Logging into LinkedIn with PHP curl - php

I'm currently trying to login to LinkedIn, outside of their oAuth system (as it doesn't have the option for a task at hand). I'm not entirely familiar with cURL, so I may have some silly mistake somewhere.
However I don't seem to be having any luck what so ever, even after taking a look at similar questions on stackoverflow but for python. I'm getting the error
"Request Error
We’re sorry, there was a problem with your request. Please make sure you have cookies enabled and try again."
I've fetched the loginCsrfParam and have checked out the postfield sent (it all checks out), I've tried sending the postfields as either an array or as a string like: session_key=".$username."&session_pass...
Here is my php code, any ideas?
<?php
class linkedInLogin {
public function login(){
$username = 'Email Here';
$password = 'Password here';
$csrf = $this->fetchCSRF();
if($csrf == false){
echo 'Error: loginCsrfParam fetching failed.';
return;
}
//login form action url
$url="https://www.linkedin.com/uas/login-submit";
//$postinfo = "session_key=".$username."&session_password=".$password."&loginCsrfParam=".$csrf;
$postfields = array('session_key' => $username, 'session_password' => $password, 'loginCsrfParam' => $csrf);
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_NOBODY, false);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($ch, CURLOPT_USERAGENT,
"Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); //#TODO change back: curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_REFERER, 'https://www.linkedin.com/uas/login');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);
echo curl_exec($ch);
curl_close($ch);
}
// Fetches the CSRF for login authentication
private function fetchCSRF(){
$url = 'https://linkedin.com/uas/login';
$html = file_get_contents($url);
$precsrf = (int) strpos($html, '<input type="hidden" name="loginCsrfParam" value="');
$postcsrf = (int) strpos($html, '" id="loginCsrfParam-login">');
$length = $postcsrf - $precsrf - 50; // The -50 / + 50 is to correct for: <input type="hidden" name="login...
$csrf = substr($html, $precsrf + 50, $length);
if($csrf == false){
return false;
}
return $csrf;
}
}
Update: I still haven't had any luck with this, although other services don't offer similar functionality that I require.

Related

Logging into secure site using CURL [duplicate]

I'm new to using cURL and its hard to find good resources for it.
What I'm trying to do is login to a remote site, by having curl do the login form and then send back that it was successful.
The code I have doesn't seem to work and only tries to show the main page of the site.
$username="mylogin#gmail.com";
$password="mypassword";
$url="http://www.myremotesite.com/index.php?page=login";
$cookie="cookie.txt";
$postdata = "email=".$username."&password=".$password;
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_COOKIEJAR, $cookie);
curl_setopt ($ch, CURLOPT_REFERER, $url);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt ($ch, CURLOPT_POST, 1);
$result = curl_exec ($ch);
echo $result;
curl_close($ch);
What am I doing wrong. After this is working I want to redirect to another page and get content from my site.

I had let this go for a good while but revisited it later. Since this question is viewed regularly. This is eventually what I ended up using that worked for me.
define("DOC_ROOT","/path/to/html");
//username and password of account
$username = trim($values["email"]);
$password = trim($values["password"]);
//set the directory for the cookie using defined document root var
$path = DOC_ROOT."/ctemp";
//build a unique path with every request to store. the info per user with custom func. I used this function to build unique paths based on member ID, that was for my use case. It can be a regular dir.
//$path = build_unique_path($path); // this was for my use case
//login form action url
$url="https://www.example.com/login/action";
$postinfo = "email=".$username."&password=".$password;
$cookie_file_path = $path."/cookie.txt";
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_NOBODY, false);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);
//set the cookie the site has for certain features, this is optional
curl_setopt($ch, CURLOPT_COOKIE, "cookiename=0");
curl_setopt($ch, CURLOPT_USERAGENT,
"Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_REFERER, $_SERVER['REQUEST_URI']);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postinfo);
curl_exec($ch);
//page with the content I want to grab
curl_setopt($ch, CURLOPT_URL, "http://www.example.com/page/");
//do stuff with the info with DomDocument() etc
$html = curl_exec($ch);
curl_close($ch);
Update: This code was never meant to be a copy and paste. It was to show how I used it for my specific use case. You should adapt it to your code as needed. Such as directories, vars etc

