CookieJar in CURL – It Sucks

I was working with Linked in authentication management these days for one of my project where I have to loginto linked in using user’s credentials and fetch personal information and then display it in different form. My code was working properly in local machine, 3 different LAMP servers and one windows server. But finally when I deployed the code in production box, it fails. I quickly found that the cookiejar was not created for some permission problem. I tried to figure out what went wrong but I cant.

1. My script has the permission to create file in that directory on the fly

so there shouldn’t be any problem with this cookie jar and curl, but there was. So hours after hours i spend on it to find the reason and finally I decide to go without cookie jar. And If I don’t use cookie Jar, I have to manually parse the cookies sent to me after login and then set those cookies to my next request so that Linked in recognize me as a “coming back call after login”. I did that and my script worked pretty fine.

Fuck cookie jar in curl. Why the hell the developers didn’t provide a way to override to manage cookies??

If you are interested to know how did I solve it, let me explain a bit.

I set CURLSETOPT_HEADER to true so that I get back the header info
curl_setopt($ch, CURLOPT_HEADER, 1);

and then I parse that header info and extracted the cookies
$end = strpos($header, “Content-Type”);
$start = strpos($header, “Set-Cookie”);
$parts = split(“Set-Cookie: “,substr($header, $start, $end-$start));
$cookies = array();
foreach ($parts as $co)
{
$cd = split(“;”,$co);
if (!empty($cd[0]))
$cookies[] = $cd[0];
}

I will replace this section with RegEx

and finally I set those cookies to my next request using CURLSETOPT_COOKIE
curl_setopt($ch, CURLOPT_COOKIE, implode(“;”,$cookies));

Thats it!! It works pretty fine without cookie jar.

NOTE: I know that cookiejar is a very useful feature for curl users as it automates the cookie management. But I am saying “fuck cookiejar” because developers of curl didn’t provide any way to override cookie management process. If they give us way to use cookijar with any other options beside disk files, it would be beautiful. But in fact I am a big fan of this cookijar feature of curl, except the selfish automation.