Hi, There was a local website (non https). I tried to imitate the login process with php curl. But i failed. Here are my steps I visit the home page to get some cookie (PHPSESSID thing) I just do the login process to the correct login script I've : Imitated the referer. Imitated the user agent with $_SERVER['HTTP_USER_AGENT']; used CURLOPT_COOKIEFILE and CURLOPT_COOKIEJAR. And the cookie file was filed succesfully. The response that i got from the login script is a 100% blank page. Nothing there. And the http header is 200 OK (i checked from curl_getinfo function) Do you have any idea what i've missed there? Thanks again. Edit: the php code is on the next post.
How is the output coming back? Are you trying to just gather a result or are you outputing the page back into a visible output? Regards, Dennis M.
I tried to outputing the curl result (on the login page) back to the browser. There was nothing there. Just like a 0 byte html page. And the HTTP header was HTTP/1.1 200 OK Date: Mon, 23 Feb 2009 02:57:59 GMT Server: Apache/2.2.3 X-Powered-By: PHP/4.4.4-8+etch6 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Code (markup):
hmm ok. I'm no cURL expert but you said the script was local - no? So I wrote up a test script so you can see a sort of format which works for this purpose. If you want to post all or part of your code, I can take a look at the actual code itself. But here goes. (I separated into 3 pages for sake of example) index.php (All the cURL info) <?php // Do some generic cURL stuff $ch = curl_init(); // Set our options... curl_setopt($ch,CURLOPT_URL,'http://YOURDOMAIN.COM/page1.php'); curl_setopt($ch,CURLOPT_POST,1); curl_setopt($ch,CURLOPT_POSTFIELDS,'username=w00t&password=test'); curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // Execute the login $login = curl_exec($ch); // Now continue curl_setopt($ch,CURLOPT_URL,'http://YOURDOMAIN.COM/page2.php'); // Show the next one $content = curl_exec($ch); curl_close($ch); // View page print $content; ?> PHP: page1.php (Ultimately the "processor" of the data) <?php session_start(); // Just a simple little form.. if($_POST['username'] == "w00t" AND $_POST['password'] == "test"){ $_SESSION['username'] = $_POST['username']; } else { print "Epic fail >.< on the cURL's POSTVARS side"; } ?> PHP: page2.php (Hit or miss. Since I didn't create a form, going to this doc directly will result in an error msg) <?php session_start(); if(!$_SESSION['username']){ print "Epic fail >.< on cURLs saving sessions"; exit; } else { print "This page actually works quite fine with the simple<br /><br /> cURL login!<br /><br />User: ".$_SESSION['username']; session_destroy(); // Kill it } ?> PHP: Maybe that will help some? Regards, Dennis M.
Thanks dennis it works on the local test script, but when i test it on a remote url, it fails. Ok here is a simple testing script that i've just made, based on your script real-init.php <?php session_start(); $_SESSION['init'] = 1; $pass = md5(microtime()); ?> <table><form action="real-login.php" method=post autocomplete=off name=ab6c500c8daf6d673056dd201cb19c06> <input type=hidden name=logref value="/isi/personal/index.php"> <input type=hidden name=nama_field value="pass<?php echo $pass; ?>"> <tr><td>User Id</td><td><input type=text name="userid" size=20></td></tr> <tr><td>Password</td><td><input type="password" name="pass<?php echo $pass; ?>" size=20></td></tr> <tr><td> </td><td><input type=submit name=bSubmit value="login"></td></tr> </form></table> PHP: "real-login.php" <?php session_start(); if (!isset($_SESSION['init'])) { echo 'do not login straightly here.'; } else { $pass_field = $_POST['nama_field']; $username = $_POST['userid']; $password = $_POST[$pass_field]; if ($username == 'woot' && $password == 'test') { $_SESSION['loggedin'] = 1; header('Location: real-member-home.php'); exit(); } else { echo 'login fails, username = '.$username.', password = '.$password; } } ?> PHP: And here is the curl file <?php set_time_limit(30); define('DIR', dirname(__FILE__).'/'); header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); header('Last-Modified: '.gmdate('D, d M Y H:i:s',time()-60).' GMT'); header('Cache-Control: private, no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0'); header('Pragma: no-cache'); $user = 'woot'; $pass = 'test'; $basicURL = array( 'login-init' => 'http://localhost/privates/real-init.php', 'login-process' => 'http://localhost/privates/real-login.php' ); ////////////////////////////////////////////// // // Step 1, get password field name // ////////////////////////////////////////////// $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $basicURL['login-init']); curl_setopt($ch, CURLOPT_REFERER, $basicURL['login-init']); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); curl_setopt($ch, CURLOPT_HEADER, true); curl_setopt($ch, CURLOPT_COOKIEFILE, DIR.'cookie.txt'); curl_setopt($ch, CURLOPT_COOKIEJAR, DIR.'cookie.txt'); $result = curl_exec($ch); $info = curl_getinfo($ch); //curl_close($ch); //echo $result; preg_match('/name\=nama\_field value\=\"([a-z0-9]+)\"\>/i', $result, $match); $pass_field = $match[1]; $post_data = sprintf('logref=/isi/personal/index.php'.'&'.'nama_field=%s'.'&'.'userid=%s'.'&'.'%s=%s'.'&'.'bSumit=login', $pass_field, $user, $pass_field, $pass); /* echo '<hr /><hr /><hr />'; print_r($info); echo "<p>php sess id = $php_sess_id<br />pass field = $pass_field<br />Post data = $post_data</p>"; echo '<hr /><hr /><hr />'; */ sleep(5); ////////////////////////////////////////////// // // Step 2, login // ////////////////////////////////////////////// curl_setopt($ch, CURLOPT_URL, $basicURL['login-process']); curl_setopt($ch, CURLOPT_REFERER, $basicURL['login-init']); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); curl_setopt($ch, CURLOPT_HEADER, true); //curl_setopt($ch, CURLOPT_COOKIEFILE, DIR.'cookie.txt'); curl_setopt($ch, CURLOPT_COOKIEJAR, DIR.'cookie.txt'); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data); $result = curl_exec($ch); $info = curl_getinfo($ch); curl_close($ch); print_r($info); echo($result); ?> PHP: It works fine on the testing script, the login success. But on remote URL, it fails. I guess the original web programmer prevents login automation with a method?
Simulating only user agent is not enough in some cases. There are Accept, Accept-Language headers and more, different from browser to browser. And there are scripts like Bad Behaviour for detecting and blocking such a "suspicious" requests.
Thanks, it sounds complicated verification from the server. Never heard it before. I'll take a time to read it. Thanks