Created
February 25, 2024 13:45
-
-
Save ibrezm1/6e38b9649789ed2b65e1475b06703751 to your computer and use it in GitHub Desktop.
php session management using Curl
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ curl -X POST -c cookies.txt -H "Content-Type: application/json" -d '{"username": "your_username", "password": "your_password"}' http://localhost/be/auth/login.php | |
| {"success":true,"message":"Login successful"}ibrez@ibrez-OptiPlex-9020:be | |
| $ curl -b cookies.txt http://localhost/be/auth/login.php | |
| {"loggedIn":true,"username":"your_username"}ibrez@ibrez-OptiPlex-9020:be | |
| $ curl -b cookies.txt http://localhost/be/auth/logout.php | |
| {"success":true,"message":"Logout successful"}ibrez@ibrez-OptiPlex-9020:be |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http :/be/auth/login.php \ | |
| Content-Type:application/json \ | |
| username=your_username \ | |
| password=your_password | |
| ---------------------------------------------------------- | |
| HTTP/1.1 200 OK | |
| Access-Control-Allow-Headers: Content-Type | |
| Access-Control-Allow-Methods: GET, POST | |
| Access-Control-Allow-Origin: * | |
| Cache-Control: no-store, no-cache, must-revalidate | |
| Connection: Keep-Alive | |
| Content-Length: 45 | |
| Content-Type: text/html; charset=UTF-8 | |
| Date: Sun, 25 Feb 2024 13:41:19 GMT | |
| Expires: Thu, 19 Nov 1981 08:52:00 GMT | |
| Keep-Alive: timeout=5, max=100 | |
| Pragma: no-cache | |
| Server: Apache/2.4.52 (Ubuntu) | |
| Set-Cookie: PHPSESSID=1goj6eod944ejmb843pihg6n74; path=/ | |
| { | |
| "message": "Login successful", | |
| "success": true | |
| } | |
| http :/be/auth/login.php "Cookie:PHPSESSID=qavch1brufqc0k5hv74et88a7m;" | |
| ---------------------------------------------------------- | |
| HTTP/1.1 200 OK | |
| Access-Control-Allow-Headers: Content-Type | |
| Access-Control-Allow-Methods: GET, POST | |
| Access-Control-Allow-Origin: * | |
| Cache-Control: no-store, no-cache, must-revalidate | |
| Connection: Keep-Alive | |
| Content-Length: 44 | |
| Content-Type: text/html; charset=UTF-8 | |
| Date: Sun, 25 Feb 2024 13:41:27 GMT | |
| Expires: Thu, 19 Nov 1981 08:52:00 GMT | |
| Keep-Alive: timeout=5, max=100 | |
| Pragma: no-cache | |
| Server: Apache/2.4.52 (Ubuntu) | |
| { | |
| "loggedIn": true, | |
| "username": "your_username" | |
| } | |
| http :/be/auth/logout.php "Cookie:PHPSESSID=qavch1brufqc0k5hv74et88a7m;" | |
| ---------------------------------------------------------- | |
| HTTP/1.1 200 OK | |
| Access-Control-Allow-Headers: Content-Type | |
| Access-Control-Allow-Methods: GET | |
| Access-Control-Allow-Origin: * | |
| Cache-Control: no-store, no-cache, must-revalidate | |
| Connection: Keep-Alive | |
| Content-Length: 46 | |
| Content-Type: text/html; charset=UTF-8 | |
| Date: Sun, 25 Feb 2024 13:41:59 GMT | |
| Expires: Thu, 19 Nov 1981 08:52:00 GMT | |
| Keep-Alive: timeout=5, max=100 | |
| Pragma: no-cache | |
| Server: Apache/2.4.52 (Ubuntu) | |
| { | |
| "message": "Logout successful", | |
| "success": true | |
| } | |
| http :/be/auth/login.php "Cookie:PHPSESSID=qavch1brufqc0k5hv74et88a7m;" | |
| ---------------------------------------------------------- | |
| HTTP/1.1 200 OK | |
| Access-Control-Allow-Headers: Content-Type | |
| Access-Control-Allow-Methods: GET, POST | |
| Access-Control-Allow-Origin: * | |
| Cache-Control: no-store, no-cache, must-revalidate | |
| Connection: Keep-Alive | |
| Content-Length: 34 | |
| Content-Type: text/html; charset=UTF-8 | |
| Date: Sun, 25 Feb 2024 13:42:10 GMT | |
| Expires: Thu, 19 Nov 1981 08:52:00 GMT | |
| Keep-Alive: timeout=5, max=100 | |
| Pragma: no-cache | |
| Server: Apache/2.4.52 (Ubuntu) | |
| { | |
| "loggedIn": false, | |
| "username": null | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| session_start(); | |
| // Include the configuration file | |
| include '../db_config.php'; | |
| // Enable CORS | |
| header("Access-Control-Allow-Origin: *"); | |
| header("Access-Control-Allow-Methods: GET, POST"); | |
| header("Access-Control-Allow-Headers: Content-Type"); | |
| // Check request method | |
| $requestMethod = $_SERVER['REQUEST_METHOD']; | |
| switch ($requestMethod) { | |
| case 'POST': | |
| // Login Operation | |
| $data = json_decode(file_get_contents("php://input"), true); | |
| if (isset($data['username']) && isset($data['password'])) { | |
| $username = $data['username']; | |
| $password = $data['password']; | |
| // Check user credentials (replace with your authentication logic) | |
| if ($username === 'your_username' && $password === 'your_password') { | |
| $_SESSION['user'] = $username; | |
| echo json_encode(['success' => true, 'message' => 'Login successful']); | |
| } else { | |
| echo json_encode(['success' => false, 'message' => 'Invalid credentials']); | |
| } | |
| } else { | |
| echo json_encode(['success' => false, 'message' => 'Username and password required']); | |
| } | |
| break; | |
| case 'GET': | |
| // Check Session Status | |
| if (isset($_SESSION['user'])) { | |
| echo json_encode(['loggedIn' => true, 'username' => $_SESSION['user']]); | |
| } else { | |
| echo json_encode(['loggedIn' => false, 'username' => null]); | |
| } | |
| break; | |
| default: | |
| echo json_encode(['success' => false, 'message' => 'Invalid request method']); | |
| } | |
| $conn->close(); | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment