将登录变量发布到登录页面。 这会设置 cookie/会话变量来建立我的“登录”状态。 然后,当 Flash 应用程序调用 ASP 页面来请求它所需的数据时,一切正常。 换句话说,对第一个页面的 loadVars.sendAndLoad 调用使我登录,并且登录状态(以某种方式)得到维护,以便当 Flash 应用程序稍后调用 ASP 页面时,ASP 页面认为我仍然登录 一个很好的解决方案
,除了现在 Flash 应用程序将部署在另一个域上。 换句话说,ASP 页面(和登录页面)位于domainA.com 上,但Flash 应用程序将位于domainB.com 上。 而且 Flash 应用程序无法调用不同域上的 URL(我了解跨域策略文件,但出于各种原因,这不是一个选项)。
因此,我的下一个想法是 - 在 domainB.com 上设置一个 PHP 页面,使用 cURL 将登录变量传递到登录页面。 在domainB.com 上设置另一个PHP 页面,使用cURL 调用ASP 页面。
然后,我可以设置 Flash 应用程序来调用那些充当“代理”的 PHP 页面。
然而,这不起作用。 当我调用第一个 PHP 页面(它将变量传递到 domainA.com 上的登录页面)时,我认为这可行。 但是,如果我随后调用第二个 PHP 页面,domainA.com 上的 ASP 页面会拒绝该请求,就好像我没有登录一样。
换句话说,当我运行 Flash 中的所有内容时 - 看起来就像“已登录 - in”状态从第一个请求一直保持到后续请求。 但是,当我从 PHP 页面运行所有内容时,不会维护登录状态。
第一个 PHP 页面似乎让我登录到系统。 但第二个 PHP 页面并未被认为已登录。
您知道 Flash 和 PHP 中如何以不同方式处理 cookie 来解释这种差异吗?
我很乐意根据任何建议或指导提供更多详细信息。
提前谢谢了!
---- 编辑 ----
基于极好的反馈和建议,我已经让它发挥作用了。 我还没有机会去打磨它; 某些 cURL 选项可能是不必要的或多余的。 但至少,它有效。 这是代码:
<?php
$ckfile = tempnam (".", "CURLCOOKIE");
$url_1 = 'https://somedomain.com/loginService';
$url_2 = 'https://somedomain.com/getMyData.asp';
$fields_1 = array(
'field1'=>"blah",
'field2'=>"blah",
'field3'=>"blah",
);
$fields_2 = array(
'fieldX'=>"blah",
'fieldY'=>"blah",
'fieldZ'=>"blah",
);
$a='';
$postvars_1 = '';
foreach($fields_1 as $key=>$value) {
$postvars_1.= $a.urlencode($key).'='.urlencode($value);
$a='&';
}
$a='';
$postvars_2 = '';
foreach($fields_2 as $key=>$value) {
$postvars_2.= $a.urlencode($key).'='.urlencode($value);
$a='&';
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_COOKIEFILE, $ckfile);
curl_setopt($ch, CURLOPT_COOKIEJAR, $ckfile);
curl_setopt($ch, CURLOPT_COOKIE, session_name() . '=' . session_id());
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_POST, count($fields));
curl_setopt($ch, CURLOPT_POSTFIELDS, $postvars);
curl_setopt($ch, CURLOPT_URL, $url_1);
curl_setopt($ch, CURLOPT_POST, count($fields_1));
curl_setopt($ch, CURLOPT_POSTFIELDS, $postvars_1);
$result_1 = curl_exec($ch);
curl_setopt($ch, CURLOPT_URL, $url_2);
curl_setopt($ch, CURLOPT_POST, count($fields_2));
curl_setopt($ch, CURLOPT_POSTFIELDS, $postvars_2);
$result_2 = curl_exec($ch);
curl_close($ch);
header("Content-type: text/xml");
print $result_2;
unlink($ckfile);
?>
不用说,可能有更好的方法来完成此任务,或者我的代码存在一些严重问题。 但就目前而言,工作总比什么都不做好。 如果没有社区和下面的人的帮助,我永远不可能让这个工作成功。 非常感谢!
All,
Sorry - this is probably a very strange question.
I'm working on a Flash RIA. One of the things it does is call an ASP page (that resides on another domain) to retrieve some data.
However, that ASP page requires users to log-in to that site before they're allowed to call that ASP page.
So, my first attempt at getting this to work in the Flash app was to use loadVars.sendAndLoad() to post the login variables to the login page. This sets the cookies/session variables to establish my "logged-in" status. Then, later, when the Flash app calls the ASP page to request the data it needs, everything works. In other words, the loadVars.sendAndLoad call to the first page logs me in, and that log-in status is maintained (somehow), so that when the Flash app calls the ASP page later, the ASP page believes I'm still logged in.
A fine solution all around, except now the Flash application will be deployed on another domain. In other words, the ASP page (and the login page) are on domainA.com, but the Flash application will be on domainB.com. And Flash apps can't call URLs on different domains (I know about crossdomain policy files, but for a variety of reasons, that isn't an option).
