cURL login am I missing something?

[cooldude832]

Trying to get into digg.com, its not working saying invalid credentials what ever  anyone see anything obvious I missed?

 

<?php
#check if it needs to login if not logged in, and form submitted
if(empty($_POST)){
#digg.com login page 
$url = "http://digg.com/login/verify/digg";
#define required inputs to login the name of said fields
$inputs = array();
$inputs['username'] = "username";
$inputs['password'] = "password";
#the submitted url
$inputs['url'] = "";


#initalize cURL instant
$ch = curl_init();
#set the curl options needed
curl_setopt($ch, CURLOPT_URL, $url);
#copy mozilla as browser
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
#to keep pages from sitting forever
curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
#send the return back?
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
#to store login info
curl_setopt($ch, CURLOPT_COOKIEFILE, "cookiefile");
curl_setopt($ch, CURLOPT_COOKIEJAR, "cookiefile"); # SAME cookiefile
#set PostData
curl_setopt ($ch, CURLOPT_POST, 1);
$PostData = $inputs['username']."=".$_POST['username']."&".$inputs['password']."=".$_POST['password'];
curl_setopt ($ch, CURLOPT_POSTFIELDS, $PostData);

$data = curl_exec ($ch); 

echo $data;
} 

echo "<br /><br /><br />";
#Submission form
echo "<form action='' method='post'>";
echo "Username: <input type='text' name='username' value='' /><br />";
echo "Password: <input type='password' name='password' value='' /><br />";
echo "<input type='submit' value='Login' />";
echo "</form>";

?>

[cooldude832]

I figured it out digg.com uses a captcha for its login to prevent what I am trying to do looks like I need to figure out how to get around that

[corbin]

Good luck getting around a CAPTCHA with PHP.

 

 

Do they have a system design for automated login?  If not, it's probably against their ToS and a bad idea.

 

 

 

Plus I think that people should respect other website's reasonable wishes (such as not pulling content remotely and using it for one's own gain).

 

 

Edit:  I'm guessing that's what you're doing anyway.

[cooldude832]

Yeah I didn't read through digg's ToS but odds are its in there to not destruct any intelligent info thus the login.

 

 

The point was to be able to post into digg without having to login, not to abuse it.  It is suppose to be a "service" like CL

[corbin]

CL?  Never heard of CL.

 

 

 

Anyway, if they have a CAPTCHA and don't have an API, it's probably not worth the effort.  I wonder how long you could get the site to let you stay logged in though.....  If you logged in and then transfered the session to the PHP script...  It could work.

[cooldude832]

craigslist => CL

 

 

I've done it before for IvPB for a site that required you to fill out an application to join so the applications would auto post to a private area on the forums so members could review the app before approving.

 

You login at what ever the login processor is and then you reset your post data and do a second cURL request in the same php doc.

 

 

 

[cunoodle2]

I thought that the idea of the captcha was precisely this.... to prevent automated program from logging in.