2

I'm trying to create an interactive web shell that will let you connect and perform actions in a different website using post requests but I also want the shell to update live (this is the "interactive" part).

I came across Keeping session alive with Curl and PHP and W3School PHP & AJAX but can I blend them together? is it possible to maintain a session with ajax? if not, what should I use to do this project?

EDIT:

To make things more clear, What I'm trying to do is:

  1. Go to my website
  2. Put my credentials to google and click a button
  3. background php sends a post request to google's login page with my credentials
  4. I see in my website a Login succeeded alert using ajax
  5. click a button on my website that will retrieve the content of the first email in my mail dir
  6. send a get request to gmail with php and return the data with ajax

Will it work? In 6 I need a live session to view the page and I'm creating the session on step 3, How do I keep the session alive?

Community
  • 1
  • 1
badprogrammerqq
  • 167
  • 7
  • AJAX will also send http request. Together with the headers like a normal http request. Meaning session identifier and cookies will also be sent via ajax. – frz3993 May 21 '16 at 18:09
  • @frz3993 So, Can I use ajax **_only_** to connect to a website via a post request and then access a members only page? – badprogrammerqq May 21 '16 at 18:15
  • @badprogrammerqq no you can't – Sofiene Djebali May 21 '16 at 18:17
  • @SofieneDjebali alright, so I guess I didn't understand what **frz3993** meant in "session identifier and cookies will also be sent via ajax", Does this mean my initial plan will work? My initial plan was doing what W3School had and sending the data to a php page like the one in the question I linked to in the main post but I don't think that the session will be alive cause the php script will run till the end in order to return data to the ajax function and in the second call the curl session wont live, am I right? – badprogrammerqq May 21 '16 at 18:25
  • "session identifier and cookies" will not be available to a cross origin request. Meaning, a cookie from another domain won't be available to your page. You can maintain session using curl if you set the cookie file and the curl options correctly. But you will need to handle if the server you're connecting to has deleted the session. – frz3993 May 21 '16 at 18:47
  • @frz3993 Edited the main post to make things more clear – badprogrammerqq May 21 '16 at 18:56
  • It is very tricky to do that. Even getting pass the login page is tricky, let alone retrieving the email from the gmail webpage. You are better off using the PHP IMAP extension, or better use the GMail API. – frz3993 May 21 '16 at 19:15
  • You could use serverside js to check if login is active while checking for new emails and if inactive connect through curl, retrieve data, and disconnect. You make calls to the server while the server syncs with the all the selected sites on the backend. – Nitin May 21 '16 at 19:32
  • Sounds good, I'll try to work on it tomorrow (It's night where I'm from) and I'll update this question. Thank you all for commenting! – badprogrammerqq May 21 '16 at 19:43

0 Answers0