|
PHP - Curl To Login Then Complete Another Form
After many hours of playing and help from here and other places I have managed to figure out how to login to a particular website, then submit a form that you have to be logged in to get to using cURL. The reason behind me doing this is because my client needs to submit about 40 forms a day per website, there are 3 sites, so that is 120 forms. I am hoping that I can reduce this to only 40 forms, and once they complete one they can just submit it to the other 2 without retyping or copy pasting every field.
This is what I have so far, a problem is that I can not give the website username and password as it is a paid for site that my client has entrusted me with. I can tell you that the site is careerjunction.co.za and within the recruiters section. Now this site works a little different, first off there is no remember me on the login area, and it uses cookies to let me get around. If I login, it gives me a cookie, if I try login again from another computer, it gives an error and tells me I have to logout first, with a click here to logout of the other session. If I login and then click logout, a javascript window asks me if I am sure and then logs me out after pressing yes. Every month they make you change your password, and have a form come up saying old pass, new pass, repeat new pass. The script below works only if I am logged out, so this logs in then shows the form, problem is I can not do this a second time 2 days later because I have to logout first, and I can not use it if the account is already logged in. I would like to adjust the script to logout first, then login and show the form. Code: [Select] //create a file called cookie.txt and place in site root with perms at 777 first. //logout page is "http://v1.careerjunction.co.za/usr/mltses.asp?" curl_login("http://v1.careerjunction.co.za/rec/acc/logfrmupd.asp", "Username=example&Password=example", "", "false"); echo curl_grab_page("http://v1.careerjunction.co.za/rec/my/job/jobfrm.asp?recno=-1&p=1&HideTemp=1", "", "false"); function curl_login($url,$data,$proxy,$proxydata){ $fp = fopen("cookie.txt", "w"); fclose($fp); $login = curl_init(); curl_setopt($login, CURLOPT_COOKIEJAR, "cookie.txt"); curl_setopt($login, CURLOPT_COOKIEFILE, "cookie.txt"); curl_setopt($login, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"); curl_setopt($login, CURLOPT_TIMEOUT, 40); curl_setopt($login, CURLOPT_RETURNTRANSFER, TRUE); if ($proxystatus == 'true') { curl_setopt($login, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($login, CURLOPT_HTTPPROXYTUNNEL, TRUE); curl_setopt($login, CURLOPT_PROXY, $proxy); } curl_setopt($login, CURLOPT_URL, $url); curl_setopt($login, CURLOPT_HEADER, TRUE); curl_setopt($login, CURLOPT_USERAGENT, $SERVER['HTTP_USER_AGENT']); curl_setopt($login, CURLOPT_FOLLOWLOCATION, TRUE); curl_setopt($login, CURLOPT_POST, TRUE); curl_setopt($login, CURLOPT_POSTFIELDS, $data); ob_start(); //prevent any output return curl_exec ($login); //execute the curl command ob_end_clean(); //stop preventing output curl_close ($login); unset($login); } function curl_grab_page($site,$proxy,$proxystatus){ $ch = curl_init(); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); if ($proxystatus == 'true') { curl_setopt($login, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($login, CURLOPT_HTTPPROXYTUNNEL, TRUE); curl_setopt($login, CURLOPT_PROXY, $proxy); } curl_setopt($ch, CURLOPT_COOKIEFILE, "cookie.txt"); curl_setopt($ch, CURLOPT_URL, $site); ob_start(); //prevent any output return curl_exec ($ch); //execute the curl command ob_end_clean(); //stop preventing output curl_close ($ch); } The end result I would like to have is this My customer needs to have a form on their own website that once completed needs to go onto their website database, this seems simple enough for me to achieve. Then they need to be able to complete a very similar form on three other websites without logging into each and filling out the form all over again. So I would like it that once they have their own form completed, they could click a button and that would submit all the data to the relative site, therefore they would have 3 buttons one for each site they want to submit data to. I am only dealing with the first site at the moment so I have a very long way to go, and this does not even account for if they want to edit an existing form or anything like that. Whew I think I have bitten off a little more than I bargained for. Maybe a curl / php expert from here would like to PM me and we can work out some form of remuneration to help me complete this project, I have the entire site designed already and this is just part of the backend of the site. Let me know what sort of $$dolars you think it would cost to help please. Similar TutorialsA 3rd party hosts our online ordering site that is integrated with our inventory software program. I have a customer login page on our "Corporate Site" and I am wanting to login to our "online ordering site" directly from this page. First I tried: Code: [Select] <p class="main_body"><form action="http://mysite.com/login javascript:window.location=http://my3rdparysite.com/login" method="post" id="contactform"><table><tr><td><input name="username" type="hidden" value="demo" /></td></tr><tr><td><input name="password" type="hidden" value="demo" /></td></tr><tr><td> </td><td><input name="Submit" type="submit" value="Sign in to Demo account" /></td></tr></table></form></p> This takes me to http://my3rdpartysite.com/login. The text on the page displays {"success":true,"route":"\/myname\/customer\/"} . So when I change the url in the browser from http://my3rdpartysite.com/login to http://my3rdpartysite.com/customer, I am logged in. So, then I researched to see if there is a way to inject javascript in the form or url so when it reaches 3rdpartysite.com/login, it would automatically redirect to 3rdpartysite.com/customer, then I would be logged in. _____________ Here is the other idea. Log into 3rdpartysite.com/login from customer login page on corporate site using curl, grab the sessionid, then redirect to the 3rdpartysite.com/customer?SESSIONID=$session....... except.. I do not know how to store the SESSIONID into $session. Code: [Select] <?PHP $headers = array("User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.8) Gecko/20061025 Firefox/1.5.0.8"); $url="http://my3rdpartysite.com/login"; $ch = curl_init(); curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookies.txt'); curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookies.txt'); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt ($ch, CURLOPT_POST, 1); curl_setopt ($ch, CURLOPT_POSTFIELDS, "username=demo&password=demo"); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); curl_setopt($ch, CURLOPT_MAXREDIRS, 4); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); $store = curl_exec ($ch); curl_close ($ch); print_r($store); ?> <script type="text/javascript"> <!-- window.location = "http://my3rdpartysite.com/customer?SESSIONID=<?PHP echo"$SESSION";?>" //--> </script> Any ideas? Hi, I am very excited, making my first post in this very qualified, highly active forum. I try to log in using curl. I do not know so much about the problem, but the login-cookie should be written to the server disk somehow, I think. I have tried the following two snippets. (The original source of the snippets and the login credentials for the site I am trying to log in to are indicated in the quoted code.) <?php // http://www.zgpzw.com/bbs/pz/liangpic.asp // http://www.zgpzw.com/bbs/pz/showpic.asp?number=4852&code=fb67aa6082363a6d // tsttst, tsttstpwd /* cookiejar.php http://curl.haxx.se/libcurl/php/examples/cookiejar.html This script is an example of using curl in php to log into on one page and then get another page passing all cookies from the first page along with you. If this script was a bit more advanced it might trick the server into thinking its netscape and even pass a fake referer, yo look like it surfed from a local page. */ $ch = curl_init(); curl_setopt($ch, CURLOPT_COOKIEJAR, "/tmp/cookieFileName"); curl_setopt($ch, CURLOPT_URL,"http://www.zgpzw.com/bbs/pz/liangpic.asp"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt ($ch, CURLOPT_POSTFIELDS, 'username=tsttst&password=tsttstpwd&CookieDate=2&userhidden=2'); ob_start(); // prevent any output curl_exec ($ch); // execute the curl command ob_end_clean(); // stop preventing output curl_close ($ch); unset($ch); $ch = curl_init(); curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); curl_setopt($ch, CURLOPT_COOKIEFILE, "/tmp/cookieFileName"); curl_setopt($ch, CURLOPT_URL,"http://www.zgpzw.com/bbs/pz/showpic.asp?number=4852&code=fb67aa6082363a6d"); $buf2 = curl_exec ($ch); curl_close ($ch); // echo "<PRE>".htmlentities($buf2); echo $buf2; ?> <?php // http://www.knowledgesutra.com/forums/topic/38162-automatic-login-using-curl/ // INIT CURL $ch = curl_init(); // SET URL FOR THE POST FORM LOGIN curl_setopt($ch, CURLOPT_URL, 'http://www.zgpzw.com/bbs/pz/liangpic.asp'); // ENABLE HTTP POST curl_setopt ($ch, CURLOPT_POST, 1); // SET POST PARAMETERS : FORM VALUES FOR EACH FIELD curl_setopt ($ch, CURLOPT_POSTFIELDS, 'username=tsttst&password=tsttstpwd&CookieDate=2&userhidden=2'); // IMITATE CLASSIC BROWSER'S BEHAVIOUR : HANDLE COOKIES curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookie.txt'); # Setting CURLOPT_RETURNTRANSFER variable to 1 will force cURL # not to print out the results of its query. # Instead, it will return the results as a string return value # from curl_exec() instead of the usual true/false. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); // EXECUTE 1st REQUEST (FORM LOGIN) $store = curl_exec ($ch); // SET FILE TO DOWNLOAD curl_setopt($ch, CURLOPT_URL, 'http://www.zgpzw.com/bbs/pz/showpic.asp?number=4852&code=fb67aa6082363a6d'); // EXECUTE 2nd REQUEST (FILE DOWNLOAD) $content = curl_exec ($ch); // CLOSE CURL curl_close ($ch); echo $content; ?