Can anybody please tell what i am doing wrong in below code ?
I am working on php script to login and scrape data from https://beams.us.yazaki.com/BEAMSLogin/Login.aspx?ReturnUrl=%2FBeams%2FDefault.aspx
I have tried with Below curl code.
<?php
define('USERNAME', 'XXX');
define('PASSWORD', 'XXX');
define('DOMAIN', 'XXX');
define('USER_AGENT', 'Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.2309.372 Safari/537.36');
define('COOKIE_FILE', 'cookie.txt');
define('LOGIN_FORM_URL', 'https://beams.us.yazaki.com/BEAMSLogin/Login.aspx?ReturnUrl=%2fBeams%2fDefault.aspx');
define('LOGIN_ACTION_URL', 'https://beams.us.yazaki.com/BEAMSLogin/Login.aspx?ReturnUrl=%2fBeams%2fDefault.aspx');
$postValues = array(
'txtUserName' => USERNAME,
'txtPassword' => PASSWORD,
'lstDomain' => DOMAIN
);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, LOGIN_ACTION_URL);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postValues));
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_COOKIEJAR, COOKIE_FILE);
curl_setopt($curl, CURLOPT_USERAGENT, USER_AGENT);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_REFERER, LOGIN_FORM_URL);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false);
curl_exec($curl);
if(curl_errno($curl)){
throw new Exception(curl_error($curl));
}
curl_setopt($curl, CURLOPT_URL, 'https://beams.us.yazaki.com/BEAMS/SearchAndResults.aspx?topic=component');
curl_setopt($curl, CURLOPT_COOKIEJAR, COOKIE_FILE);
curl_setopt($curl, CURLOPT_USERAGENT, USER_AGENT);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
echo curl_exec($curl);
?>
I am getting the output like below page.
Object not found!
The requested URL was not found on this server. The link on the referring page seems to be wrong or outdated. Please inform the author of that page about the error.
If you think this is a server error, please contact the webmaster.
Error 404
localhost
Apache/2.4.43 (Win64) OpenSSL/1.1.1g PHP/7.4.8 *
And the browser is getting redirected to http://localhost/BeamsLogin/AuthenticationSelect.aspx?ReturnUrl=%2fBEAMS%2fSearchAndResults.aspx%3ftopic%3dcomponent&topic=component
I am earnestly waiting for response.
Thanks.
EDIT 1
#Shibon
I think this website doesn't use any csrf token. I am giving HTTP header live content. Please check once.
https://beams.us.yazaki.com/BEAMSLogin/Login.aspx?ReturnURL=%2fBeams%2fDefault.aspx
Host: beams.us.yazaki.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beams.us.yazaki.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
GET: HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 15 Sep 2020 06:19:19 GMT
Content-Length: 3376
Try the bellow code
$ch= curl_init();
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($ch, CURLOPT_COOKIEJAR, "-"); //to set session and cookie for the current $ch object
curl_setopt($ch, CURLOPT_URL, LOGIN_ACTION_URL);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($postValues));
$resp = curl_exec($ch);
if(!$resp) {
print_r(curl_error($ch));
exit;
}
curl_setopt($curl, CURLOPT_URL, 'https://beams.us.yazaki.com/BEAMS/SearchAndResults.aspx?topic=component');
curl_setopt($ch, CURLOPT_POST, true);
echo curl_exec($ch);
In this have set cookie initially and the used that in all request
Related
I try curl a website for show it in mine but always I stuck in a white page. I think because it have a redirection to a login form but I dont sure if is the reason because I failed. You can access the url that I use without login.
