Jump to content

curl login into website not working


brvnbld

Recommended Posts

Does this other site require a cookie or anything?

 

You see the other site and what happens when logs in, hard to help beyond what I tried.

 

i think it will require cookie, bcoz if i log in to that webpage this track.html on my website works very well.... 

thanks for the help, i heartily thank you for ur valuable time. 

Link to comment
Share on other sites

Sure, pertains to the problem at hand, although the person helping would need to be a member.

 

There are a few examples of curl and cookies in the forum.

http://forums.phpfreaks.com/index.php?app=core&module=search&do=search&fromMainBar=1

 

hi, dude, thanks for ur kind help. i found what is the problem., but couldn't find a solution. the login form in my page does not submit the data to the page on other website. i know this is too much to ask.i will post the whole page and html code with original links now.

 

the login form on my page. index1.html

<html>
<head>
<title></title>
<link rel="stylesheet" href="styles/main.css" type="text/css" media="print, projection, screen">
</head>
<body>
<center>
<br><br><br><br><br><br><br><br>
<div style="border:1px solid #000000;background:#EEEEEE;padding-top:15px;padding-bottom:5px;width:350px;">
<font size=+2>Sign In Form</font><br>

<form method=post action="http://www.bulksms2cash.com/index.php">
<input type="hidden" name="action" value="logon">
<table border=0>
<tr>
	<td>Username:</td>
	<td><input name="username" type="text" size=30></td>
</tr>
<tr>
	<td>Password:</td>
	<td><input name="password" type="password" size=30></td>
</tr>
	<td></td>
	<td align="left"><input type=submit value="Sign In"></td>   
</tr>
<tr>
	<td align="center" colspan=2><font size=-1>Don't have an Account ?</font> <a href="?action=newuser"><font size=-1 color="#0000EE">Sign UP Now !</font></a></td>
</tr>
</table>
</form>
//<script> document.forms[1].submit()</script>
//<script>$("#loginForm").submit();</script>
</div>
<br>
</center>
</body>
</html>

the html page on my website , which the user needs to see after login , track.html

<html>
<div style="position: absolute; left: 0px; top: 0px; border: solid 2px #555; width:594px; height:332px;">
<div style="overflow: hidden; margin-top: -100px; ;">
</div>
<iframe src="http://www.bulksms2cash.com#work" scrolling="no" style="height: 800; border: 0px none; width: 1280; margin-top: -60px; ; ">
</iframe>
</div>
</div>
<body>
</html>
Edited by brvnbld
Link to comment
Share on other sites

That jquery is a lot to scour through, but since is commented out is not being used.

 

Some things to think about.

Not all sites allow remote logins

as an example I block them at my sites, bogus hidden input, no direct access to the login process script, must be within a page on the site and sessions

some generate fresh tokens,check referrer locations

 

You keep having unquoted attribute values in the form

method="post"

type="submit"

 

so is this your curl script page http://www.bulksms2cash.com/index.php ?

the form should lead to your curl script, or keep the action blank and add the curl script same as the login form

  • Like 1
Link to comment
Share on other sites

hey thanks for the quick response, the http://www.bulksms2cash.com/index.php is not the curl script page, its the login page itself. the source code of this page is same as the login page in mine, except for the {action=""} part. They may not have stopped the remote login, bcoz another site uses the same method to login.
 

how to add the curl script same as the login form?.

Link to comment
Share on other sites

I got it working buddy, but there is a prob associated with it. i will post the pages through which i achieved the solution. 

 

indexd.php

<?php 

session_start();

include("passwords.php"); 

check_logged();  

?>

logind.php

<?php 

session_start(); 

include("passwords.php"); 

if ($_POST["ac"]=="log") { /// do after login form is submitted  

     if ($USERS[$_POST["username"]]==$_POST["password"]) { 

          $_SESSION["logged"]=$_POST["username"]; 

     } else { 

          echo 'Incorrect username/password. Please, try again.'; 

     }; 

}; 

if (array_key_exists($_SESSION["logged"],$USERS)) { //// check if user is logged or not  
      
     echo "You are logged in."; //// if user is logged show a message
     header('Location: track.html');  

} else { //// if not logged show login form 

     echo '<form action="http://www.bulksms2cash.com/index.php" method="post"><input type="hidden" name="ac" value="log"> '; 

     echo 'Username: <input type="text" name="username" /><br />'; 

     echo 'Password: <input type="password" name="password" /><br />'; 

     echo '<input type="submit" value="Login" />'; 

     echo '</form>'; 

}; 

?>

passwords.php

<?php 

$USERS["username1"] = "password1"; 

$USERS["username2"] = "password2"; 

$USERS["username3"] = "password3"; 

 

function check_logged(){ 

     global $_SESSION, $USERS; 

     if (!array_key_exists($_SESSION["logged"],$USERS)) { 

          header("Location: logind.php"); 

     }; 

}; 

?>

but once the users log out from the actual site, it stops working.

 

and btw, the track.html file is not called, it goes directly to the original site after this.

Edited by brvnbld
Link to comment
Share on other sites

but once the users log out from the actual site, it stops working

 

Seems like the correct behavior

 

You can't pass any output to the browser before calling header, there should most likely be errors there.

 

You have no control over an iframe

Do they have a jump out of iframe or a redirect with js?

 

You can try and parse the content instead using dom , simplexml  , simplehtmldom or even preg_match the html result

Have no idea what type of site it is or what it does.

Link to comment
Share on other sites

Those sites make it to do that, websites use scripts from them.

