PHP curl authentication question

I have my own site that store login info only in session. I need to use CURL to submit form, but trick is you need to login first before you can access page with form. So i tried to create two requests but it dont seem to work as intended even though i do get login on login page page with form still shows i am logged out.

//add data to be posted
$post_string1 = "username=test&password=1234";
$post_string2 = "value1=555";

//create cURL connection
$curl_connection1 = curl_init("http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\')."/login.php");
$curl_connection2 = curl_init("http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\')."/formpage.php");
 //create the multiple cURL handle
//set options
curl_setopt($curl_connection1, CURLOPT_POST, 1);
curl_setopt($curl_connection1, CURLOPT_POSTFIELDS, $post_string1);
curl_setopt ($curl_connection1, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($curl_connection1, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($curl_connection1, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)");
curl_setopt($curl_connection1, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl_connection1, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl_connection1, CURLOPT_FOLLOWLOCATION, 1);

curl_setopt($curl_connection2, CURLOPT_POST, 1);
curl_setopt($curl_connection2, CURLOPT_POSTFIELDS, $post_string2);
curl_setopt ($curl_connection2, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($curl_connection2, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($curl_connection2, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)");
curl_setopt($curl_connection2, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl_connection2, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl_connection2, CURLOPT_FOLLOWLOCATION, 1);


$mh = curl_multi_init();
curl_multi_add_handle($mh,$curl_connection1);
curl_multi_add_handle($mh,$curl_connection2); 

$active = null;

do {
    $mrc = curl_multi_exec($mh, $active);
} while ($mrc == CURLM_CALL_MULTI_PERFORM);

while ($active && $mrc == CURLM_OK) {
    if (curl_multi_select($mh) != -1) {
        do {
            $mrc = curl_multi_exec($mh, $active);
        } while ($mrc == CURLM_CALL_MULTI_PERFORM);
    }
}

//close the handles
curl_multi_remove_handle($mh, $ch1);
curl_multi_remove_handle($mh, $ch2);
curl_multi_close($mh);

//show information regarding the request
print_r(curl_getinfo($curl_connection1));
echo curl_errno($curl_connection1) . '-' . curl_error($curl_connection1);
//show information regarding the request
print_r(curl_getinfo($curl_connection2));
echo curl_errno($curl_connection2) . '-' . curl_error($curl_connection2);

Cookie.txt is writable and contains session, here's the response:

Array
(
    [url] => http://mysite.com/login.php
    [content_type] => text/html; charset=UTF-8
    [http_code] => 200
    [header_size] => 762
    [request_size] => 404
    [filetime] => -1
    [ssl_verify_result] => 0
    [redirect_count] => 1
    [total_time] => 0.270866
    [namelookup_time] => 2.9E-05
    [connect_time] => 0.000118
    [pretransfer_time] => 0.000193
    [size_upload] => 0
    [size_download] => 132955
    [speed_download] => 490851
    [speed_upload] => 0
    [download_content_length] => 0
    [upload_content_length] => 0
    [starttransfer_time] => 0.250872
    [redirect_time] => 0.01623
)
0-Array
(
    [url] => http://mysite.com/formpage.php?login=destroyed
    [content_type] => text/html; charset=UTF-8
    [http_code] => 200
    [header_size] => 786
    [request_size] => 415
    [filetime] => -1
    [ssl_verify_result] => 0
    [redirect_count] => 1
    [total_time] => 0.0开发者_如何转开发56873
    [namelookup_time] => 2.6E-05
    [connect_time] => 9.9E-05
    [pretransfer_time] => 0.000198
    [size_upload] => 0
    [size_download] => 9790
    [speed_download] => 172137
    [speed_upload] => 0
    [download_content_length] => 1
    [upload_content_length] => 0
    [starttransfer_time] => 0.013818
    [redirect_time] => 0.042138

---

Don't use two parallel curl handles for this. Depending on network conditions, your SECOND curl request could actually reach the server first, BEFORE the login request.

As well, CURL reads the cookie files at the time the request is executed. Both of your requests will fire off at basically the same time, BEFORE any login cookies are returned from the server. So both requests will be in a "not logged in" state.

Use a SINGLE curl handle, and do each invocation in sequence>

$ch = new CURL();
... set up login ...
... do login ...
... set options for second post
... do second post ...

Such a sequence guarantees that the login request (and cookie) will be completed and available before you start on the second request.