I had same question and I found this answer on this website.
And I changed it just a little bit (the curl_close at last line)
$username = 'myuser';
$password = 'mypass';
$loginUrl = 'http://www.example.com/login/';
//init curl
$ch = curl_init();
//Set the URL to work with
curl_setopt($ch, CURLOPT_URL, $loginUrl);
// ENABLE HTTP POST
curl_setopt($ch, CURLOPT_POST, 1);
//Set the post parameters
curl_setopt($ch, CURLOPT_POSTFIELDS, 'user='.$username.'&pass='.$password);
//Handle cookies for the login
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
//Setting CURLOPT_RETURNTRANSFER variable to 1 will force cURL
//not to print out the results of its query.
//Instead, it will return the results as a string return value
//from curl_exec() instead of the usual true/false.
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
//execute the request (the login)
$store = curl_exec($ch);
//the login is now done and you can continue to get the
//protected content.
//set the URL to the protected file
curl_setopt($ch, CURLOPT_URL, 'http://www.example.com/protected/download.zip');
//execute the request
$content = curl_exec($ch);
curl_close($ch);
//save the data to disk
file_put_contents('~/download.zip', $content);
I think this was what you were looking for.Am I right?
And one useful related question. About how to keep a session alive in cUrl: https://stackoverflow.com/a/13020494/2226796

View the source of the login page. Look for the form HTML tag. Within that tag is something that will look like action= Use that value as $url, not the URL of the form itself.
Also, while you are there, verify the input boxes are named what you have them listed as.
For example, a basic login form will look similar to:
<form method='post' action='postlogin.php'>
Email Address: <input type='text' name='email'>
Password: <input type='password' name='password'>
</form>
Using the above form as an example, change your value of $url to:
$url="http://www.myremotesite.com/postlogin.php";
Verify the values you have listed in $postdata:
$postdata = "email=".$username."&password=".$password;
and it should work just fine.

This is how I solved this in ImpressPages:
//initial request with login data
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://www.example.com/login.php');
curl_setopt($ch, CURLOPT_USERAGENT,'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/32.0.1700.107 Chrome/32.0.1700.107 Safari/537.36');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, "username=XXXXX&password=XXXXX");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie-name'); //could be empty, but cause problems on some hosts
curl_setopt($ch, CURLOPT_COOKIEFILE, '/var/www/ip4.x/file/tmp'); //could be empty, but cause problems on some hosts
$answer = curl_exec($ch);
if (curl_error($ch)) {
echo curl_error($ch);
}
//another request preserving the session
curl_setopt($ch, CURLOPT_URL, 'http://www.example.com/profile');
curl_setopt($ch, CURLOPT_POST, false);
curl_setopt($ch, CURLOPT_POSTFIELDS, "");
$answer = curl_exec($ch);
if (curl_error($ch)) {
echo curl_error($ch);
}

Panama Jack Example not work for me - Give Fatal error: Call to undefined function build_unique_path(). I used this code - (more simple - my opinion) :
// options$login_email = 'alabala#gmail.com';$login_pass = 'alabala4807';$cookie_file_path = "/tmp/cookies.txt";$LOGINURL = "http://alabala.com/index.php?route=account/login"; $agent = "Nokia-Communicator-WWW-Browser/2.0 (Geos 3.0 Nokia-9000i)";// begin script$ch = curl_init();// extra headers$headers[] = "Accept: */*";$headers[] = "Connection: Keep-Alive";// basic curl options for all requestscurl_setopt($ch, CURLOPT_HTTPHEADER, $headers);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_USERAGENT, $agent); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path); curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path); // set first URLcurl_setopt($ch, CURLOPT_URL, $LOGINURL);// execute session to get cookies and required form inputs$content = curl_exec($ch); // grab the hidden inputs from the form required to login$fields = getFormFields($content);$fields['email'] = $login_email;$fields['password'] = $login_pass;// set postfields using what we extracted from the form$POSTFIELDS = http_build_query($fields); // change URL to login URLcurl_setopt($ch, CURLOPT_URL, $LOGINURL); // set post optionscurl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $POSTFIELDS); // perform login$result = curl_exec($ch); print $result; function getFormFields($data){ if (preg_match('/()/is', $data, $matches)) { $inputs = getInputs($matches[1]); return $inputs; } else { die('didnt find login form'); }}function getInputs($form){ $inputs = array(); $elements = preg_match_all("/(]+>)/is", $form, $matches); if ($elements > 0) { for($i = 0;$i $el = preg_replace('/\s{2,}/', ' ', $matches[1][$i]); if (preg_match('/name=(?:["\'])?([^"\'\s]*)/i', $el, $name)) { $name = $name[1]; $value = ''; if (preg_match('/value=(?:["\'])?([^"\'\s]*)/i', $el, $value)) { $value = $value[1]; } $inputs[$name] = $value; } } } return $inputs;}$grab_url='http://grab.url/alabala';//page with the content I want to grabcurl_setopt($ch, CURLOPT_URL, $grab_url);//do stuff with the info with DomDocument() etc$html = curl_exec($ch);curl_close($ch);var_dump($html); die;

