• 12

A PHP Error was encountered

Severity: Notice

Message: Undefined index: userid

Filename: views/question.php

Line Number: 187


File: /home/prodcxja/public_html/questions/application/views/question.php
Line: 187
Function: _error_handler

File: /home/prodcxja/public_html/questions/application/controllers/Questions.php
Line: 433
Function: view

File: /home/prodcxja/public_html/questions/index.php
Line: 315
Function: require_once

name Punditsdkoslkdosdkoskdo

Any way to keep curl's cookies in memory and not on disk

I'm doing some cURL work in php 5.3.0.

I'm wondering if there is any way to tell the curl handle/object to keep the cookies in memory (assuming I'm reusing the same handle for multiple requests), or to somehow return them and let me pass them back when making a new handle.

Theres this long accepted method for getting them in/out of the request:

curl_setopt($ch, CURLOPT_COOKIEJAR, $filename); 
curl_setopt($ch, CURLOPT_COOKIEFILE, $filename);

But I'm hitting some scenarios where I need to be running multiple copies of a script out of the same directory, and they step on each others cookie files. Yes, I know I could use tempnam() and make sure each run has its own cookie file, but that leads me to my 2nd issue.

There is also the issue of having these cookie files on the disk at all. Disk I/O is slow and a bottle neck I'm sure. I dont want to have to deal with cleaning up the cookie file when the script is finished (if it even exits in a way that lets me clean it up).

Any ideas? Or is this just the way things are?

Unfortunately, I don't think you can use 'php://memory' as the input and output stream. The workaround is to parse the headers yourself. This can be done pretty easily. Here is an example of a page making two requests and passing the cookies yourself.



$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, 'http://localhost/test.php?message=Hello!');
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false);
curl_setopt($curl, CURLOPT_HEADER, true);  
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); 

$data = curl_exec($curl);

preg_match_all('|Set-Cookie: (.*);|U', $data, $matches);   
$cookies = implode('; ', $matches[1]);

$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, 'http://localhost/test.php');
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false);
curl_setopt($curl, CURLOPT_HEADER, true);  
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); 
curl_setopt($curl, CURLOPT_COOKIE, $cookies);

$data = curl_exec($curl);
echo $data;



if(isset($_SESSION['message'])) {
    echo $_SESSION['message'];
} else {
    echo 'No message in session';

if(isset($_GET['message'])) {
    $_SESSION['message'] = $_GET['message'];

This will output 'Hello!' on the second request.

  • 27
Reply Report
      • 1
    • Note that if you parse cookies out more than once in a sequence of requests, you may have to accumulate the cookies in your string, possibly overwriting older values with newer ones for re-occurring keys. (..and the slippery slope to implementing a cookie jar begins!)

You can use the CURLOPT_COOKIEJAR option, and set the file to "/dev/null" for Linux / MacOS X or "NULL" for Windows. This will prevent the cookies from being written to disk, but it will keep them around in memory as long as you reuse the handle and don't call curl_easy_cleanup().

  • 26
Reply Report

Just set CURLOPT_COOKIEFILE to a file that doesn't exist, usually an empty string is the best option. Then DON'T set CURLOPT_COOKIEJAR, this is the trick. This will prevent a file from being written but the cookies will stay in memory. I just tested this and it works (my test: send http auth data to a URL that redirects you to a login URL that authenticates the request, then redirects you back to the original URL with a cookie).

  • 9
Reply Report
      • 1
    • Brilliant, this was exactly what I was looking for. I set CURLOPT_COOKIEFILE to null and refrained from setting the CURLOPT_COOKIEJAR option, and it worked!

There is but it's completely unintuitive.

curl_setopt($curl, CURLOPT_COOKIEFILE, "");

For more details please see my answer in the comments

  • 3
Reply Report
      • 2
    • It's not quite the same answer. "to a file that doesn't exist". Curl takes magic strings through setting the cookie file that do various things. You have to look at the curl source or documentation to find it. You shouldn't actually point curl to a file that doesn't exist. He tested it, found it worked but he doesn't know nor has explained why. His answer wants to be updated because it's misleading about why this works.

If using Linux, you could set these to point somewhere within /dev/shm .. this will keep them in memory and you can be assured that they won't persist across re-boots.

I somehow thought that Curl's cleanup handled the unlinking of cookies, but I could be mistaken.

  • 2
Reply Report