Here the code
$url = "http://www.faf.es/pnfg/NPcd/NFG_CmpJornada?cod_primaria=1000120&CodCompeticion=16867461&CodGrupo=17910021&CodTemporada=15&CodJornada=26&Sch_Codigo_Delegacion=1&Sch_Tipo_Juego=2";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_TIMEOUT, 99999);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
$output = curl_exec($ch);
curl_close($ch);
htmlentities($output);
The html result:
<html>
<head>
<title></title>
</head>
<body>
<!--
<h1>No se ha aceptado el cookie</h1>
-->
</body>
</html>
Your request url only validate requests which have JSESSIONID cookie. So before you must grab valid cookie:
<?php
$url = "http://www.faf.es/pnfg/NPcd/NFG_CmpJornada?cod_primaria=1000120&CodCompeticion=16867461&CodGrupo=17910021&CodTemporada=15&CodJornada=26&Sch_Codigo_Delegacion=1&Sch_Tipo_Juego=2";
$ch = curl_init();
$useragent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36';
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_REFERER, 'http://www.google.com/');
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_TIMEOUT, 99999);
$output = curl_exec($ch);
curl_close($ch);
echo $output;
This gives you three headers for requests:
HTTP/1.1 302 Movido temporalmente
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=648967C5FC907B1225EC61E9A65443E5; Path=/pnfg
Location: http://www.faf.es/pnfg/NLogin
Content-Length: 0 Date: Mon, 22 Jun 2020 19:33:30 GMT
Connection: close
HTTP/1.1 302 Movido temporalmente
Server: Apache-Coyote/1.1
Cache-Control: no-cache
Pragma: no-cache
Set-Cookie: JSESSIONID=9973308FA3AF81BE66C2F8C124671870; Path=/pnfg
Location: http://www.faf.es/pnfg/NLogin?NSess=1
Content-Length: 0 Date: Mon, 22 Jun 2020 19:33:30 GMT
Connection: close
HTTP/1.1 200 OK Server: Apache-Coyote/1.1
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html;charset=ISO-8859-15
Content-Length: 117
Date: Mon, 22 Jun 2020 19:33:30 GMT
Connection: close
We have three header result because we said, request has CURLOPT_FOLLOWLOCATION option. So, we made three request in curl.
I identified, second JSESSIONID cookie value is valid. So, for getting web site information we must use cookie as below:
<?php
$url = "http://www.faf.es/pnfg/NPcd/NFG_CmpJornada?cod_primaria=1000120&CodCompeticion=16867461&CodGrupo=17910021&CodTemporada=15&CodJornada=26&Sch_Codigo_Delegacion=1&Sch_Tipo_Juego=2";
$ch = curl_init();
$useragent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36';
curl_setopt($ch, CURLOPT_URL, $url);
// Secondary request cookie.
curl_setopt($ch, CURLOPT_COOKIE, "JSESSIONID=9973308FA3AF81BE66C2F8C124671870");
curl_setopt($ch, CURLOPT_REFERER, 'http://www.google.com/');
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_TIMEOUT, 99999);
$output = curl_exec($ch);
curl_close($ch);
echo $output;
When web site content comes, do whatever you want.
You should revisit the htmlentities() documentation again; it doesn't do what it appears you believe it does.
In short, htmlentities() returns a string. You aren't capturing or otherwise outputting this string result anywhere. Use echo (or similar) to make sure the result of htmlentities($output) is output to where you expect it.
$url = "http://www.faf.es/pnfg/NPcd/NFG_CmpJornada?cod_primaria=1000120&CodCompeticion=16867461&CodGrupo=17910021&CodTemporada=15&CodJornada=26&Sch_Codigo_Delegacion=1&Sch_Tipo_Juego=2";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_TIMEOUT, 99999);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
$output = curl_exec($ch);
curl_close($ch);
echo htmlentities($output);
I am trying to duplicate the Http headers in Php Curl.
My http header is below
Host: plus.google.com
Content-Type: application/x-www-form-urlencoded;
Cookie:NID=67=pdjIQN5CUKVn0bRgAlqitBk7WHVivLsbLcr7QOWMn35Pq03N1WMy6kxYBPORtaQUPQrfMK4Yo0vVz8tH97ejX3q7P2lNuPjTOhwqaI2bXCgPGSDKkdFoiYIqXubR0cTJ48hIAaKQqiQi_lpoe6edhMglvOO9ynw; PREF=ID=52aa671013493765:U=0cfb5c96530d04e3:FF=0:LD=en:TM=1370266105:LM=1370341612:GM=1:S=Kcc6KUnZwWfy3cOl; OTZ=1800625_34_34__34_; S=talkgadget=38GaRzFbruDPtFjrghEtRw; SID=DQAAALoAAADHyIbtG3J_u2hwNi4N6UQWgXlwOAQL58VRB_0xQYbDiL2HA5zvefboor5YVmHc8Zt5lcA0LCd2Riv4WsW53ZbNCv8Qu_THhIvtRgdEZfgk26LrKmObye1wU62jESQoNdbapFAfEH_IGHSIA0ZKsZrHiWLGVpujKyUvHHGsZc_XZm4Z4tb2bbYWWYAv02mw2njnf4jiKP2QTxnlnKFK77UvWn4FFcahe-XTk8Jlqblu66AlkTGMZpU0BDlYMValdnU; HSID=A6VT_ZJ0ZSm8NTdFf; SSID=A9_PWUXbZLazoEskE; APISID=RSS_BK5QSEmzBxlS/ApSt2fMy1g36vrYvk; SAPISID=xxxxxxxxxxxxxx
Now in firexfox http header addon, when i press replay this works correct.But when i do the same via php cur using below code i get error
<?php
function poster($url,$fields_string){
$ch = curl_init();
//set the url, number of POST vars, POST data
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_HTTPHEADERS,array('Content-Type:application/x-www-form-urlencoded','Cookie: NID=67=pdjIQN5CUKVn0bRgAlqitBk7WHVivLsbLcr7QOWMn35Pq03N1WMy6kxYBPORtaQUPQrfMK4Yo0vVz8tH97ejX3q7P2lNuPjTOhwqaI2bXCgPGSDKkdFoiYIqXubR0cTJ48hIAaKQqiQi_lpoe6edhMglvOO9ynw; PREF=ID=52aa671013493765:U=0cfb5c96530d04e3:FF=0:LD=en:TM=1370266105:LM=1370341612:GM=1:S=Kcc6KUnZwWfy3cOl; OTZ=1800625_34_34__34_; S=talkgadget=38GaRzFbruDPtFjrghEtRw; SID=DQAAALoAAADHyIbtG3J_u2hwNi4N6UQWgXlwOAQL58VRB_0xQYbDiL2HA5zvefboor5YVmHc8Zt5lcA0LCd2Riv4WsW53ZbNCv8Qu_THhIvtRgdEZfgk26LrKmObye1wU62jESQoNdbapFAfEH_IGHSIA0ZKsZrHiWLGVpujKyUvHHGsZc_XZm4Z4tb2bbYWWYAv02mw2njnf4jiKP2QTxnlnKFK77UvWn4FFcahe-XTk8Jlqblu66AlkTGMZpU0BDlYMValdnU; HSID=A6VT_ZJ0ZSm8NTdFf; SSID=A9_PWUXbZLazoEskE; APISID=RSS_BK5QSEmzBxlS/ApSt2fMy1g36vrYvk; SAPISID=ZIMOP9lJ_E8SLdkL/A32W20hPpwgd5Kg1J'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.13 (KHTML, like Gecko) Chrome/0.A.B.C Safari/525.13");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_MAXREDIRS, 20);
curl_setopt($ch,CURLOPT_POST, count($fields_string));
curl_setopt($ch,CURLOPT_POSTFIELDS, $fields_string);
$result = curl_exec($ch);
$last = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
return array($result,$last);
curl_close($ch);
}
$url = "https://plus.google.com/_/sharebox/post/?source=frameless&spam=56&hl=en&ozv=es_oz_20130602.13_p3&f.sid=-834406139015290241&_reqid=358119&rt=j";