PHP CURL WAMP - SSL certificate error: unable to get local issuer certificate

I'm running PHP Version 5.5.12 as part of WAMP.
When I try to execute this code, I'm getting the following error:
SSL certificate error: unable to get local issuer certificate
This script aims to get content from authentification form passing login and password.
<?php
include('simple_html_dom.php');
ini_set('max_execution_time', 0);
error_reporting(E_ALL);
ini_set('display_errors', 1);
ini_set('memory_limit', '2G');
class EmailScraping {
public $url;
public function __construct($url) {
if ($this->validUrl($url))
$this->url = $url;
else {
echo 'bad url <br>';
}
}
public function getContent() {
$username = "****";
$password = "****";
//login form action url
$url = 'https://placement.emploiquebec.gouv.qc.ca/mbe/login/portail/auth.asp?provenance=emplr&CL=french';
$postinfo = "posted&L_OBLG_NOM_UTIL=Votre code d'utilisation&OBLG_NOM_UTIL=" . $username . "&L_OBLG_MOT_PASSE=Votre mot de passe&OBLG_MOT_PASSE=" . $password . "&continuer=CONTINUER&LastLogin&NbEssai=0";
$cookie_file_path = "./cookies.txt";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_NOBODY, false);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_ENCODING , "");
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);
//set the cookie the site has for certain features, this is optional
curl_setopt($ch, CURLOPT_COOKIE, "cookiename=0");
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7");
curl_setopt($ch, CURLOPT_REFERER, $_SERVER['REQUEST_URI']);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_CAINFO, getcwd() . '\cacert.pem');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postinfo);
$html1 = curl_exec($ch);
curl_close($ch);
$ch = curl_init();
//page with the content I want to grab
curl_setopt($ch, CURLOPT_URL, "https://placement.emploiquebec.gouv.qc.ca/mbe/ut/suivroffrs/esuivroffrs.asp?CL=french");
curl_setopt($ch, CURLOPT_POST, false);
curl_setopt($ch, CURLOPT_POSTFIELDS, "");
$answer = curl_exec($ch);
if (curl_error($ch)) {
echo curl_error($ch);
}
curl_close($ch);
return $answer;
}
public function validUrl($url) {
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&##\/%?=~_|!:,.;]*[-a-z0-9+&##\/%=~_|]/i", $url)) {
return false;
}
return true;
}
}
$scraper = new EmailScraping('https://www.facebook.com');
$result = $scraper->getContent();
$html = "<base href='https://placement.emploiquebec.gouv.qc.ca/mbe/login/portail/auth.asp?provenance=emplr&CL=french' />" . $result;
echo $html;
I'm trying to add this code in php.ini file and restarted WAMP server but still getting the same error.
curl.cainfo="C:/wamp/www/domscraper/cacert.pem"
I really don't know what else to try.
Can anyone advise on what else can I try?

