Jump to content

[SOLVED] Website Login with API:Login and PHP curl


kiki64

Recommended Posts

Posted same in mediawiki forums, question here to see if curl is correctly made to set cookies on computer.  Sorry for long post hate when someone doesn't give me enough information, need more just tell me.

 

Well I have been trying this for a while and not sure where to go next.

What I am trying to do is have a single login that logins in Mediawiki, PHPbb, and regular website.(Using phpbb and mw login intergration extention if matters)

 

I can login phpbb with their api and get the cookies needed, no problem.

 

I can login MediaWiki from a standard html form with the api:login, but you have to go to api and then that would stop phpbb from completing login.

 

If looking over kiki0313 is username for testing and password is exempt

 

I know some php but first time using curls (don't have to leave page to login with mw api) I have everything setup to what I believe I need (plus debug)

 

PHP Code:

$ch=curl_init();

$postfield = "lgname=" . $username . "&lgpassword=" . $password;

$url = "http://localhost/wiki/api.php?action=login";

curl_setopt($ch, CURLOPT_URL, $url); // set url to post to

curl_setopt($ch, CURLOPT_HEADER, 1); 

curl_setopt($ch, CURLOPT_POST, 1);

curl_setopt($ch, CURLOPT_POSTFIELDS, $postfield);

curl_setopt($ch, CURLOPT_COOKIEJAR, 'C:/wamp/www/cookie.txt');

curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

$page = curl_exec($ch);

 

echo "<pre>";

print_r(curl_getinfo($ch)); 

echo "\n\ncURL error number:" .curl_errno($ch); 

echo "\n\ncURL error:" . curl_error($ch);

echo "</pre><br/>";

 

curl_close($ch);

echo nl2br($page); 

If I am missing something please tell me.

Here is the output after I submit the username and password

 

print_r(curl_getinfo($ch));

Array

(

=> http://localhost/wiki/api.php?action=login

[content_type] => text/html; charset=utf-8

[http_code] => 200

[header_size] => 649

[request_size] => 180

[filetime] => -1

[ssl_verify_result] => 0

[redirect_count] => 0

[total_time] => 0.218

[namelookup_time] => 0

[connect_time] => 0.015

[pretransfer_time] => 0.015

[size_upload] => 37

[size_download] => 930

[speed_download] => 4266

[speed_upload] => 169

[download_content_length] => 930

[upload_content_length] => -1

[starttransfer_time] => 0.218

[redirect_time] => 0

)

 

cURL error number:0

cURL error:

 

echo nl2br($page);

HTTP/1.1 200 OK

Date: Wed, 24 Jun 2009 06:01:45 GMT

Server: Apache/2.2.11 (Win32) PHP/5.2.9-2

X-Powered-By: PHP/5.2.9-2

Set-Cookie: wikidb_session=u6qu2o078a2vhq4v3u3ccsl0v1; path=/; HttpOnly

Set-Cookie: wikidbUserID=2; expires=Fri, 24-Jul-2009 06:01:46 GMT; path=/; httponly

Set-Cookie: wikidbUserName=Kiki0313; expires=Fri, 24-Jul-2009 06:01:46 GMT; path=/; httponly

Set-Cookie: wikidbToken=58dc1932d83e516f727b04d46dd2db79; expires=Fri, 24-Jul-2009 06:01:46 GMT; path=/; httponly

Expires: Thu, 01 Jan 1970 00:00:01 GMT

Cache-Control: s-maxage=0, must-revalidate, max-age=0

Content-Length: 930

Content-Type: text/html; charset=utf-8

 

Response from Api

You are looking at the HTML representation of the XML format.

HTML is good for debugging, but probably is not suitable for your application.

See complete documentation, or API help for more information.

<?xml version="1.0"?>

<api>

<login result="Success" lguserid="2" lgusername="Kiki0313" lgtoken="58dc1932d83e516f727b04d46dd2db79" cookieprefix="wikidb" sessionid="u6qu2o078a2vhq4v3u3ccsl0v1" />

</api>

 

curl_setopt($ch, CURLOPT_COOKIEJAR, 'C:/wamp/www/cookie.txt');

# Netscape HTTP Cookie File

# http://curl.haxx.se/rfc/cookie_spec.html

# This file was generated by libcurl! Edit at your own risk.

 

#HttpOnly_localhost FALSE / FALSE 0 wikidb_session u6qu2o078a2vhq4v3u3ccsl0v1

#HttpOnly_localhost FALSE / FALSE 1248415306 wikidbUserID 2

#HttpOnly_localhost FALSE / FALSE 1248415306 wikidbUserName Kiki0313

#HttpOnly_localhost FALSE / FALSE 1248415306 wikidbToken 58dc1932d83e516f727b04d46dd2db79

 

Live HTTP Headers from html form post

 

http://localhost/wiki/api.php?action=login

 

POST /wiki/api.php?action=login HTTP/1.1

Host: localhost

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11) Gecko/2009060215 Firefox/3.0.11 (.NET CLR 3.5.30729)

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-Language: en-us,en;q=0.5

Accept-Encoding: gzip,deflate

Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7

Keep-Alive: 300

Connection: keep-alive

Referer: http://localhost/makesession2.php

Content-Type: application/x-www-form-urlencoded

Content-Length: 75

lgname=kiki0313&lgpassword=(lists my password)&login=Log+In

 

HTTP/1.x 200 OK

Date: Tue, 23 Jun 2009 16:58:56 GMT

Server: Apache/2.2.11 (Win32) PHP/5.2.8

X-Powered-By: PHP/5.2.9-2

Set-Cookie: wikidb_session=0vvehgeoqbh620mn7p4q5g96s0; path=/; HttpOnly

Set-Cookie: wikidbUserID=2; expires=Thu, 23-Jul-2009 16:58:56 GMT; path=/; httponly

Set-Cookie: wikidbUserName=Kiki0313; expires=Thu, 23-Jul-2009 16:58:56 GMT; path=/; httponly

Set-Cookie: wikidbToken=58dc1932d83e516f727b04d46dd2db79; expires=Thu, 23-Jul-2009 16:58:56 GMT; path=/; httponly

Expires: Thu, 01 Jan 1970 00:00:01 GMT

Cache-Control: s-maxage=0, must-revalidate, max-age=0

Content-Length: 930

Keep-Alive: timeout=5, max=100

Connection: Keep-Alive

Content-Type: text/html; charset=utf-8

 

 

I believe cookies are not being saved to computer with curl. Please help me, I am stuck and not really sure what I have to do to get this to work. I have searched I believe all the mediawiki website plus google search for everything I can think of. I feel like I am really close, Girr.

 

Thank you for any help, Kiki64

Link to comment
Share on other sites

First off, please put all your code inside the bbcode php tags.

 

2nd, curl is a client library. It runs on the server, and allows your server to act as a *client*.  As such, it can *accept* cookies, when they are required, and utilize them.  Curl does not set cookies, because it is a client, not a server.  You can set cookies in php without issue.  For that you use the setcookie() function.

Link to comment
Share on other sites

<?php
if(isset($_POST['logmein'])) {
define('IN_PHPBB', true);
$phpbb_root_path = './forums/';     //Path to forum
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);

// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup();

if($user->data['is_registered'])
{
    echo 'Already logged on';
}
else
{
    $username = request_var('lgname', '', true);
    $password = request_var('lgpassword', '', true);
    $autologin = (!empty($_POST['autologin'])) ? true : false;

// Media Wiki

$ch=curl_init();

$postfield = "lgname=" . $username . "&lgpassword=" . $password;
$url = "http://localhost/wiki/api.php?action=login";

curl_setopt($ch, CURLOPT_URL, $url); // set url to post to
curl_setopt($ch, CURLOPT_VERBOSE, 1); 
curl_setopt($ch, CURLOPT_HEADER, 1); 
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postfield);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'C:/wamp/www/cookie.txt');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$page = curl_exec($ch);

echo "<pre>";
print_r(curl_getinfo($ch));  
echo "\n\ncURL error number:" .curl_errno($ch);  
echo "\n\ncURL error:" . curl_error($ch);
echo "</pre><br/>";

curl_close($ch);
echo nl2br($page);

// phpbb
$result = $auth->login($username, $password, $autologin);

}
}?>

User Interface Here html that stuff

<?php
if(isset($_POST['logmein'])) {
if ($result['status'] == LOGIN_SUCCESS)
    {
echo 'Success';
unset($_POST['logmein']);
    }
    else
    {
echo 'Fail';
    }
}
?>
<form method="POST" action="">
<input type="text" name="lgname" size="40" /><br />
<input type="password" name="lgpassword"  size="40" /><br />
<input type="submit" value="Log In" name="logmein" />
</form>  

More User Interface

 

Thank you for further clearafication on curl.