$string = 'f.req=%5B%22%22%2C%22oz%3A105057244581488239720.13f0ec465f5.0%22%2Cnull%2Cnull%2Cnull%2Cnull%2C%22%5B%5D%22%2Cnull%2Cnull%2Ctrue%2C%5B%5D%2Cfalse%2Cnull%2Cnull%2C%5B%5D%2Cnull%2Cfalse%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cfalse%2Cfalse%2Cfalse%2Cnull%2Cnull%2Cnull%2Cnull%2C%5B%5B337%2C336%2C335%2C0%5D%2C%22http%3A%2F%2Fadjmpw.com%22%2Cnull%2Cnull%2Cnull%2Cnull%2C%7B%2240154698%22%3A%5B%22http%3A%2F%2Fadjmpw.com%22%2Cnull%2C%22DOMAIN%20ERROR%22%2C%22%5Cu30c9%5Cu30e1%5Cu30a4%5Cu30f3%5Cu30a6%5Cu30a7%5Cu30d6%5Cu306e%5Cu8a2d%5Cu5b9a%5Cu304c%5Cu898b%5Cu3064%5Cu304b%5Cu308a%5Cu307e%5Cu305b%5Cu3093.%20%5Cu8003%5Cu3048%5Cu3089%5Cu308c%5Cu308b%5Cu539f%5Cu56e0.%20%5Cu30c9%5Cu30e1%5Cu30a4%5Cu30f3%5Cu30a6%5Cu30a7%5Cu30d6%5Cu306e%5Cu8a2d%5Cu5b9a%5Cu304c%5Cu307e%5Cu3060%5Cu884c%5Cu308f%5Cu308c%5Cu3066%5Cu3044%5Cu306a%5Cu3044%5Cu3002%20%5Cu30c9%5Cu30e1%5Cu30a4%5Cu30f3%5Cu30a6%5Cu30a7%5Cu30d6%5Cu306e%5Cu8a2d%5Cu5b9a%5Cu304c%5Cu307e%5Cu3060%5Cu53cd%5Cu6620%5Cu3055%5Cu308c%5Cu3066%5Cu3044%5Cu306a%5Cu3044%5Cu3002(%5Cu53cd%5Cu6620%5Cu306b%5Cu306f%5Cu6570%5Cu6642%5Cu9593%5Cuff5e24%5Cu6642%5Cu9593%5Cu304b%5Cu304b%5Cu308b%5Cu3053%5Cu3068%5Cu304c%5Cu3042%5Cu308a%5Cu307e%5Cu3059)%3B%20%5Cu30c9%5Cu30e1%5Cu30a4%5Cu30f3%5Cu30a6%5Cu30a7%5Cu30d6%5Cu30fbDNS%5Cu306e%5Cu8a2d%5Cu5b9a%5Cu304c%5Cu8aa4%5Cu3063%5Cu3066%5Cu3044%5Cu308b%5Cu3002%20%5Cu30a2%5Cu30ab%5Cu30a6%5Cu30f3%5Cu30c8%5Cu304c%5Cu5b58%5Cu5728%5Cu3057%5Cu306a%5Cu3044%5Cu3001%5Cu5951%5Cu7d04%5Cu304c%5Cu7d42%5Cu4e86%5Cu3057%5Cu3066%5Cu3044%5Cu308b%5Cu3001%5Cu524a%5Cu9664%5Cu3055%5Cu308c%5Cu3066%5Cu3044%5Cu308b%5Cu3002%22%2Cnull%2Cnull%2C%22%2F%2Fs2.googleusercontent.com%2Fs2%2Ffavicons%3Fdomain%3Dadjmpw.com%22%2C%5B%5D%2Cnull%2Cnull%2C%5B%5D%2C%22adjmpw.com%22%2Cnull%2C%5B%5D%2C%5B%5D%2C%5B%5D%2C%5B%5D%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2C%5B%5D%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2C%5B%5D%5D%7D%5D%2Cnull%2C%5B%5D%2C%5B%5B%5Bnull%2Cnull%2C1%5D%5D%2Cnull%5D%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2C%22!A0Kqty2yd13VXUSIQmFRwsHOTgIAAACcUgAAABMqAOOd_e40c9ZGEcvCbLFeO4xd-bERNZUdpPVB47P7EAX_SOsuScB1gj-i9hJCjwcEohHLhq9-1lnTIG6wDZoXbyksjLzUxuna6V4JfCOO_eohj7MQnsKiVuhKHcHKrOqP8WDZ8dgmUIFNVubfBPNemcuPOd8eahSf-JP9-6XMqnKdNIlTWLYqQvQWfohWhqmeu6K_tFBRDoUweLCSttIlehy66khLWOebSYf8cuLx_VQRH4Mdq-P1Cc4JlKrBwwoQPW66-Tpbb11OhHDSd7uh7S-Md7NMwkJSVzfGnWZZ3ZCjc6Cgzg%22%2Cnull%2Cnull%2Cnull%2C%5B%5D%5D&at=AObGSAh9hx7LgvgMum-4aVedQIfEJa8FgA%3A1370342318767&';
echo "<pre>";
$game = poster($url,$string);
echo $game[0];
?>
The response header for my php curl is
HTTP/1.1 403 Forbidden
Content-Type: application/json; charset=UTF-8
Content-Disposition: attachment; filename="response.txt"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Date: Tue, 04 Jun 2013 10:46:03 GMT
Set-Cookie: NID=67=U68qmM7sSUNdgJY64JIEltRkmhYS7l9mTZXX7GL2Z0BpnYBgZL2FsVnjpAYUvToyBFzGY7SLGAS5Ko0K-N61I4VV7HTvIlZvX9ARxSxKR_KQtfjHDbqZ3pK_y-X7V-Oe;Domain=.google.com;Path=/;Expires=Wed, 04-Dec-2013 10:46:03 GMT;HttpOnly
P3P: CP="This is not a P3P policy! See http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Transfer-Encoding: chunked
My post content, cookie , post url ..everything is same as http header addon in firefox.(works even when i am logged out) . But why do i get 403 error in my php curl ? how google detects the curl ?
