Php cURL Login script Need help. $25 reward

Im trying to build a script to login to a website (centsports) via my account and then complete a members search.

I just cant get it to work. I have been trying for hours. I believe the issue is that I cant find the form Action. It uses the post method, but lists no action. Using httpliveheader I can only find the action to be www.centsports.com, which I dubious about.

If anyone can get this script working for me I will reward them. $25 straight up.

Im sure its a quick fix for someone with some experience with cURL.

The second issue could be the "sh" hidden field. This field is generated on each page request. The first page request in the script is to gather the SH value and then the second request posts this data to attempt to login.

Maybe thats my issue.

<form name="login" action="<?php echo $PHP_SELF;?>" method="post">
<input type="submit" value="login" name="login" />

<form name="input" action="<?php echo $PHP_SELF;?>" method="post">
Search: <input type="text" name="search" />
<input type="submit" value="submit" name="submit" />
</form>

HTML:

<?php

if(isset($_POST['login'])) {



//curl
$url = 'http://www.centsports.com/';

$cookie_file_path = "cookie/";
if (is_writeable("cookie/cookie.txt")) {
echo '<p>WRITEABLE</p>';
} else {
echo '<p>NOT WRITEABLE</p>';
}

$LOGINURL = "http://www.centsports.com/";
$agent = "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$LOGINURL);
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);
$data = curl_exec ($ch);

//check if no logged in
if(preg_match('/<h1>LOG IN NOW, KTHX.<\/h1>/s',$data,$result)) {
echo '<h1>Not Logged In!!!!!</h1>'.$result[0];
}

if(preg_match('/<input type=\"hidden\" name=\"sh\" value=\"(.*?)\" \/>/s',$data,$result)) {
echo '<p>Sh Var Found</p>'.$result[1];
$shvar = $result[1];
}

echo '<p>Attempting Login...</p>';

//variables
$do = 'user_login';
$sh = $shvar;
$username = 'rj@emspire.com';
$username = urlencode($username);
$password = 'riley123';
$remember = 'on';

$postdata = 'do='.$do.'&sh='.$sh.'&username='.$username.'&password='.$password.'&remember='.$remember;

echo $postdata;


//login

$LOGINURL = "http://www.centsports.com/?".$postdata;
$POSTFIELDS = urlencode($postdata);
$reffer = "http://www.centsports.com/";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$LOGINURL);
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,$POSTFIELDS);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_REFERER, $reffer);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);
$data2 = curl_exec ($ch);
curl_close ($ch);

echo $data2;


}

PHP:

 

Target Form:

<form action="" method="post"> 
<div class="input_block"> 
<input type="hidden" name="do" value="user_login" /><input type="hidden" name="sh" value="f42eaad630f984b83e67b20fa61a0e6f471fa9d4" /> 
<input class="box username" type="text" name="username" value="email@address.com" /> 
<input class="box password" type="password" name="password" value="password" /> 
<label for="rme">Remember Me?</label> 
<input id="rme" type="checkbox" name="remember" checked="checked" /> 
<a href="/forgot_password" class="forgot_pass">Forgot Password?</a><br /> 
<input class="submit" type="submit" value="" /> 
[HTML]

HTML:

 

tell us the value of the action attribute in form pls. (with http:// as well)

 

there is no value for the action attribute.

check out the real thing at www.centsports.com

 

you have a problem... I don't know if you'll be able to do this for one reason the value of the hidden input named "sh" could not be found in any cookie or http header or anywhere... If you would read the file to scrape for that value then when you would like to login after you've gotten it the value would have changed...

 

Hi

I have done it. If you want to know what are you doing wrong contact me on PM.

