A 1-way outbound cURL statement

bostboy · January 8, 2011, 12:26am

I have used cURL for a few things but mostly to send a request for data and to process the return data. In this case, all I want to do is send a 1-way https request that effectively logs out of a facebook session. I can take the value in $_SESSION[‘user’][‘fblogout’] and paste it in the browser and it works fine, but when I execute it using the following code, it does not work. Am I doing something wrong?

	
$request_url = $_SESSION['user']['fblogout'];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $request_url);
	
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$output = curl_exec($ch);
curl_close($ch);

bostboy · January 8, 2011, 12:29am

One more comment, this is an https request

ahundiak · January 8, 2011, 4:15am

Need to do some security configuration:

bostboy · January 8, 2011, 2:15pm

I tried that and it didn’t work. I’m actually getting a message back that says “true” but it’s not executing the logout. The actual code that works is just an anchor tag with an href and if you click that it works fine.

So maybe to approach that in a different way, when I click the anchor tag I want it to execute the href but I also want it to execute more commands. How can I accomplish that? My thought was to have the anchor reference a php script and then control it there but I can’t get the href to execute the same way it does as an href.

Make sense?

AnthonySterling · January 8, 2011, 2:51pm

Your best bet would be to follow the logout process in your browser with something LiveHTTPHeaders.

See if you get redirected to another page which resets the account, just try to spot anything which your code is not doing.

You’re trying to emulate the exact same thing your browser does, but with code.

Maybe the SSL is a factor too.

Try this:-


<?php
error_reporting(-1);
ini_set('display_errors', true);

function logout($user_logout_url){
  $ch = curl_init($user_logout_url);
  curl_setopt_array(
    $ch,
    array(
      CURLOPT_SSL_VERIFYPERR  => false,
      CURLOPT_RETURNTRANSFER  => true,
      CURLOPT_FOLLOWLOCATION  => true,
      CURLOPT_MAXREDIRS       => 3,
      CURLOPT_TIMEOUT         => 5,
    )
  );
  curl_exec($ch);
  return curl_getinfo($ch, CURLINFO_HTTP_CODE);
}

$response = logout($_SESSION['user']['fblogout']);

#check $response

bostboy · January 8, 2011, 3:04pm

This is what I got back:

Strict Standards: logout() [function.logout]: It is not safe to rely on the system’s timezone settings. Please use the date.timezone setting, the TZ environment variable or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected ‘America/Los_Angeles’ for ‘PST/-8.0/no DST’ instead in access.inc.php on line 31

Notice: Undefined variable: https://www.facebook.com/logout.php?next=https%3A%2F%2Fwww.thebestdish.com%2Flogin%2F&access_token=183509125001494|2.5JA1wCuefWuY3m0R3AJHkg__.3600.1294502400-1569662847|gkqe06ur7zWo4Jeu8nbYkRKjjxo in access.inc.php on line 31

Strict Standards: logout() [function.logout]: It is not safe to rely on the system’s timezone settings. Please use the date.timezone setting, the TZ environment variable or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected ‘America/Los_Angeles’ for ‘PST/-8.0/no DST’ instead in access.inc.php on line 35

Notice: Use of undefined constant CURLOPT_SSL_VERIFYPERR - assumed ‘CURLOPT_SSL_VERIFYPERR’ in access.inc.php on line 35

Strict Standards: curl_setopt_array() [function.curl-setopt-array]: It is not safe to rely on the system’s timezone settings. Please use the date.timezone setting, the TZ environment variable or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected ‘America/Los_Angeles’ for ‘PST/-8.0/no DST’ instead in /access.inc.php on line 41

Warning: curl_setopt_array() [function.curl-setopt-array]: Array keys must be CURLOPT constants or equivalent integer values in access.inc.php on line 41

Strict Standards: header() [function.header]: It is not safe to rely on the system’s timezone settings. Please use the date.timezone setting, the TZ environment variable or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected ‘America/Los_Angeles’ for ‘PST/-8.0/no DST’ instead in /access.inc.php on line 53

Warning: Cannot modify header information - headers already sent by (output started at /access.inc.php:31) in /access.inc.php on line 53

bostboy · January 8, 2011, 3:09pm

Just for reference, line 31 is $ch = curl_init($$user_logout_url);

bostboy · January 8, 2011, 3:19pm

I ran it without the error reporting and the return value was “int(0)”

bostboy · January 8, 2011, 3:20pm

Don’t know if you’ve done anything like this with Facebook but it seems that you can only execute login and maybe logout from the same page that is registered with them. I’m going to experiment with that for a bit.

salathe · January 8, 2011, 4:09pm

Why does $$user_logout_url have two $? I’m fairly sure you don’t want to be using variable variables there.