This should work for you:
function poster($url,$fields_string){
$ua = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.13 (KHTML, like Gecko) Chrome/0.A.B.C Safari/525.13';
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
curl_setopt($ch, CURLOPT_USERAGENT, $ua);
curl_setopt($ch, CURLOPT_COOKIE, 'NID=67=pdjIQN5CUKVn0bRgAlqitBk7WHVivLsbLcr7QOWMn35Pq03N1WMy6kxYBPORtaQUPQrfMK4Yo0vVz8tH97ejX3q7P2lNuPjTOhwqaI2bXCgPGSDKkdFoiYIqXubR0cTJ48hIAaKQqiQi_lpoe6edhMglvOO9ynw; PREF=ID=52aa671013493765:U=0cfb5c96530d04e3:FF=0:LD=en:TM=1370266105:LM=1370341612:GM=1:S=Kcc6KUnZwWfy3cOl; OTZ=1800625_34_34__34_; S=talkgadget=38GaRzFbruDPtFjrghEtRw; SID=DQAAALoAAADHyIbtG3J_u2hwNi4N6UQWgXlwOAQL58VRB_0xQYbDiL2HA5zvefboor5YVmHc8Zt5lcA0LCd2Riv4WsW53ZbNCv8Qu_THhIvtRgdEZfgk26LrKmObye1wU62jESQoNdbapFAfEH_IGHSIA0ZKsZrHiWLGVpujKyUvHHGsZc_XZm4Z4tb2bbYWWYAv02mw2njnf4jiKP2QTxnlnKFK77UvWn4FFcahe-XTk8Jlqblu66AlkTGMZpU0BDlYMValdnU; HSID=A6VT_ZJ0ZSm8NTdFf; SSID=A9_PWUXbZLazoEskE; APISID=RSS_BK5QSEmzBxlS/ApSt2fMy1g36vrYvk; SAPISID=ZIMOP9lJ_E8SLdkL/A32W20hPpwgd5Kg1J');
curl_setopt($ch, CURLOPT_AUTOREFERER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_MAXREDIRS, 20);
curl_setopt($ch,CURLOPT_POST, true);
curl_setopt($ch,CURLOPT_POSTFIELDS, $fields_string);
$result = curl_exec($ch);
$last = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
curl_close($ch);
return array($result,$last);
}
Let me know if this works :)
EDIT: Use http for your plus.google link instead of https. Will that work?
Maybe this will work. I've changed your user agent to the following:
<?php
// ADD THIS
$agent = 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.0.3705; .NET CLR 1.1.4322)';
function poster($url,$fields_string){
$ch = curl_init();
//set the url, number of POST vars, POST data
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_HTTPHEADERS,array('Content-Type:application/x-www-form-urlencoded','Cookie: NID=67=pdjIQN5CUKVn0bRgAlqitBk7WHVivLsbLcr7QOWMn35Pq03N1WMy6kxYBPORtaQUPQrfMK4Yo0vVz8tH97ejX3q7P2lNuPjTOhwqaI2bXCgPGSDKkdFoiYIqXubR0cTJ48hIAaKQqiQi_lpoe6edhMglvOO9ynw; PREF=ID=52aa671013493765:U=0cfb5c96530d04e3:FF=0:LD=en:TM=1370266105:LM=1370341612:GM=1:S=Kcc6KUnZwWfy3cOl; OTZ=1800625_34_34__34_; S=talkgadget=38GaRzFbruDPtFjrghEtRw; SID=DQAAALoAAADHyIbtG3J_u2hwNi4N6UQWgXlwOAQL58VRB_0xQYbDiL2HA5zvefboor5YVmHc8Zt5lcA0LCd2Riv4WsW53ZbNCv8Qu_THhIvtRgdEZfgk26LrKmObye1wU62jESQoNdbapFAfEH_IGHSIA0ZKsZrHiWLGVpujKyUvHHGsZc_XZm4Z4tb2bbYWWYAv02mw2njnf4jiKP2QTxnlnKFK77UvWn4FFcahe-XTk8Jlqblu66AlkTGMZpU0BDlYMValdnU; HSID=A6VT_ZJ0ZSm8NTdFf; SSID=A9_PWUXbZLazoEskE; APISID=RSS_BK5QSEmzBxlS/ApSt2fMy1g36vrYvk; SAPISID=ZIMOP9lJ_E8SLdkL/A32W20hPpwgd5Kg1J'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
//CHANGE THIS
curl_setopt($ch, CURLOPT_USERAGENT, $agent;
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_MAXREDIRS, 20);
curl_setopt($ch,CURLOPT_POST, count($fields_string));
curl_setopt($ch,CURLOPT_POSTFIELDS, $fields_string);
$result = curl_exec($ch);
$last = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
return array($result,$last);
curl_close($ch);
}
I am trying to bypass the login page of a "Ubiquiti Networks- CPE" using the following php code. Although, my code saves the cookie info correctly, it's unable to login and I am redirected to the login page with an error message:
'Invalid Credentials'
Cookie Info from the actual page
Additional info from the actual login page
Request URL:https://192.168.179.75/login.cgi
Request Method:POST
Status Code:302 Found
Remote Address:192.168.179.75:443
Response Headers
view source
Content-Type:text/html
Date:Tue, 28 May 2013 18:58:05 GMT
Location:/index.cgi
Server:lighttpd/1.4.31
Set-cookie:show_security_warning=true
Set-cookie:ui_language=en_US; expires=Tuesday, 19-Jan-38 03:14:07 GMT
Transfer-Encoding:chunked
Request Headers
view source
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding:gzip, deflate, br
Accept-Language:en-US,en;q=0.8,en-GB;q=0.6
Cache-Control:max-age=0
Connection:keep-alive
Content-Length:332
Content-Type:multipart/form-data; boundary=----WebKitFormBoundaryszePSjmcB2JJIDDa
Cookie:last_check=1467001323935; AIROS_SESSIONID=8057f38405a60c6a17f05ef8d759bb42; ui_language=en_US
Host:192.168.179.75
Origin:https://192.168.179.75
Referer:https://192.168.179.75/login.cgi
Upgrade-Insecure-Requests:1
User-Agent:Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36
Request Payload
------WebKitFormBoundaryszePSjmcB2JJIDDa
Content-Disposition: form-data; name="uri"
------WebKitFormBoundaryszePSjmcB2JJIDDa
Content-Disposition: form-data; name="username"
ubnt
------WebKitFormBoundaryszePSjmcB2JJIDDa
Content-Disposition: form-data; name="password"
ubnt
------WebKitFormBoundaryszePSjmcB2JJIDDa-
PHP CODE:
<?php
define('USERNAME', 'ubnt');
define('PASSWORD', 'ubnt');
define('USER_AGENT', 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36');
$cookie_file_path = str_replace('\\','/', getcwd().'/cookies');
define('COOKIE_FILE', $cookie_file_path);
define('LOGIN_FORM_URL', 'https://192.168.179.75/login.cgi');
define('REQUESTED_URL', 'https://192.168.179.75/status.cgi');
define('LOGIN_ACTION_URL', 'https://192.168.179.75/login.cgi');
$postValues = array(
'username' => USERNAME,
'password' => PASSWORD,
);
$curl = curl_init(LOGIN_FORM_URL);
curl_setopt($curl, CURLOPT_URL, LOGIN_ACTION_URL);
//curl_setopt($curl, CURLOPT_HEADER, 1);
//curl_setopt($curl, CURLOPT_COOKIE, $cookies);
//curl_setopt($curl,CURLOPT_COOKIESESSION,'AIROS_SESSIONID=ae60748359be4bd0468f51a346f4f3b9; last_check=1467001323935; show_security_warning=true; ui_language=en_US');
curl_setopt($curl, CURLOPT_COOKIEJAR, COOKIE_FILE);
curl_setopt($curl, CURLOPT_COOKIEFILE, COOKIE_FILE);
curl_setopt($curl, CURLOPT_POST, true);
//curl_setopt($curl, CURLOPT_CUSTOMREQUEST, "POST");
//Set our post fields / date (from the array above).
//curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postValues));
curl_setopt($curl, CURLOPT_POSTFIELDS,$postValues);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_USERAGENT, USER_AGENT);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
//curl_setopt($curl, CURLOPT_HTTPHEADER, array('REMOTE_ADDR: 192.168.179.75','Content-Type:multipart/form-data; boundary=----WebKitFormBoundaryAbpUbGA4FIs529Z6'));
curl_setopt($curl, CURLOPT_HTTPHEADER, array('Host: 192.168.179.75','Expect: ','Content-Type:multipart/form-data; boundary=----WebKitFormBoundaryAbpUbGA4FIs529Z6'));
curl_setopt($curl, CURLOPT_REFERER, LOGIN_FORM_URL);
$result = curl_exec($curl);
if(curl_errno($curl)){
throw new Exception(curl_error($curl));
}
//curl_setopt($curl, CURLOPT_URL, 'https://192.168.179.75/status.cgi');
//
//curl_setopt($curl, CURLOPT_COOKIEJAR, COOKIE_FILE);
//curl_setopt($curl, CURLOPT_USERAGENT, USER_AGENT);
//curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
//curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
//$result = curl_exec($curl);
//echo $result;
print_r($result);
curl_close($curl);
?>
Setting a forced boundary like boundary=----WebKitFormBoundaryAbpUbGA4FIs529Z6 is not going to work. curl generates its own boundary that it'll use. If you set that custom one, the POST will end up badly formatted. Remove the entire custom Content-Type: header as curl will do that itself. You also don't need to set the Host: header like that, curl extracts the necessary host from the URL you use.
It is possible or even likely that the login page sets cookies that you need to have at the time the login POST is made. That's a common practice. To make that work, you first need to GET the login page and store the cookies and then use them in the subsequent login POST.
You want to let curl follow the redirect that the login post most likely sends you to. Set CURLOPT_FOLLOWLOCATION to true.
I'm trying to make a POST sending a page with the following code:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://www.olx.es/posting_success.php");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
curl_setopt($ch, CURLINFO_HEADER_OUT, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTREDIR, 2);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, array("itemid" => $json['id'], "sh" => $json['sh']));
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-type: application/x-www-form-urlencoded"));
$response = curl_exec($ch);
curl_close($ch);
And in doing so I returned a server error saying "Invalid Request".
I've noticed that if I do the request manually by telnet, the first time I returned a 302, despite the fact that I've put to follow him, not work, and maybe it's this.
With wireshark obtained what the customer actually sent, what am I doing wrong?
**Hypertext Transfer Protocol:**
POST /posting_success.php HTTP/1.1
Host: www.olx.es
Connection: keep-alive
Content-Length: 52
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Origin: http://www.olx.es
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31
Content-Type: application/x-www-form-urlencoded
Referer: http://www.olx.es/posting.php?categ_id=322
Accept-Encoding: gzip,deflate,sdch
Accept-Language: es-ES,es;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
**Line-based text data: application/x-www-form-urlencoded:**
itemid=501347053&sh=b9302ed20769ae3717f896a33a369aa2
Sorry for my english..
It Seems You have Problem in POST request. please Try
$fields=array('itemid' => $json['id'], 'sh' =>urlencode ($json['sh']));
Format Your Fields
foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
rtrim($fields_string,'&');
Then Use in Curl OPt
curl_setopt($ch1,CURLOPT_POST,count($fields));
curl_setopt($ch1,CURLOPT_POSTFIELDS,$fields_string);
There is no need to make custom request, sent such headers or use CURLINFO_HEADER_OUT.