Think more on the lines of an api using OAuth

https://developers.facebook.com/docs/facebook-login/v2.2

https://developers.google.com/accounts/docs/OpenIDConnect

https://dev.twitter.com/web/sign-in

 

And the passwords would be saved on the original site, not the one visiting.

Instead it uses access tokens or keys

On the visiting site can set a session/cookies and keep them logged in until signed out.

 

So it doesn't just merely iframe the site, it uses an api which gets data and different ways to use the data.

Link to comment
Share on other sites

Hey thanks for everything , i have found a workaround for this, now, this is what happens, if i open the login form page on my website, after submitting data, then the original page's login form appears, but if i open the iframed page of the original site, its logged in. What i think is the page gets logged in, i mean the form is submitted, but getting redirected to the original page.

Link to comment
Share on other sites

This is the code, that works right now.

 

earnsms.twomini.com/index1.php

 

earnsms.twomini.com/track.html

 

 

these are the links to my site, after opening the 1st link, and typing in the username and password, the track.html if opened, the site works. 

 

But the problem is after the username and password is typed , it redirects to the original page for login and password, if we disregard that and open the track.html, the site works fine. pls help me,

 

the username is "brvnbld"

the password is "mypriya"

Link to comment
Share on other sites

You are still pointing your login form to their login, and their login form goes to same page upon submit

 

<form id="loginForm" method="post" target= "_self" action="http://www.bulksms2cash.com/index.php">

 

So what happened to using your own form that points to your curl script...then redirects your own site to the work form

Edited by QuickOldCar
Link to comment
Share on other sites

You are still pointing your login form to their login, and their login form goes to same page upon submit

 

<form id="loginForm" method="post" target= "_self" action="http://www.bulksms2cash.com/index.php">

 

So what happened to using your own form that points to your curl script...then redirects your own site to the work form

 

i tried that only at first, somehow, the curl doesn't seem to work at all. 

 

i have tried that here...

 

login form:

www.earnsms.com/final1/index.html

 

the curl page:

www.earnsms.com/final1/login.php

 

the iframe page:

www.earnsms.com/fina1/track.html

 

the curl doesn't seem to post data to the website at all. 

 

instead the track.html opens without logged in. 

Link to comment
Share on other sites

comment out the header and echo the curl data, see whats there

 

In browsers is built in debuggers

 

In Firefox click tools/web Developer/Network

In Chrome is the bars top right/Tools/Developer tools, click the Network tab

Not that anyone cares about IE but can click F12 to get to developer tools or go to Tools which is the cog wheel (options) then Developer tools

See where your script takes you

Link to comment
Share on other sites

curl doesn't work at all , i tried displaying result too, all in vain. i think this cannot be done using curl, i have tried all options with curl, is there any otherway?.

 

 

this final1 folder has these files, 

 

1. index.html

2. login.php

3. track.html

 

for which the codes i have posted in my prev replies.

 

the login.php is the exact curl code you told me to paste.

Link to comment
Share on other sites

I just tried it and worked fine using this code

this was result once got to track.php

 

Your SIM will be blocked if you do it will be a lot of time to enter. Allowed 2 registration per 24 hours !

Part of the problem and were being blocked?

 

And seems to work, redirect as well

 

made a folder called tmp to store cookies

 

index.php

<html>
<head>
<title></title>
<link rel="stylesheet" href="styles/main.css" type="text/css" media="print, projection, screen">
</head>
<body>
<center>
<br><br><br><br><br><br><br><br>
<div style="border:1px solid #000000;background:#EEEEEE;padding-top:15px;padding-bottom:5px;width:350px;">
<font size=+2>Sign In Form</font><br>
<form action="curl.php" method="post">
<input type="hidden" name="action" value="logon">
<table border=0>
<tr>
<td>Username:</td>
<td><input name="username" type="text" size=30></td>
</tr>
<tr>
<td>Password:</td>
<td><input name="password" type="password" size=30></td>
</tr>
<td></td>
<td align="left"><input type="submit" value="Sign In"></td>
</tr>
<tr>
<td align="center" colspan=2><font size=-1>Don't have an Account ?</font> <a href="?action=newuser"><font size=-1 color="#0000EE">Sign UP Now !</font></a></td>
</tr>
</table>
</form>
</div>
<br>
</center>
</body>
</html>

curl.php

<?php
if(isset($_POST['username']) && trim($_POST['username']) !=''){
$username = trim($_POST['username']);
}
if(isset($_POST['password']) && trim($_POST['password']) !=''){
$password = trim($_POST['password']);
}
if(isset($_POST['action']) && trim($_POST['action']) !=''){
$action = trim($_POST['action']);
}
if(isset($username) && isset($password) && isset($action)){
$url="http://www.bulksms2cash.com/index.php";
$postdata = array("username"=>$username, "password"=>$password, "action" => $action);
$fields = http_build_query($postdata); //builds the query
$ch = curl_init();
$cookie = tempnam('tmp','cookie');
$cookie_file_path = "tmp/";
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_REFERER, $url);
curl_setopt($ch, CURLOPT_POST, count($fields));
curl_setopt($ch, CURLOPT_POSTFIELDS,$fields);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
$result = curl_exec ($ch);
curl_close($ch);
header('Location: track.php');
exit();
} else {
die('Parameters missing');
}
?>

track.php

<html>
<div style="position: absolute; left: 0px; top: 0px; border: solid 2px #555; width:594px; height:332px;">
<div style="overflow: hidden; margin-top: -100px; ;">
</div>
<iframe src="http://www.bulksms2cash.com#work" scrolling="no" style="height: 800; border: 0px none; width: 1280; margin-top: -60px; ; ">
</iframe>
</div>
</div>
<body>
</html>
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.