> I am trying to help a friend who is a collector of Chinese ration tickets. The login page I am trying to log in to is this: http://www.zgpzw.com/bbs/pz/liangpic.asp The log in form looks like this Code: [Select] <form method="post" action="../login.asp?action=chk" onSubmit="return checkLogin(this);"> <tr> <td width="60" height="27">???:</td> <td><input type="text" name="username" id="username" tabindex="1" style="width:120px;height:22px;BORDER-RIGHT: #666666 1px solid; BORDER-TOP: #666666 1px solid; FONT-SIZE: 9pt; BORDER-LEFT: #666666 1px solid; BORDER-BOTTOM: #666666 1px solid"/></td> </tr> <tr> <td width="60" height="27">??:</td> <td><input type="password" name="password" id="pwd1" tabindex="2" style="width:120px;height:22px;BORDER-RIGHT: #666666 1px solid; BORDER-TOP: #666666 1px solid; FONT-SIZE: 9pt; BORDER-LEFT: #666666 1px solid; BORDER-BOTTOM: #666666 1px solid"/></td> </tr> <tr> <td> </td> <td height="30"><input type="hidden" name="comeurl" value="/bbs/pz/showpic.asp?number=4852&code=fb67aa6082363a6d"/> <input name="CookieDate" type="hidden" value="2"> <input name="userhidden" type="hidden" value="2"> <input type=image alt=?? src="image/login.gif" name=image3 width="60" height="19"></td> </tr> </form> To check if my login is successful I try to curl down the following page: http://www.zgpzw.com/bbs/pz/showpic.asp?number=44213&code=f278c2ae7f53ba02 The proof that one would be correctly logged in is that the page would show pictures of Chinese ration tickets. (Not just text) If I go to the login page and provide the login data manually (putting logincookie not on server, but on my workstation) works, of course. http://www.zgpzw.com/bbs/pz/liangpic.asp The site is in Chinese, but I do not think it makes so much difference. If my question is unclear, please ask for clarifications. The two login scripts I am trying are not successful. (Or rather - I have failed in applying them.) What should I do to log in to this site using php-curl? Thanks. ycc
My real job is as a radio announcer. We are required to play advertising commercials for various programs that we broadcast. I wrote a script a few years ago to automatically login to the providers website (PHP, Curl) and download the mp3's that we are supposed to play each day.
$url = 'http://domain.com/formprocessing.html';
$fields = array(
'username' => urlencode('xxx'),
'password' => urlencode('xxx')
);
$fields_string = '';
foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
rtrim($fields_string, '&');
//open connection
$ch = curl_init();
//set the url, number of POST vars, POST data
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_POST, count($fields));
curl_setopt($ch,CURLOPT_POSTFIELDS, $fields_string);
//execute post
$result = curl_exec($ch);
//close connection
curl_close($ch);
Hello I've been trying to login to a website using cURL, and display it's contents from the members area. This is the code I have so far: <?php $cookie="cookie.txt"; $postdata = "lkgqfwwxzvln=username&lickrxkXVSQecjgUJguaIXtgohvojodeUVRQrnDLXUEGQEn=password"; $ch = curl_init(); curl_setopt ($ch, CURLOPT_URL, "https://account.perfectworld.com/login"); curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6"); curl_setopt ($ch, CURLOPT_TIMEOUT, 60); curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_COOKIEJAR, $cookie); curl_setopt ($ch, CURLOPT_REFERER, "http://core.perfectworld.com/home/"); curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata); curl_setopt ($ch, CURLOPT_POST, 1); $result = curl_exec ($ch); curl_close($ch); echo $result; exit; ?> I tried it at a wordpress login, and it worked very well. However, it doesn't seem to work with perfectworld.com, since the page returned says "Our sincerest apologies, we cannot provide service to players in your region or to players using open proxies.". Seems like they are detecting it somehow. Any way to bypass this? What I'm intending to do is parse out my character's level etc. which is available when logged in. thanks Hi guys, I hope this is the right place to post this. I have two subdomains, one has authentication login already setup, so I just want to use the "single sign on" method using curl to achieve this. below is my script. I have tested it and it does pass variables to the authentication page but I can not be logged in, I am hoping you guys can help. $passed_vars='l_username='.$_REQUEST["l_username"].'&l_password='.$_REQUEST["l_password"].'&returnURL='.$_REQUEST["returnURL"]; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'http://example.com/play/login'); curl_setopt ($ch, CURLOPT_POST, 1); curl_setopt ($ch, CURLOPT_POSTFIELDS, $passed_vars); curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookie.txt'); curl_setopt ($ch,CURLOPT_COOKIEFILE, 'cookie.txt'); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); $store = curl_exec ($ch); curl_close($ch); when I do print_r($store) I can see the login page returned but no sessions set. Thanks
I'm trying to login to a site, navigate a couple of pages deep, and then scrape a table. I had all this working, but the site changed their login workflow...and I can't figure out what I need to do to make this work.
