I'm trying to download music loop files from this site: looperman.com. I've registered as a user, and I'm trying to download the loops using cURL. When you log into looperman.com, there are a few cookies set, but by process of elimination, I notice the only on that is required for the server to see you as logged in is named 'loopermanlooperman'.

I've grabbed the value of that cookie, and set it as a variable. Then i pass it to the site like so:

$sessid = 'somehashedvaluehere';

$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Cookie: loopermanlooperman=$sessid;"));
curl_setopt($ch, CURLOPT_URL, "http://www.looperman.com/loops/detail/$pageID");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
echo $response;

When i echo the response, I see the cookie has not been set, and the site still sees me as not logged in. What am i doing wrong? Looperman is built using CodeIgniter. I wonder if they have some measure of protection to prevent setting cookies like this?

///UPDATE///

I tried COOKIE_JAR and CURLOPT_COOKIE. The cookies are still not set. I found this script from another Stack Overflow post that seems to get me most of the way there, but still cookies are set. Here it is:

$loginUrl = 'http://www.looperman.com/account/login/';
$loginFields = array('user_email' => 'login@site.com', 'user_password' => 'password');

getUrl($loginUrl, 'post', $loginFields); 
//now you're logged in and a session cookie was generated

$remote_page_content = getUrl('http://www.looperman.com/loops/detail/200');
echo $remote_page_content;

  function getUrl($url, $method='', $vars='') {
    $ch = curl_init();
    if ($method == 'post') {
      curl_setopt($ch, CURLOPT_POST, 1);
      curl_setopt($ch, CURLOPT_POSTFIELDS, $vars);
    }
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
    curl_setopt($ch, CURLOPT_COOKIEJAR, 'D:\wamp2\www\sandbox\cookie.txt');
    curl_setopt($ch, CURLOPT_COOKIEFILE, 'D:\wamp2\www\sandbox\cookie.txt');
    $buffer = curl_exec($ch);
    curl_close($ch);
    return $buffer;
  }

When this returns, the contents of D:\wamp2\www\sandbox\cookie.txt are:

Netscape HTTP Cookie File
http://curl.haxx.se/rfc/cookie_spec.html
This file was generated by libcurl! Edit at your own risk.

.looperman.com  TRUE    /   FALSE   1329245288  loopermancspr   147f3f08a0b50f7aa527789e360abbc8
.looperman.com  TRUE    /   FALSE   1328467688  loopermanlooperman  rX1UOdqyPEKkZ7HT0x8dSLk7g9yf5sSmg%2B7zj66hLM9LSmS1z4nqFO2zkEkqsUqKEwNMvEiExqSKoU2%2BfVsxlf3C9VyucMWt41TJVDtElUUIQrZxv0BmwZYP6JCJrY7wcT1%2FO7kKxRu8YI97YD%2BWdxX3jnWu2Zme9jg%2FMggp3%2Be%2BY%2FFiAorh36FR1zTbSY66VJVj7268WgMy6KNdJ1DxieypwaMb2HYGpBMsQRxcI6RawnOIEdjbaPKYuf8hVy40

But looperman still doesn't see me as logged in :(

You should use CURLOPT_COOKIE not CURLOPT_HTTPHEADER to set the cookie values sent in the request.

curl_setopt($ch, CURLOPT_COOKIE, "loopermanlooperman=$sessid")

CURLOPT_COOKIE

The contents of the "Cookie: " header to be used in the HTTP request. Note that multiple cookies are separated with a semicolon followed by a space (e.g., "fruit=apple; colour=red")

http://www.php.net/manual/en/function.curl-setopt.php/

It does make CURL send the cookie. Try requesting a script that outputs the contents of the headers like this;

<?php
echo "Your cookies \n";
print_r( $_COOKIE);
?>

It might be the site is checking the referral or host in your header. You can always try looking at the requests made in a browser (in chrome go Spanner -> Tools -> Developer Tool -> Network, now request the page and click on the request in the list. Should show all headers)