Try this:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://www.olx.es/posting_success.php");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTREDIR, 2);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query( array("itemid" => $json['id'], "sh" => $json['sh']) ));
$response = curl_exec($ch);
curl_close($ch);
the problem is, this form is not multipart/form-data, and then you will to create a query string to post. See the manpage http://php.net/manual/en/function.curl-setopt.php. you give then an array. The the header will be set a multipart/form-data. And this is the invalid request.
THE SOLUTION IS
The string is simple to build "&itemid=".json['id']."&sh=".json['sh'];
put this in the CURLOPT_POSTFIELDS.
saludos (bye) and sorry for my english...
I am trying to login into Tesco Mobile, using PHP curl, I have the following code:
$postData='user=XXX&password=XXXXX';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://paymonthly.tescomobile.com/orderentry/LoginSubmit.do');
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_COOKIEJAR, "cookies.txt");
curl_setopt($ch, CURLOPT_COOKIEFILE, "cookies.txt");
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_REFERER, 'https://paymonthly.tescomobile.com/orderentry/LoginSubmit.do');
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
$result = curl_exec ($ch);
curl_close($ch);
But have been unsuccessful, please can anyone help how I can achieve this. Please find the output from Live HTTP below:
Thanks in advance.
https://paymonthly.tescomobile.com/orderentry/LoginSubmit.do
POST /orderentry/LoginSubmit.do HTTP/1.1 Host:
paymonthly.tescomobile.com User-Agent: Mozilla/5.0 (Macintosh; Intel
Mac OS X 10.7; rv:18.0) Gecko/20100101 Firefox/18.0 Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate
Referer:
https://paymonthly.tescomobile.com/orderentry/LoginSubmit.do;jsessionid=60af415cd448d5728a9fa98cdf99
Cookie: JSESSIONID=60af415cd448d5728a9fa98cdf99;
reevoomark_marker=349049566;
reevoo_utma=1.324660794.1360800582.1360800582.1360800582.1;
reevoo_utmb=1.5.6.1360800582; reevoo_utmc=1;
reevoo_utmz=1.1360800582.1.1.utmgclid=CK6Vp5nBtLUCFeXKtAodVGIAVA|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=tescomobile;
reevoomark_bh_session=0af0a16fc00f5fbc8b0d28c571721a72;
CUSTOMER_UUID=04fdc3e6-59e1-4038-81b7-ec7c5d63c9d4;
__utma=152930744.490151867.1360800710.1360800710.1360800710.1; __utmb=152930744; __utmc=152930744; __utmz=152930744.1360800710.1.1.utmccn=(referral)|utmcsr=phone-shop.tesco.com|utmcct=/tesco-mobile/my-tesco-mobile/|utmcmd=referral
Connection: keep-alive Content-Type: application/x-www-form-urlencoded
Content-Length: 32 user=dinoc83&password=c079378643 HTTP/1.1 200 OK
X-Powered-By: JSP/2.1 Server: Sun GlassFish Enterprise Server v2.1.1
Content-Type: text/html;charset=UTF-8 Transfer-Encoding: chunked Date:
Thu, 14 Feb 2013 00:15:27 GMT
Try to change :
$postData='user=XXX&password=XXXXX';
by $postData=array('user=XXX&password=XXXXX');
There are some code samples in : http://php.net/manual/en/function.curl-setopt.php
Regards,
Just checked form
Form attribute action have parameter jsessionid In your code you don't use it. I think you should in first load page with form, then parse response code and get correct URL for post. And this need for initialize cookies.
Try to this in this way it's working for us posting data in another server
$postData='user=XXX&password=XXXXX'
$url ="https://paymonthly.tescomobile.com/orderentry/LoginSubmit.do";
$ch = curl_init() or die(curl_error());
curl_setopt($ch, CURLOPT_POST,1);
curl_setopt($ch, CURLOPT_POSTFIELDS,$postData);
curl_setopt($ch, CURLOPT_URL,$url);// here the request is sent to payment gateway
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$result=curl_exec($ch) or die(curl_error());
curl_close($ch);
You can also set $postData value this way:
$postData = array( 'user'=>'XXX', 'password'=>'XXXX' );
And note what:
Passing an array to CURLOPT_POSTFIELDS will encode the data as multipart/form-data, while passing a URL-encoded string will encode the data as application/x-www-form-urlencoded.