I had a script to automatically login to a site, and download data from it. The provider just updated their pages. They now appear to be JSON. The previous code was straight php and curl. When trying to login now, I get this error page echoed: Hello, I am trying to use cURL to login to a website, but I can't seem to get it working. Website I'm trying to login to: http://www.uniquearticlewizard.com/amember/member.php Here is what their form code looks like: Code: [Select] <form name="login" method="post" action="/amember/member.php"> <table class="vedit" > <tr> <th>Username</th> <td><input type="text" name="amember_login" size="15" value="" /></td> </tr> <tr> <th>Password</th> <td><input type="password" name="amember_pass" size="15" /></td> </tr> <tr> <td colspan="2" style='padding:0px; padding-bottom: 2px;'> <input type="checkbox" name="remember_login" value="1"> <span class="small">Remember my password?</span> </td> </tr> </table> <input type="hidden" name="login_attempt_id" value="1291657877" /> <br /> <span class='button'><input type="submit" value=" Login " /></span> <span class='button'><input type="button" value=" Back " onclick="history.back(-1)" /></span> </form> As you can see they are using a javascript button to submit the form, which doesn't have a name attribute. So I'm not sure how to get around this and tell cURL to submit the form. When I Googled I found something that said just submit the other information and it will submit itself, but I'm not sure if that's right. Here is my attempt, but I just get a blank screen. I think the script is working, but something on there end is exiting out due to me not supplying a required piece of information. I'm not sure what that is though. Code: [Select] <?php set_time_limit(0); $options = array( CURLOPT_RETURNTRANSFER => true, // return web page CURLOPT_HEADER => false, // don't return headers CURLOPT_FOLLOWLOCATION => true, // follow redirects CURLOPT_ENCODING => "", // handle all encodings CURLOPT_USERAGENT => "spider", // who am i CURLOPT_AUTOREFERER => true, // set referer on redirect CURLOPT_CONNECTTIMEOUT => 120, // timeout on connect CURLOPT_TIMEOUT => 120, // timeout on response CURLOPT_MAXREDIRS => 10, // stop after 10 redirects ); $ch = curl_init( "http://www.uniquearticlewizard.com/amember/member.php" ); curl_setopt_array( $ch, $options ); $content = curl_exec( $ch ); $err = curl_errno( $ch ); $errmsg = curl_error( $ch ); $header = curl_getinfo( $ch ); curl_close( $ch ); $header['content'] = $content; preg_match('/name="login_attempt_id" value="(.*)" \/>/', $header['content'], $form_id); $value = $form_id[1]; $ch = curl_init(); // SET URL FOR THE POST FORM LOGIN curl_setopt($ch, CURLOPT_URL, 'http://www.uniquearticlewizard.com/amember/member.php'); // ENABLE HTTP POST curl_setopt ($ch, CURLOPT_POST, 1); $data = array('amember_login' => '*****', 'amember_pass' => '*****', 'login_attempt_id' => $value, 'remember_login' => '1'); // SET POST PARAMETERS : FORM VALUES FOR EACH FIELD curl_setopt($ch, CURLOPT_POSTFIELDS, $data); // IMITATE CLASSIC BROWSER'S BEHAVIOUR : HANDLE COOKIES curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookie.txt'); # Setting CURLOPT_RETURNTRANSFER variable to 1 will force cURL # not to print out the results of its query. # Instead, it will return the results as a string return value # from curl_exec() instead of the usual true/false. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); // EXECUTE 1st REQUEST (FORM LOGIN) $store = curl_exec($ch); echo $store; curl_close ($ch); ?> They do have a form value that changes on every page refresh, it just tracks the login attempt (which is a long number). I was able to scrape that and put it in the form with the correct value. I thought adding that would successfully log me in, but apparently there is something else going on. Any help would be greatly appreciated! Hey guys i'm using the following code to POST data to the HTTPS url given below. But I m unable to perform a remote login and access the rest of the website. Can u find out the flaws in the code snippet and rectify it ? Or suggest a new code snippet. Also can anyone suggest how to open/read the contents of the login restricted pages on a successful login . $fullurl = "https://premium.rpnet.biz/login.php/"; $postFields="username=&password=&cookieval=on&login="; $username=""; $password=""; $ch = curl_init(); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_FAILONERROR, 0); curl_setopt($ch, CURLOPT_USERPWD, "$username:$password"); curl_setopt($ch, CURLOPT_POSTFIELDS,$postFields); curl_setopt($ch, CURLOPT_URL, $fullurl); curl_setopt($ch, CURLOPT_COOKIEFILE, "cookie.txt"); # The name of the file containing the cookie data. curl_setopt($ch, CURLOPT_COOKIEJAR, "cookie.txt"); $returned = curl_exec($ch); curl_close ($ch); var_dump($returned); --------------------------------------------------------------- Output: HTTP/1.1 200 OK Date: Fri, 05 Nov 2010 16:27:58 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3 Set-Cookie: PHPSESSID=nthfd25gn6vpm89k18fpgamgc6; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 6336 Connection: close Content-Type: text/html; charset=UTF-8 ================================================ If I change the url to https://premium.rpnet.biz/usercp.php/ then the output is HTTP/1.1 302 Found Date: Fri, 05 Nov 2010 16:28:00 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: lo[uname]=deleted; expires=Thu, 05-Nov-2009 16:27:59 GMT; path=/; domain=premium.rpnet.biz Set-Cookie: lo[pass]=deleted; expires=Thu, 05-Nov-2009 16:27:59 GMT; path=/; domain=premium.rpnet.biz Location: https://premium.rpnet.biz/login.php Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 bool(true) I'm trying to login to a vBulletin forum using a captcha login. I am, however, not able to download the captcha image. This is the result I get when I try to get the captcha: So how do I get the captcha image? This is my current login code: Code: [Select] <?php $user='username'; $pass='password'; $md5Pass = md5($pass); $data = "do=login&vb_login_md5password=$md5Pass&vb_login_md5password_utf=$md5Pass&vb_login_username=$user&cookieuser=1"; $ch = curl_init(); curl_setopt ($ch, CURLOPT_URL, "http://www.****.com/login.php?do=login"); curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"); curl_setopt ($ch, CURLOPT_TIMEOUT, '10'); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch,CURLOPT_POSTFIELDS,$data); curl_setopt($ch, CURLOPT_COOKIEJAR, "cookie.txt"); curl_setopt($ch, CURLOPT_COOKIEFILE, "cookie.txt"); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); $store = curl_exec ($ch); curl_close($ch); echo $store; ?> Maybe the site looks for a cookie and only shows the captcha if it finds the cookie file? I have this function completely written in my class file that I am working on. The point to this function is to be able to check the login of a user or administrator for either of the control panels associated with my site. It will check the session intime as well as the page / module referenced. Once it passes all those checks, it will check and ensure the emailaddress/password stored in the current session still holds true and the account is still active... if the account is still active it will update the lastActivity as well as update all of the session variables with what is currently in the database. What I am looking for is basically a look at the function, see if it looks good.. If there is any part to it that could create security holes for the site just off the login function itself... Usage: $q->validUser($_SESSION['user'], $_mod); <?php function validUser($sess, $p) { if ($sess['inTime'] == '' && $p != 'login' && $p != 'logout') { session_destroy(); $login = '0'; $_int = ''; return $login; } else if ($sess['inTime'] < time()-3600 && $p != 'login') { $sess['inTime'] = ''; session_destroy(); $this->check_login($sess, $p); } else { $this->user = $sess['emailAddress']; $this->pass = $sess['password']; $login = $this->sql_query("SELECT * FROM users WHERE emailAddress = '".$this->user."' AND password = '".$this->pass."' AND status = '1' LIMIT '1'"); if ($login = $this->sql_numrows($login) < 1) { $sess['inTime'] == ''; session_destroy(); $login = '0'; } else { // logged in, lets update the database for last_activity AND the session. $this->sql_query("UDATE users SET lastActivity = '".now()."' WHERE emailAddress = '".$this->user."'"); $login = $this->sql_query("SELECT * FROM users WHERE emailAddress = '".$this->user."' AND password = '".$this->pass."' AND status = '1' LIMIT '1'"); $login = mysql_fetch_assoc($login); foreach ($login as $key => $value) { $sess[$key] = $value; } $sess['inTime'] = time(); $login = '1'; } return $login; } } ?> That is the main function, sql_query and sql_numrows is: <?php function sql_query($query = "", $transaction = FALSE) { unset($this->query_result); if ($query != "") { $this->num_queries++; if ($transation == BEGIN_TRANSACTION && !$this->in_transation) { $result = mysql_query("BEGIN", $this->db_connect_id); if (!$result) { return false; } $this->in_transaction = TRUE; } $this->query_result = mysql_query($query, $this->db_connect_id); } else { if ($transaction == END_TRANSACTION && $this->in_transaction ) { $result = mysql_query("COMMIT", $this->db_connect_id); } } if ($this->query_result) { unset($this->row[$this->query_result]); unset($this->rowset[$this->query_result]); if ($transaction == END_TRANSACTION && $this->in_transaction ) { $this->in_transaction = FALSE; if (!mysql_query("COMMIT", $this->db_connect_id)) { mysql_query("ROLLBACK", $this->db_connect_id); return false; } } return $this->query_result; } else { if ($this->in_transaction ) { mysql_query("ROLLBACK", $this->db_connect_id); $this->in_transaction = FALSE; } return false; } } function sql_numrows($query_id = 0) { if(!$query_id) { $query_id = $this->query_result; } return ($query_id) ? mysql_num_rows($query_id) : false; } ?> Any insight that can help to benefit these functions would be appreciated. Hi everybody ! I have this current problem .. I need to login into a website via cUrl .. website : www.v-tac [dot] ro/ Now based on the headers and based on the input fields I wrote a php function, but I hit a wall with the token . HEADERS : username=username&password=password&Submit=Conectare&option=com_users&task=user.login&return=aW5kZXgucGhwP0l0ZW1pZD0yMTY%3D&0dbf64fe20e2395a7d72ed5b64b3cf7c=1FORM FIELDS - copy paste - this is the login form <fieldset class="userdata"> <p id="form-login-username"> <label for="modlgn-username">Nume Utilizator</label> <input id="modlgn-username" type="text" name="username" class="inputbox" size="18"> </p> <p id="form-login-password"> <label for="modlgn-passwd">Parola</label> <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18"> </p> <p id="form-login-remember"> <label for="modlgn-remember">Retine utilizator</label> <input id="modlgn-remember" type="checkbox" name="remember" class="inputbox" value="yes"> </p> <input type="submit" name="Submit" class="button" value="Conectare"> <input type="hidden" name="option" value="com_users"> <input type="hidden" name="task" value="user.login"> <input type="hidden" name="return" value="aW5kZXgucGhwP0l0ZW1pZD0yMTY="> <input type="hidden" name="11b09608b3184e6258012d44846c81ed" value="1"> </fieldset>And this is the function I wrote to do the cUrl login :
function login_to_website($targetURL){
global $browser_user_agent;
if(empty($targetURL)) { return; }
if(empty($login_url)) { $login_url = $targetURL; }
$url = $login_url;
$login_user = "loginusername";
$login_password = "loginpassword";
$thetoken = "this-is-my-problem-the-token-from-the-hidden-input";
$post_data = array();
$post_data['username'] = "$login_user";
$post_data['password'] = "$login_password";
$post_data['Submit'] = "Conectare";
$post_data['option'] = "com_users";
$post_data['task'] = "user.login";
$post_data['return'] = "aW5kZXgucGhwP0l0ZW1pZD0yMTY%3D";
$post_data[$thetoken] = "1";
$postthis = http_build_query($post_data);
$login = curl_init();
curl_setopt($login, CURLOPT_COOKIEJAR, dirname(__FILE__) . "/cookie.tmpz");
curl_setopt($login, CURLOPT_COOKIEFILE, dirname(__FILE__) . "/cookie.tmpz");
curl_setopt($login, CURLOPT_VERBOSE, true);
curl_setopt($login, CURLOPT_URL, $url);
curl_setopt($login, CURLOPT_USERAGENT, random_user_agent());
curl_setopt($login, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($login, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($login, CURLOPT_POST, TRUE);
$timeout = 5;
curl_setopt( $login, CURLOPT_CONNECTTIMEOUT, $timeout );
curl_setopt( $login, CURLOPT_TIMEOUT, $timeout );
curl_setopt( $login, CURLOPT_MAXREDIRS, 10 );
curl_setopt($login, CURLOPT_POSTFIELDS, $postthis); // POST vars
curl_setopt($login, CURLOPT_HEADER, 0); // debug headers sent - 1
$data = curl_exec ($login);
curl_setopt($login, CURLOPT_URL, $targetURL);
$datax = curl_exec ($login);
return $datax;
// close cURL resource, and free up system resources
curl_close($login);
}
The problem is this the last array input.
the token is generated each time the page is loaded, located on the page as an input hidden field .So the question is how do I get a fresh token that will work ? Also I have tried to get the token with a xpath extract like this :
$htmlx = file_get_contents('http://www.v-tac.ro');
$htmlx = mb_convert_encoding($htmlx, 'UTF-8', mb_detect_encoding($htmlx)); //make sure this is utf8
if(!strlen($htmlx)) {echo "No HTML here . stoping execution ."; return;}
$doc = new DomDocument;
@$doc->loadHTML($htmlx);
$xpath = new DOMXPath($doc);
echo $xpath->query('//fieldset[@class="userdata"]/input[5]')->item(0)->getAttribute("name");
$thetoken = $xpath->query('//fieldset[@class="userdata"]/input[5]')->item(0)->getAttribute("name");
Help !?
I am trying to create a remote login to one website using mine. The users will need to enter their username and password on my site, and if they are registered to my website, their login credentials will be sent to another website and a page will be retrieved.
I am stuck at sending the users' data to the original site. The original site's viewsource is this..
<form method=post> <input type="hidden" name="action" value="logon"> <table border=0> <tr> <td>Username:</td> <td><input name="username" type="text" size=30></td> </tr> <tr> <td>Password:</td> <td><input name="password" type="password" size=30></td> </tr> <td></td> <td align="left"><input type=submit value="Sign In"></td> </tr> <tr> <td align="center" colspan=2><font size=-1>Don't have an Account ?</font> <a href="?action=newuser"><font size=-1 color="#0000EE">Sign UP Now !</font></a></td> </tr> </table>I have tried this code, but not works.
<?php
$username="username";
$password="password";
$url="http://www.example.com/index.php";
$postdata = "username=".$username."&password=".$password;
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_REFERER, $url);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt ($ch, CURLOPT_POST, 1);
$result = curl_exec ($ch);
header('Location: track.html');
//echo $result;
curl_close($ch);
?>
Any help would be appreciated, Thanks in advance.
Hi, I am trying to make a registration form for users. The registration is for a seminar introducing a particular system for them. This (web based) system is merely a remote website. But in order for the users to actually use the system at the seminar, they HAVE to have logged in on the system in advance/prior to the seminar at least once. So in my registration form I want to include a curl login of the system, which should be invisible to the users. Hence I don't want to open a popup loading the system/remote site - I would like for this to happen without the users knowing it. So they enter username and password, Curl then does the login and then returns either "Succes! You were logge in!" or "There was an error. You were not logged in!". I have no use for additional information from the remote site - the only thing is that they should login this once - that's it. My code is below - and it works if the remote site is NOT using https (that is http ;-)) but if the remote site IS running https I get no message back. The line "if (stristr($result, "loginerrors"))" is set because the remote site includes the keyword "loginerrors" if you weren't logged in properly. Any suggestions? <?php $post_data['username'] = 'something@domain.com'; $post_data['password'] = 'MyPassword'; //traverse array and prepare data for posting (key1=value1) foreach ( $post_data as $key => $value) { $post_items[] = $key . '=' . $value; } //create the final string to be posted using implode() $post_string = implode ('&', $post_items); //create cURL connection $curl_connection = curl_init('https://www.domain.com/login.php'); //set options curl_setopt($curl_connection, CURLOPT_CONNECTTIMEOUT, 30); curl_setopt($curl_connection, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"); curl_setopt($curl_connection, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl_connection, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($curl_connection, CURLOPT_SSL_VERIFYPEER, false); //set data to be posted curl_setopt($curl_connection, CURLOPT_POSTFIELDS, $post_string); //perform our request $result = curl_exec($curl_connection); if (stristr($result, "loginerrors")) { echo "There was an error. You were not logged in!"; }else{ echo "Succes! You were logge in!"; } //close the connection curl_close($curl_connection); ?> Hi, I'm trying to auto login to a website(created by me ;-) ) using the curl. as I am new to this I don't know how to make this possible. following is the code I tried but this is not submitting the data in the other site. the 'usr_name' and 'password' the field names in the page "http://localhost/myproject/users/login". and I have given a print_r in that site and it is displaying Array ( [loginType] => L [step] => confirmation [usr_name] => dasd@hotmail.com [password] => test123 ) but not submitting the form. please help me.... this is the code i've tried..I got this from web... $login = "http://localhost/myproject/users/login"; $param="loginType=L&step=confirmation&usr_name=dasd@hotmail.com&password=test123"; $c = curl_init(); curl_setopt($c, CURLOPT_URL, $login); curl_setopt($c, CURLOPT_COOKIEJAR, "cookies.txt"); curl_setopt($c, CURLOPT_COOKIEFILE, "cookies.txt"); curl_setopt($c, CURLOPT_POST, 1); curl_setopt($c, CURLOPT_POSTFIELDS, $param); curl_setopt($c, CURLOPT_RETURNTRANSFER, 1); curl_setopt($c, CURLOPT_FOLLOWLOCATION, 1); echo curl_exec($c); thanks in advance....
I'm trying to login and scrape a page 4 pages deep. I can get to the fourth page...but that page only returns AJAX ERROR:0. I know NOTHING about AJAX calls via Curl. Can someone please help me with what to look for in the source code of the 4th page (when using a browser) to what I'm supposed to pass along via CURL? i am new to curl .and i m trying to create create a script to log into yahoo and click the confermation link in emails. but i am stuck witht he login process only i made the code below . but still i cant make it work. the problem is yahoo is implementing a captcha challange for this kind of automated headers. do you have any idea ho to make it work again without alerting the captcha challange ? the header i caught through the livehttp header is as follows: Content-Length: 347 .tries=1&.src=ym&.md5=&.hash=&.js=&.last=&promo=&.intl=in&.bypass=&.partner=&.u=4ls6cr96lbs8e&.v=0&.challenge=W9w31pCrbdazCcY4mH41fVsyxwd8&.yplus=&.emailCode=&pkg=&stepid=&.ev=&hasMsgr=0&.chkP=Y&.done=http%3A%2F%2Fmail.yahoo.com&.pd=ym_ver%3D0%26c%3D%26ivt%3D%26sg%3D&pad=1&aad=1&login=myyahooid&passwd=mypassword&.persistent=y&.save=&passwd_raw= <?php $authUrl = "https: //login. yahoo . com/config/login?"; $userAgent = "Mozilla/5.0 (Windows NT 5.1; rv:2.0b11) Gecko/20100101 Firefox/4.0b11"; $referer = "http : // my . yahoo . com"; $login = "userid"; $password = "password"; $numPostData = 22; $cookieFileJar = "ycookie.txt"; $cookie = 0; $postData = ".tries=1&.src=ym&.md5=&.hash=&.js=&.last=&promo=&.intl=in&.bypass=&.partner=&.u=4ls6cr96lbs8e&.v=0&.challenge=W9w31pCrbdazCcY4mH41fVsyxwd8&.yplus=&.emailCode=&pkg=&stepid=&.ev=&hasMsgr=0&.chkP=Y&.done=http%3A%2F%2Fmail.yahoo.com&.pd=ym_ver%3D0%26c%3D%26ivt%3D%26sg%3D&pad=1&aad=1&login=$login&passwd=$password&.persistent=y&.save=&passwd_raw=" ; $ch = curl_init(); curl_setopt($ch, CURLOPT_USERAGENT, $userAgent); // Set the referrer curl_setopt($ch, CURLOPT_REFERER, $referer); // Set the authentication url curl_setopt($ch, CURLOPT_URL, $authUrl); // Set number of post fields curl_setopt($ch, CURLOPT_POST, $numPostData); //Set post data in key=value pair such as login=yourusername curl_setopt($ch, CURLOPT_POSTFIELDS, $numPostData); //Set filename for storing cookie information curl_setopt($ch, CURLOPT_COOKIEJAR, $cookieFileJar); //Set ffilename for checking the stored cookie information curl_setopt($ch, CURLOPT_COOKIEFILE, $cookieFileJar); //Set option for cookie curl_setopt($ch, CURLOPT_COOKIE, $cookie); //set this to output the result as string and not output directly ot browser curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); //set this value to 1 if you want to redirect to the url you provided as service url curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0); //Set this option if you do not want to verify ssl curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); //set this option if you do not want to verify peer's certificate curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); //now execute the curl $res = curl_exec($ch); echo $res; //check if the username and password is valid if ((preg_match("/invalid/i", $res)) || (preg_match("/not yet taken/i", $res))) { echo "Invalid Login"; } else { //if CURLOPT_FOLLOWLOCATION is set to 1 then after logging in successfully user is directed to url that is specified as service url echo "Logged In"; } ?> then i have to work for clicking confermation links in mails. please suggest me some ways.i would be very grateful to you Hi all... This is the form post link of amazon login https://www.amazon.com/gp/flex/sign-in/help-select.html/ref=ya_sign_in_ This is my script and i am unable to submit values . please help <?php $user="aaa@aaa.com"; $password="ssdddd"; $data="email=".$user."&password=".$password."useRedirectOnSuccess=1&path=https://www.amazon.com/gp/css/homepage.html&action=sign-in&protocol=https"; curl_setopt($curl, CURLOPT_URL, "https://www.amazon.com/gp/flex/sign-in/help-select.html/ref=ya_sign_in_"); curl_setopt($curl,CURLOPT_CONNECTTIMEOUT,20); curl_setopt($curl, CURLOPT_REFERER, "https://www.amazon.com/"); curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, $data); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 3); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 0); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE); $result = curl_exec($curl); curl_close($curl); ?> Help will be appreciated Hi guys, what I'm struggling to do is 1) Users land on https://www.mysite.com/login.php 2) Users type their email and password 3) POST data submitted to http://www.3rdparty.com/login.php with cURL 4) Users redirected to http://www.3rdparty.com/index.php (logged in). I've been using this simple form to POST directly to the 3rd party site. Code: [Select] <form name="loginform" method="post" target="_blank" action="http://www.3rdparty.com/login.php"> Email <input name="email" type="text"> Password<input name="password" type="password"> <input name="submit" type="submit" id="loginbutton" value="login"></form> This works great. But now I've installed a SSL on my site and I've just realised that using the form above, the data is still POSTed as a plain text because the 3rd party site is not https. So I want to submit the form to my login.php form and let this form take the users to the 3rd party site. So at least the user inputs to my site is encrypted. My new code looks like this. Code: [Select] <form name="loginform" method="post" target="_blank" action="login.php"> Email <input name="email" type="text"> Password<input name="password" type="password"> <input name="submit" type="submit" id="loginbutton" value="login"></form> <?php if(isset($_POST['email'])) $email= $_POST['email']; if(isset($_POST['password'])) $password= $_POST['password']; if(isset($_POST['submit'])) $submit = $_POST['submit']; $Curl_Session = curl_init('http://www.3rdparty.com/login.php'); curl_setopt ($Curl_Session, CURLOPT_POST, 1); curl_setopt ($Curl_Session, CURLOPT_POSTFIELDS, "email=$email&password=$password&submit=$submit"); curl_setopt ($Curl_Session, CURLOPT_FOLLOWLOCATION, 1); $result = curl_exec ($Curl_Session); curl_exec ($Curl_Session); curl_close ($Curl_Session); print $result; ?> What this code is doing now is it's just rendering the www.3rdparty.com's login page (not logged in) on my site. When I type wrong values, it renders www.3rdparty.com's login page with an error message on it. So I think at least the values are being POSTed but it doesn't log me in. All of the cURL codes available out there seem to POST the data and fetch some results back not redirecting the users to another site. My ultimate goal is to POST the form and redirect the users to the 3rd party site's member area as well. I tried header("Location: http://www.3rdparty.com/index.php"); but it just takes user to that page without being logged in. Could anyone give me some hints? |
|||||||