 

Now if the server is essentially getting the cookies.(am I correct with this?)  What should I use to pull them from response header that curl receives.  I know how to setup cookies with php usually but I am just not sure how I am to get the values from the curl cookies since I believe mediawiki sessions are randomly generated.  I know the names of cookies it sets so that is not a problem.

 

Thank you for responding and helping me with this.

 

Sorry about tags mediawiki forums had php specific tag and forgot to change to code

Link to comment
Share on other sites

I have solved my problem, I will post revised script once I am done if someone needs it so please don't lock thread or what ever I will click topic solved after I post finished script.

 

BTW Thank you so much gizmola, didn't quite understand curl was server acting as client. Thank you

Link to comment
Share on other sites

[sOLVED]

MediaWiki Only Login

 

<?php
$ch=curl_init();
$postfield = "lgname=$username&lgpassword=$password";
$url = "http://localhost/wiki/api.php?action=login"; //url to wiki's api

curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, 1); 
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postfield);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

preg_match_all('/^Set-Cookie: (.*?)=(.*?);/m', curl_exec($ch), $m);
curl_close($ch);
$cookiename = $m[1];
$cookievalue = $m[2];
$cookieexpire = time() + 2592000;
$cookiepath = "/";
$cookiesecure = "0";
$cookiehttponly = "1";
$i = '-1';

// If is not needed for production server, can't have cookie's domain equal to localhost in my tests

if ($_SERVER['HTTP_HOST'] == 'localhost') {
    foreach ($m[1] as $value) {
    $i = $i+1;
    setcookie($cookiename[$i], $cookievalue[$i], $cookieexpire, $cookiepath, NULL, $cookiesecure, $cookiehttponly);
    }
}
else {
// If for production server remove all in between these comments
$cookiedomain = ".uvnc.com";
    foreach ($m[1] as $value) {
    $i = $i+1;
    setcookie($cookiename[$i], $cookievalue[$i], $cookieexpire, $cookiepath, $cookiedomain, $cookiesecure, $cookiehttponly);
    }
}?> 

<form method="POST" action="">
<label>Username: </label><input type="text" name="lgname" size="25" /><br />
<label>Password: </label><input type="password" name="lgpassword" size="25" /><br />
<input type="submit" value="Log In" name="login" />
</form>

 

PHPbb and MediaWiki External Login

 

<?php
if(isset($_POST['logmein'])) {
define('IN_PHPBB', true);
$phpbb_root_path = './forums/';     //Path to forum
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);

// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup();

if($user->data['is_registered'])
{
    echo 'Already logged on';
}
else
{
    $username = request_var('lgname', '', true);
    $password = request_var('lgpassword', '', true);
    $autologin = (!empty($_POST['autologin'])) ? true : false;

// Media Wiki

$ch=curl_init();
$postfield = "lgname=$username&lgpassword=$password";
$url = "http://localhost/wiki/api.php?action=login"; //url to wiki's api

curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, 1); 
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postfield);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

preg_match_all('/^Set-Cookie: (.*?)=(.*?);/m', curl_exec($ch), $m);
curl_close($ch);
$cookiename = $m[1];
$cookievalue = $m[2];
$cookieexpire = time() + 2592000;
$cookiepath = "/";
$cookiesecure = "0";
$cookiehttponly = "1";
$i = '-1';

// If is not needed for production server, can't have cookie's domain equal to localhost in my tests

if ($_SERVER['HTTP_HOST'] == 'localhost') {
foreach ($m[1] as $value) {
$i = $i+1;
setcookie($cookiename[$i], $cookievalue[$i], $cookieexpire, $cookiepath, NULL, $cookiesecure, $cookiehttponly);
}
}
else {
// If for production server remove all in between these comments
$cookiedomain = ".uvnc.com";
foreach ($m[1] as $value) {
$i = $i+1;
setcookie($cookiename[$i], $cookievalue[$i], $cookieexpire, $cookiepath, $cookiedomain, $cookiesecure, $cookiehttponly);
}
}
// phpbb
$result = $auth->login($username, $password, $autologin);
}
}?>


<?php
if(isset($_POST['logmein'])) {
if ($result['status'] == LOGIN_SUCCESS)
    {
echo 'Success';
unset($_POST['logmein']);
    }
    else
    {
echo 'Fail';
    }
}
?>
<form method="POST" action="">
<input type="text" name="lgname" size="40" /><br />
<input type="password" name="lgpassword"  size="40" /><br />
<input type="submit" value="Log In" name="logmein" />
</form>  


 

Worked for me Hopefully works for you,

Kiki64

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.