Jump to content

Sending POST data with cURL


3raser
 Share

Recommended Posts

I've looked at various cURL tutorials and the PHP manual, but I don't see what I'm doing wrong here. My goal is to be able to send data to test.php and then have that page run a MySQL query to insert the TITLE and MESSAGE into the database. Any comments? :/

 

post.php

<?php
                if(isset($_GET['title']) && isset($_GET['message']) && isset($_GET['times']))
                {
                    $array = array('title' => urlencode($_GET['title']), 'message' => urlencode($_GET['message']));
                    
                    foreach($array as $key => $value) { $fields = $key.'='. $value .'&'; }
                    rtrims($felds);
                    
                    //set our init handle
                    $curl_init = curl_init();
                    
                    //set our URL
                    curl_setopt($curl_init, CURLOPT_URL, 'some url');
                    
                    //set the number of fields we're sending
                    curl_setopt($curl_init ,CURLOPT_POST, count($array));
                    
                    for($i = 0; $i < $_GET['times']; $i++)
                    {
                        //send the POST data
                        curl_setopt($curl_init, CURLOPT_POSTFIELDS, $fields);
                        curl_exec($curl_init);
                        
                        echo 'post #'.$i. ' sent<br/>';
                    }
                    
                    //complete
                    echo '<b>COMPLETE</b>';

                    //close session
                    curl_close($curl_init);
                    
                }
                else
                {
                    ?>
        
                    <form action="post.php" method="GET">
                    <table>
                    <tr><td>Title</td><td><input type="text" name="title" maxlength="30"></td></tr>
                    <tr><td>Content</td><td><textarea name="message" rows="20" cols="45" maxlength="2000"></textarea></td></tr>
                    <tr><td>Process Amount</td><td><input type="text" name="times" size="5" maxlength="3"></td></tr>
                    <tr><td>START</td><td><input type="submit" value="Initiate Posting"></td></tr>
                    </table>
                    </form>
        
                    <?php
                }
            ?>

 

test.php

<?php

mysql_connect('host', 'user', 'pass');
mysql_select_db('somedb');

if($_POST['title'] && $_POST['message'])
{
    mysql_insert("INSERT INTO tests VALUES (null, '{$_POST['title']}', '{$_POST['message']}')");
}

echo '<hr><br/>';

//query
$query = mysql_query("SELECT * FROM tests ORDER BY id DESC");

while($row = mysql_fetch_assoc($query))
{
    echo $row['id'].'TITLE: '. $row['title'] .'<br/>MESSAGE: '. $row['message'] .'<br/><br/>';
}
?>

Link to comment
Share on other sites

                    foreach($array as $key => $value) { $fields = $key.'='. $value .'&'; }
                    rtrims($felds);

 

If you copy/pasted directly from your code, you seem to have errors in these two lines of code.

In the first line, the equals (=) should be concatenating (.=), otherwise the variable will only have the last key and value in it. The second line has 'fields' mispelled.

 

I don't know if that fixes the problem, but it's a place to start.

Link to comment
Share on other sites

                    foreach($array as $key => $value) { $fields = $key.'='. $value .'&'; }
                    rtrims($felds);

 

If you copy/pasted directly from your code, you seem to have errors in these two lines of code.

In the first line, the equals (=) should be concatenating (.=), otherwise the variable will only have the last key and value in it. The second line has 'fields' mispelled.

 

I don't know if that fixes the problem, but it's a place to start.

 

Thanks, I'll fix that right away;

 

EDIT: Ahaha! I had to fix my query as it said mysql_insert() instead of query, and of course the report above. All seems to be posting well now! :)

Link to comment
Share on other sites

Another question: The page I'm sending the data to is successfully sent, but it requires a cookie before I'm allowed to post. This was my attempt:

 

//set our URL
                    curl_setopt($curl_init, CURLOPT_URL, 'some url'');
                    
                    //set our cookie
                    curl_setopt($curl_init, CURLOPT_COOKIEJAR, 'cookie.txt');// set where cookies will be stored
                    curl_setopt($curl_init, CURLOPT_COOKIEFILE, 'cookie.txt');// from where it will get cookies
                   //curl_setopt($curl_init , CURLOPT_COOKIE, 'Cookie:session_hash=adsfasdf');

 

How can I send the cookie that holds the login hash/session so it retrieves the posts? The above didn't work.

Link to comment
Share on other sites

It's probably an anti-CSRF measure, pretty much to prevent what you're doing.

 

Do you have to be logged in on the end site to do whatever you're doing?

 

Yes, you have to be logged in - but that's it. There is no other prevention besides needing the session_hash cookie.

Link to comment
Share on other sites

Bump once again

 

Current question: Am I properly sending the cookie to the requested website?

 

Current code: [or see a pastebin dump of the code: http://pastebin.com/a8GVB8Rq]

 

<?php
                if(isset($_GET['success']))
                {
                    echo '<B>COMPLETE! <a href="index.php">Back</a></B>';
                }
                elseif(isset($_GET['title']) && isset($_GET['message']) && isset($_GET['times']))
                {
                    $array = array('title' => urlencode($_GET['title']), 'message' => urlencode($_GET['message']));
                    
                    foreach($array as $key => $value) { $fields .= $key.'='. $value .'&'; }
                    rtrim($fields, '&');
                    
                    //set our init handle
                    $curl_init = curl_init();
                    
                    //set our URL
                    curl_setopt($curl_init, CURLOPT_URL, 'test.php');
                    
                    curl_setopt($curl_init , CURLOPT_COOKIE, 'Cookie:session_hash=abd508857b569a944b5d502f1c055aed9f926f13');
                    
                    //set the number of fields we're sending
                    curl_setopt($curl_init ,CURLOPT_POST, count($array));
                    
                    for($i = 0; $i < $_GET['times']; $i++)
                    {
                        //send the POST data
                        curl_setopt($curl_init, CURLOPT_POSTFIELDS, $fields);
                        
                        curl_exec($curl_init);
                    }
                  
                    //close session
                    curl_close($curl_init);
                    
                    //complete
                    header('index.php?success=true');
                    
                }
                else
                {
                    ?>
        
                    <form action="index.php" method="GET">
                    <table>
                    <tr><td>Title</td><td><input type="text" name="title" maxlength="30"></td></tr>
                    <tr><td>Content</td><td><textarea name="message" rows="20" cols="45" maxlength="2000"></textarea></td></tr>
                    <tr><td>Process Amount</td><td><input type="text" name="times" size="5" maxlength="3"></td></tr>
                    <tr><td>START</td><td><input type="submit" value="Initiate Posting"></td></tr>
                    </table>
                    </form>
        
                    <?php
                }
            ?>

Link to comment
Share on other sites

If the site requires you to be logged in using your username/password, you would need to first post your username/password to the login processing page to start a session and get a session cookie value that matches that session id. Then the page you are posting to should consider you to be logged in.

Link to comment
Share on other sites

If the site requires you to be logged in using your username/password, you would need to first post your username/password to the login processing page to start a session and get a session cookie value that matches that session id. Then the page you are posting to should consider you to be logged in.

 

Thanks for the quick reply, it's greatly appreciated.  :)

Link to comment
Share on other sites

This thread is more than a year old.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.