So, my next thought was this - set up a PHP page on domainB.com that uses cURL to pass the login variables to the login page. Set up another PHP page on domainB.com that uses cURL to call the ASP page.
Then, I can set my Flash app to call those PHP pages which will act as "proxies".
However, this doesn't work. When I call the first PHP page (which passes variables to the login page on domainA.com), I think THAT works. However, if I then call the second PHP page, the ASP page on domainA.com rejects the request, as though I'm not logged in.
In other words, when I run everything out of Flash - it seems like the "logged-in" status is maintained from the first request to subsequent requests. However, when I run everything from the PHP pages, the logged in state isn't maintained.
The first PHP page seems to log me into the system. But the second PHP page isn't credited with being logged in.
Any idea how the cookies are handled differently in Flash and PHP that would explain this difference?
I'm happy to provide much more detail, based on any advice or guidance.
Many thanks in advance!
---- EDIT ----
Based on the terrific feedback and suggestions, I've gotten this to work. I haven't had a chance to polish it; it may be that some of the cURL options are unnecessary or redundant. But at least, it works. Here's the code:
<?php
$ckfile = tempnam (".", "CURLCOOKIE");
$url_1 = 'https://somedomain.com/loginService';
$url_2 = 'https://somedomain.com/getMyData.asp';
$fields_1 = array(
'field1'=>"blah",
'field2'=>"blah",
'field3'=>"blah",
);
$fields_2 = array(
'fieldX'=>"blah",
'fieldY'=>"blah",
'fieldZ'=>"blah",
);
$a='';
$postvars_1 = '';
foreach($fields_1 as $key=>$value) {
$postvars_1.= $a.urlencode($key).'='.urlencode($value);
$a='&';
}
$a='';
$postvars_2 = '';
foreach($fields_2 as $key=>$value) {
$postvars_2.= $a.urlencode($key).'='.urlencode($value);
$a='&';
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_COOKIEFILE, $ckfile);
curl_setopt($ch, CURLOPT_COOKIEJAR, $ckfile);
curl_setopt($ch, CURLOPT_COOKIE, session_name() . '=' . session_id());
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_POST, count($fields));
curl_setopt($ch, CURLOPT_POSTFIELDS, $postvars);
curl_setopt($ch, CURLOPT_URL, $url_1);
curl_setopt($ch, CURLOPT_POST, count($fields_1));
curl_setopt($ch, CURLOPT_POSTFIELDS, $postvars_1);
$result_1 = curl_exec($ch);
curl_setopt($ch, CURLOPT_URL, $url_2);
curl_setopt($ch, CURLOPT_POST, count($fields_2));
curl_setopt($ch, CURLOPT_POSTFIELDS, $postvars_2);
$result_2 = curl_exec($ch);
curl_close($ch);
header("Content-type: text/xml");
print $result_2;
unlink($ckfile);
?>
Needless to say, there may be much better ways to accomplish this, or some serious issues with my code. But working is, for now, better than nothing. I'd never have gotten this to work without the help of the community, and the people below. Many, many thanks!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
能贴一下有问题的脚本吗?
乍一看,我会检查cookie是否被捕获并传递到第二个脚本(从curl响应捕获并传递到curl以用于第二个请求),curl不会自动处理cookie(我不认为),你有扮演 Web 浏览器的角色,保存响应标头(包含 cookie)。
我认为你的脚本应该看起来像:
这是假设你不介意第一个请求中返回的标头废话。
祝你好运
Can you paste the problem script?
At first glance i would check that the cookie is being caught and passed onto the second script (caught from curl response and passed into curl for the second request), curl doesn't automatically handle cookies (i don't think), you have to play the part of the web browser, saving the response header (containing the cookie).
I think you script should look like:
this is presuming that you dont mind the header guff comming back in the first request.
Good Luck
PHP 不会像 flash 那样自动为您处理 cookie。 您必须向执行发布的函数传递一包选项,其中包括用于填充 cookie 的文件路径。
可以在此处找到如何制作该选项包的说明:http://usphp.com/manual/en/http.request.options.php
PHP does not handle cookies for you as auto-magically as flash does. You must pass to the function that does the post, a bag of options including a path to the file to stuff cookies in.
A description of how to make that bag of options can be found here: http://usphp.com/manual/en/http.request.options.php
登录状态很可能是使用 cookie 来维护的。 当您通过 PHP 进行代理时,它不会在请求之间存储 cookie。 虽然有一些巴洛克式的方法可以解决这个问题(也许您可以将 cookie 传回 Flash),但这听起来不像是一个可扩展或持久的解决方案。 是否无法使用跨域策略或其他某种方式让 Flash 直接联系您正在登录的站点(例如 JSON 回调)?
The login state is most likely maintained using cookies. When you proxy through PHP, it isn’t going to store the cookies between requests. While there are baroque ways to work around this (perhaps you could pass the cookie back to Flash), this doesn’t sound like a scalable or durable solution. Is there no way to use a cross-domain policy or some other way of having Flash directly contact the site you’re logging in to (like a JSON callback)?