by Marc Plotz

You probably know that cURL is a wonderful tool for extracting data from a Web page -- that's a given if you are a developer worth your salt. However, in this article, I want to show you how to use cURL to do things for you. We will start by exploring cURL in detail and then move on to use a very cool script to update our Facebook status.

Of course, you need a more than basic understanding of PHP for this article.

What Is cURL?

In 1997, a developer named Daniel Stenberg started writing cURL as a command-line interface way to transfer files using FTP, HTTP, Gopher and many more. Since then, many people have provided further contributions toward the technology. Today, cURL is a big part of PHP and a very powerful tool to have in your developer toolbox.

To check if you have cURL installed on your computer, fire up your command line and type:

$ cURL -V

On my MacBook, I get this result:

curl 7.19.7 (universal-apple-darwin10.0) libcurl/7.19.7 OpenSSL/0.9.8l zlib/1.2.3
Protocols: tftp ftp telnet dict ldap http file https ftps
Features: GSS-Negotiate IPv6 Largefile NTLM SSL libz

If you don't get an error on the point above, then you are generally OK. Now, to test cURL, try something like this:

$ cURL www.google.com

And the result I get is:

$ curl www.google.com
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://www.google.co.za/">here</A>.
</BODY></HTML>

Not quite the result I was looking for, but simple enough to know that CURL actually works. I got that page because Google wants to redirect me to my local version of Google, not www.google.com but www.google.co.za in my case.

Now, the good news is that PHP has some very powerful built-in functions that take away the need for command line interfacing. Let's take a look at this now.

Using cURL and PHP for Scripting

In order to use cURL to get the contents of a site within a PHP script, we can use the following code:

<?php

$ch = curl_init("http://www.example.com/");
$fp = fopen("example.txt", "w");

curl_setopt($ch, CURLOPT_FILE, $fp);
curl_setopt($ch, CURLOPT_HEADER, 0);

curl_exec($ch);
curl_close($ch);
fclose($fp);

The above code will grab the content from www.example.com and chuck it into the file example.txt.

Breaking it down, we see that:

$ch = cURL_init("http://www.example.com/"); // Init and tell CURL where we will be visiting.

$fp = fopen("example.txt", "w"); // Open a file for writing.

cURL_setopt($ch, CURLOPT_FILE, $fp); // Tell CURL we're writing to $fp

cURL_setopt($ch, CURLOPT_HEADER, 0); // Do not include a header in the output

cURL_exec($ch); // Execute!

cURL_close($ch); // Close - shut down CURL, we're done.

fclose($fp); // Close the file for reading.

Do yourself a favor and test this script -- it works well and shows the beginning of some very powerful scripting power we have at our disposal.

Update Your Facebook Status with PHP and cURL

Let's move on by updating our Facebook status. We are going to use a very cool script to update our Facebook status. What we are going to need to do to get it to work properly is log in to Facebook, update our status, and then log out. We are going to handle all of this with cURL in four steps.

Let's set up the basics. We'll need to know our Facebook email address, password, and the status we want to post. Of course we can post the status from a form if we want to be fancy.

<?php

$status = 'Hello Facebook!'; $email = 'myemail@facebook.com'; $pass = 'mypassword';

$ch = curl_init();
curl_setopt($ch, CURLOPT_COOKIEJAR, "mycookie.txt"); 
// Fake your cookie collection
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0"); 
// Fake your browser
curl_setopt($ch, CURLOPT_URL,"http://m.facebook.com/"); 
// Tell CURL where we are going
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
// Tell CURL to return whatever comes back

$fbhome = curl_exec ($ch); 
// Execute!

preg_match("/<form method=\"post\" action=\"(.*)\">/U", $fbhome, $formaction); 
// find the form on the page
urlencode(preg_match("/<input type=\"hidden\" name=\"charset_test\" value=\"(.*)\" \/>/U", $fbhome, $chartest));
preg_match("/<input type=\"hidden\" name=\"post_form_id\" value=\"(.*)\" \/>/U", $fbhome, $formid);

curl_close ($ch); 
// Kill the login part of the CURL session
unset($ch);

$ch = curl_init(); // Start a NEW CURL SESSION
curl_setopt($ch, CURLOPT_COOKIEFILE, "mycookie.txt"); 
// Fake the cookie collection
curl_setopt($ch, CURLOPT_COOKIEJAR, "mycookie.txt"); 
// Fake the cookie file
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0"); 
// Fake the browser
curl_setopt($ch, CURLOPT_URL, $formaction[1]); 
// POST THE FORM
curl_setopt($ch, CURLOPT_POST, 1); 
// Set the method to POST
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "post_form_id=".$formid[1]."charset_test=".$chartest[1]."&email=$email&pass=$pass&login=Log+in"); 
// Add some fields to the form. Facebook requires these.

$loggedin = curl_exec ($ch); 
// Execute the Facebook Login

preg_match("/<form method=\"post\" id=\"composer_form\" action=\"\/a\/home.php(.*)\">/U", $loggedin, $formaction);
preg_match("/<input type=\"hidden\" name=\"fb_dtsg\" value=\"(.*)\" autocomplete=\"off\" \/>/U", $loggedin, $dtsg);
preg_match("/<input type=\"hidden\" name=\"post_form_id\" value=\"(.*)\" \/>/U", $loggedin, $formid);

curl_close ($ch);
unset($ch); 
// We're logged in, kill the current CURL SESSION.

And finally, post the status.

$ch = curl_init(); // We pretty much do the same again - I could put this in a function, but for clarity will not.
curl_setopt($ch, CURLOPT_COOKIEFILE, "cookie.txt");
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0");
curl_setopt($ch, CURLOPT_URL, 'http://m.facebook.com/a/home.php'.$formaction[1]); 
// POST THE FORM
curl_setopt($ch, CURLOPT_POST, 1); 
// Make sure it's set to POST.
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "charset_test=".$chartest[1]."&fb_dtsg=".$dtsg[1]."&post_form_id=".$formid[1]."&status=$status&update=Share"); 
// Send the status in the URL, via GET

$buf2 = curl_exec ($ch);

curl_close ($ch);
unset($ch); 
// Kill it, we are done!

In conclusion, cURL is a very powerful tool that allows us to not only get but also send information to and from a server. Used correctly, we can very easily manipulate websites such as Facebook to do our bidding. Please remember though -- always use responsibly.

Until next time,

Marc Steven Plotz