Regards,

 

Heres an old login method

<form name="login" action="<?php echo $PHP_SELF;?>" method="post">
<input type="submit" value="login" name="login" />

<?php

if(isset($_POST['login'])) {

$cookie_file_path = "cookie/cookie.txt";
if (is_writeable("cookie/cookie.txt")) {
echo '<p>WRITEABLE</p>';
} else {
echo '<p>NOT WRITEABLE</p>';
}

$login_email = "rj@emspire.com";
$login_pass = "riley123";


$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://old.centsports.com/home.php');
curl_setopt($ch, CURLOPT_POSTFIELDS,'email='.urlencode($login_email).'&password='.urlencode($login_pass));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_COOKIEJAR, "cookie/cookies.txt");
curl_setopt($ch, CURLOPT_COOKIEFILE, "cookie/cookies.txt");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);

curl_exec($ch);
curl_setopt($ch, CURLOPT_POST, 0);
curl_setopt($ch, CURLOPT_URL, "http://old.centsports.com");

    $page = curl_exec($ch);

echo $page;
    
curl_close($ch);


}
?>

PHP:

 

LEGEND. Your script works a treat.

But I dont understand why??? That form has a similar field to the SH field, called F. And its auto generated on each page request. Yet your script ignores it and logs in anyway...

Either way. LEGEND. Send me your pay pal details via PM and I will send you $25 cash.

Thanks heaps.

 

WHile this script logs in. The old.centsports.com doesnt have the friend/profile search that Im looking for. Do you have any ideas how to create a login script for the new version of the site?

 

eh it does? just change the last post to curl_setopt($ch, CURLOPT_URL, "http://old.centsports.com/add_friends.php"); // and add your search fields

 

yea but it doesnt show the profile data. Which is what Im after.

On the centsports.com website they key differences are:
1. search terms are loosely matched, so you can wildcard search.
2. player profiles include current balance, highest balance, join date, last online date and win percentage.

Thats the data Im after and it doesnt appear in the old.centsports.com.

 

Not sure what your looking for but try this and let me know whats missing

change the end of the script to this, it will search for first name riley

curl_exec($ch);
curl_setopt($ch, CURLOPT_URL, "http://old.centsports.com/add_friends.php?");
curl_setopt($ch, CURLOPT_POSTFIELDS,'_add_friend=_add_friend&first_name=riley');
curl_setopt($ch, CURLOPT_POST, 1);

PHP:

 

yea I can search. But the results are not the same on old.centsports.com

www.centsports.com/friends

then search. And you can see full member profiles.

 

not necessary anymore.

 

Solved. Thanks to ZoomRumble.

Solution:

<?php



//curl
$url = 'http://www.centsports.com/';

$cookie_file_path = "cookie.txt";
if (is_writeable($cookie_file_path)) {
echo '<p>WRITEABLE</p>';
} else {
echo '<p>NOT WRITEABLE</p>';
}

$LOGINURL = "http://www.centsports.com/";
$agent = "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$LOGINURL);
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);
$data = curl_exec ($ch);

//check if no logged in
if(preg_match('/<h1>LOG IN NOW, KTHX.<\/h1>/s',$data,$result)) {
echo '<h1>Not Logged In!!!!!</h1>'.$result[0];
}

if(preg_match('/<input type=\"hidden\" name=\"sh\" value=\"(.*?)\" \/>/s',$data,$result)) {
echo '<p>Sh Var Found</p>'.$result[1];
$shvar = $result[1];
}

echo '<p>Attempting Login...</p>';

//variables
$do = 'user_login';
$sh = $shvar;
$username = 'rj@emspire.com';
$password = 'removed';
$remember = 'on';

$postdata = 'do='.$do.'&sh='.$sh.'&username='.urlencode($username).'&password='.urlencode($password).'&remember='.$remember;

echo $postdata;


//login

$LOGINURL = "http://www.centsports.com/";
$reffer = "http://www.centsports.com/";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$LOGINURL);
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_REFERER, $reffer);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);
$data2 = curl_exec ($ch);
curl_close ($ch);


echo $data2;

PHP:

 

Sory im too late. This is my solution:

Regards,