Jump to content

Login Problem with php/CURL


dahype

Recommended Posts

Hello buddies,

i am working on a php that must

1.login to a website with user/password

2.fill in a second form inside this website

3.submit & get the result

 

My script actually can login but i get "rejected" after some second with the message that my session is over.

This is probably a cookie problem but i can't figure it out.

 

The script is the following:

 

<?php

 

$cookie_jar = tempnam('/','cookie');

 

$url = "http://example.com/index.php";

$POSTFIELDS = 'field1=value1&username=myuser&password=mypass';

$reffer = "https://example.com/";

$agent = "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)";

$cookie_file_path = "/";

 

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, $url);

curl_setopt($ch, CURLOPT_USERAGENT, $agent);

curl_setopt($ch, CURLOPT_POST, 1);

curl_setopt($ch, CURLOPT_POSTFIELDS,$POSTFIELDS);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);

curl_setopt($ch, CURLOPT_REFERER, $reffer);

curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);

curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);

$result = curl_exec($ch);

 

$url = "https://example.com/second.php?fromlogin=true";

curl_setopt($ch, CURLOPT_URL, $url);

curl_setopt($ch, CURLOPT_USERAGENT, $agent);

curl_setopt($ch, CURLOPT_POST, 1);

curl_setopt($ch, CURLOPT_POSTFIELDS,null);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);

curl_setopt($ch, CURLOPT_REFERER, null);

curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);

curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);

 

$result2 = curl_exec($ch);

$url = "https://example.com/third.php";

curl_setopt($ch, CURLOPT_URL, $url);

curl_setopt($ch, CURLOPT_USERAGENT, $agent);

curl_setopt($ch, CURLOPT_POST, 1);

curl_setopt($ch, CURLOPT_POSTFIELDS,null);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);

curl_setopt($ch, CURLOPT_REFERER, "https://example.com/second.php?fromlogin=true");

curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);

curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);

 

$result3 = curl_exec($ch);

$file = tempnam('/','output');

$handle = fopen("output", "w+");

fwrite  ( $handle  , "one:".$result."\ntwo:".$result2."\nthree:".$result3 );

fclose($handle);

curl_close($ch);

?>

 

 

and what i have in output file is

one:<html><head><meta http-equiv="Refresh" content="5;url=https://example.com/index.php?part=timeout"></head><body></body></html>

two:<html><head><meta http-equiv="Refresh" content="0;url=index.php?part=timeout"></head><body></body></html>

three:function Set_Cookie(name, value, expires, path, domain, secure )

{

// set time, it's in milliseconds

var today = new Date();

today.setTime( today.getTime() );

 

/*

if the expires variable is set, make the correct

expires time, the current script below will set

it for x number of days, to make it for hours,

delete * 24, for minutes, delete * 60 * 24

*/

 

var expires_date = new Date( today.getTime() + (expires) );

 

document.cookie = name + "=" +escape( value ) +

( ( expires ) ? ";expires=" + expires_date.toGMTString() : "" ) +

( ( path ) ? ";path=" + path : "" ) +

( ( domain ) ? ";domain=" + domain : "" ) +

( ( secure ) ? ";secure" : "" );

}

 

Set_Cookie("windowname", '', 2147483647, '/', '', '');

 

:facewall:

does anybody know where i am doing it wrong?

Link to comment
Share on other sites

and how do i set the cookie for the www.example.com ?

 

 

Hi dahype,

 

It may be that you first have to the second website's root (www.example.com) and set the cookie there before you attempt anything else.

 

Might be worth a go.

Link to comment
Share on other sites

sorry for the question, i am quite new to it: how do i update my cookie info every time?

 

After each request you need to update your cookie info, and maintain it, failure to do so could cause a "logout" if the session identifier changes. Are you sure your cookie jar/file is being written correctly?

Link to comment
Share on other sites

You're script isn't calling the cookie file, just the cookie file path location twice, so change every occurence of:

curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);

 

to:

curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_jar);

 

Also might be worth changing:

$cookie_jar = tempnam('/','cookie');

 

to:

$cookie_jar = ('cookie.txt');

 

Also, if you don't need cookie path info, again just edit every occurence of:

curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_jar);

 

to:

curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_jar);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_jar);

 

and delete the $cookie_file_path = "/"; string completely.

 

Then, you need to make 3 separate cURL requests for each operation.  One to login to the site, one to fill in the form and one to submit the form.

 

 

Link to comment
Share on other sites

 

Then, you need to make 3 separate cURL requests for each operation.  One to login to the site, one to fill in the form and one to submit the form.

 

Ok, so for the index.php i need to make 3 request,

the first with $url = "example.com/index.php"

the second ?

the third with $url = "example.com/index.php" and $POSTFIELDS correctly set for the login process.

 

Did i get it right? I don't understand what the second request will contain.

thx

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.