SpiderBasic

- a basic to master the web -
https://forums.spiderbasic.com/

Cookies and SessionIds

https://forums.spiderbasic.com/viewtopic.php?t=1361

Page 1 of 2

Cookies and SessionIds

Posted: Wed Oct 25, 2017 10:36 am
by Dirk Geppert
Hello everyone,

I need help with handling cookies and session IDs.

After a successful login httpRequest, I see in the header that a session ID is sent as a cookie from the server.

Code: Select all

Cookie	PHPSESSID=0781d6ea840acd7c52186fd916a76705
How can I use this SesssionID for the next httpRequest?

Kind regards, Dirk

Re: Cookies and SessionIds

Posted: Wed Oct 25, 2017 11:20 am
by Dirk Geppert
Found some Cookie stuff in the german forum
http://www.purebasic.fr/german/viewtopi ... ie#p340763
and tried this:

Code: Select all

Procedure.s getCookie(cname.s)
!     var name = v_cname + "=";
!     var ca = document.cookie.split(';');
!     for(var i = 0; i < ca.length; i++) {
!         var c = ca[i];
!         while (c.charAt(0) == ' ') {
!             c = c.substring(1);
!         }
!         if (c.indexOf(name) == 0) {
!             return c.substring(name.length, c.length);
!         }
!     }
!     return "";
EndProcedure

Debug  getCookie("PHPSESSID")
..after login request. But no results for the cookie "PHPSESSID"..

Re: Cookies and SessionIds

Posted: Wed Oct 25, 2017 3:22 pm
by falsam

Code: Select all

Procedure SetCookie(Name.s, Value.s)
  Protected Buffer.s = Name + "=" + Value 
  
  ! document.cookie = v_buffer;
EndProcedure

Procedure GetCookie(Name.s)
  ! var value = "; " + document.cookie;
  ! var parts = value.split("; " + v_name + "=");
  ! if (parts.length == 2) return parts.pop().split(";").shift();  
EndProcedure

Procedure RemoveCookie(Name.s)
  ! document.cookie = v_name + '=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT;';
EndProcedure

SetCookie("soc", "12345")
SetCookie("name", "John Doe")
SetCookie("PHPSESSID", "0781d6ea840acd7c52186fd916a76705")

Debug GetCookie("PHPSESSID")
Debug GetCookie("soc")
Debug GetCookie("name")

RemoveCookie("soc")

Debug GetCookie("soc")

Re: Cookies and SessionIds

Posted: Wed Oct 25, 2017 6:45 pm
by Dirk Geppert
Hi Falsam, thanks for your help. Set a own Cookie works as expected, but reading the cookie, that comes from the server seems not readable.

But thats not the main problem.

I‘ll use an api. The first http request is the login. It works. The server sends success. In the response header I can see a parameter cookie with includes an PHP Session ID.

The next http request fails with error „not authorized“. I guess, the SessionID is missed. How to handle an PHPSessionID?

Re: Cookies and SessionIds

Posted: Fri Oct 27, 2017 12:52 pm
by Dirk Geppert
To more clarify the problem. SpiderBasic will receive a "Set-Cookie" in the reply header from the server.

Code: Select all

Set-Cookie	PHPSESSID=e613aa6e7742f3148d43c4fd6eff64ba; expires=Fri, 03-Nov-2017 12:20:52 GMT; path=/
This should then be sent within the next request like this:

Code: Select all

Cookie	PHPSESSID=e613aa6e7742f3148d43c4fd6eff64ba
But it won't. What can I do?

Re: Cookies and SessionIds

Posted: Wed Nov 15, 2017 3:52 pm
by Dirk Geppert
With custom headers, I can send a cookie to a crossdomain server. But how can I read the response header and evaluate the Set-Cookie parameter?

Code: Select all

; Send a cookie to an external (crossdomain) server

Procedure HttpGetEvent(Success, Result$, UserData)
    If Success
      Debug Result$
    Else
      Debug "HTTPRequest(): Error"
    EndIf
  EndProcedure

  NewMap Headers.s()
  Headers("Coookie") = "PHPSESSID=0781d6ea840acd7c52186fd916a76705"
   
  HTTPRequest(#PB_HTTP_Get, "ExternalServer", "", @HttpGetEvent(), 0, Headers())

Re: Cookies and SessionIds

Posted: Thu Aug 06, 2020 9:22 pm
by Kurzer
Dirk,

your problem was exactly my problem. If the problem (and a solution) is still relevant to you:
See here: https://www.purebasic.fr/german/viewtop ... 41#p357541

Grand Master Kiffi has the solution. :D

Markus

Re: Cookies and SessionIds

Posted: Fri Aug 07, 2020 6:54 am
by menschmarkus
Hi,

I use SESSIONID information within my PHP script. Like

Code: Select all

<?PHP
     if(session_status() !== PHP_SESSION_ACTIVE) session_start();
     $tfname		 = session_id(); 
     echo $ftname;
     exit();
?>
You you can use $tfname as a variable which holds the ID wherever you want i your PHP script.
You may run a httprequest() in SB to your server and return the SESSIONID if you want to use the SESSIONID in SB app.

Another way to use SESSIONID information is to readout the cookie information of browser.

hope it helps.

Re: Cookies and SessionIds

Posted: Fri Aug 07, 2020 8:32 am
by Kurzer
Unfortunately, none of this helps if you start the SpiderBasic code from the IDE with F5.

In this case the PHP script (or rather the server) generates a new session-ID for every HTTPRequest() coming from SpiderBasic.

Even if you were able to successfully log in into a PHP login page at the first HTTPRequest and store this inforrmation into a session variable, the server will "forget" this information at the next HTTPRequest.

But as I said, the suggestion in the german forum from Kiffi solves this problem (see the link in my upper post).

Markus

Re: Cookies and SessionIds

Posted: Fri Aug 07, 2020 8:49 am
by menschmarkus
@kurzer
I can't agree. As I know the PHPSESSIONID is kept until the browser is closed. In my tests the SESSIONID is always the same until I restart browser.
By the way, you can restart the app with F5 but this keeps the cache. If you use STRG+F5 the cach is deleted.
I always restart the app with STRG+F5

regards bro M....
All times are UTC
Page 1 of 2

Powered by phpBB® Forum Software © phpBB Limited