You have curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
Try setting it to false
Here's a link to some doc - http://php.net/manual/en/function.curl-setopt.php
This should be development only, on prod you should probably resolve any cert issues and would probably need to get certs/keys from the provider.
For error logging add (and check out the docs for additional info)
$verbose = fopen ( 'php://temp', 'w+' );
curl_setopt ( $curlManager, CURLOPT_VERBOSE, true );
curl_setopt ( $curlManager, CURLOPT_STDERR, $verbose );
You might also try removing some of those options if not needed to debug.

This is the bast configuration: change from
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
to
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
I've been trying to connect into API made by Postman and it works.
I use WAMP (PHP7+Apache) on Windows 64bits.

Login to website using cURL and PHP

Hey I am trying to login to the NJIT site to check if username and password are correct. For some reason I keep getting rejected even if I use correct credentials. Also how do I strip the $result to check if it contains "Fail" which would mean the credentials were wrong. Here is my code.
Main:
<?PHP
session_start();
require_once('functions.php');
//$UCID=$_POST['UCID'];
//$Pass=$_POST['Pass'];
$UCID="jko328";
$Pass="password";
$credentialsNJIT="user=".$UCID."&pass=".$Pass;
$njit_url="https://cp4.njit.edu/cp/home/login";
$njit_result=goCurlNJIT($credentialsNJIT, $njit_url);
echo $result;
?>
Here is the cURL function:
function goCurlNJIT($postdata, $url){
session_start();
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_PROTOCOLS, CURLPROTO_HTTPS);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt ($ch, CURLOPT_REFERER, $url);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt ($ch, CURLOPT_POST, true);
$result = curl_exec($ch);
curl_close($ch);
if(strpos($result, "Failed") === false){
$response = "NJIT did not like credentials";
}
else{
$response = "NJIT liked your credentials";
}
echo $response;
}

Actually when we load a page it saves the cookie and send it . So to sign in you first need to acess the page without credential and save the cookies . In next request you need to send the cookies . To avoid bot script login usually websites have dynamic hidden fields and other securities .. in this case you cant log on .

I'm updating the function too much and making it way more flexible. --You can update it further more if you want.
First and most importantly, you need to create a text file named cookie.txt in the directory where your scrapping file is.
function goCurlNJIT($header = array(), $url, $post = false)
{
$cookie = "cookie.txt";
$ch = curl_init();
curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate,sdch');
if (isset($header) && !empty($header))
{
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
}
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 200);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_MAXREDIRS, 5);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36");
curl_setopt($ch, CURLOPT_COOKIEJAR, realpath($cookie));
curl_setopt($ch, CURLOPT_COOKIEFILE, realpath($cookie));
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_REFERER, $url);
//if it's a POST request instead of GET
if (isset($post) && !empty($post) && $post)
{
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
} //endif
$data = curl_exec($ch);
curl_close($ch);
if($info['http_code'] == 200){
return ($data); //this will return page on successful, false otherwise
}else{
return false;
}
}
if you'd paid a close look to Requested Headers, you can notice that there is one unusual header there, that is Upgrade-Insecure-Requests:1(I personally haven't seen this before, so it's wise to send this along with request).
Next the request that you're posting is not like as it should be, you're missing stuff.
$UCID="jko328";
$Pass="password";
$credentialsNJIT="user=".$UCID."&pass=".$Pass; // where is uuid?
it should be something like this. You're skipping uuid from post string.
pass=password&user=jko328&uuid=0xACA021
so putting altogether,
$post['user'] = "jko328";
$post['pass'] = "password";
$post['uuid'] = '0xACA021';
$urlToPost = "https://cp4.njit.edu/cp/home/login";
$header['Upgrade-Insecure-Requests'] = 1;
//Now make call to function, and it'll work fine.
echo goCurlNJIT($header, $urlToPost, http_build_query($post));
and this will work fine. Make sure you've created cookie.txt file in the directory where your this scripts is.

Login to Google with PHP and Curl, Cookie turned off?

I have this code for logging into Google using Simple DOM Parser with curl. I've tried adding in the cookiejar file, but to no avail. I keep getting the message:
Your browser's cookie functionality is turned off. Please turn it on.
Any idea on how to solve this?
Here's my code for reference:
$html = file_get_html('https://accounts.google.com/ServiceLogin?hl=en&service=alerts&continue=http://www.google.com/alerts/manage');
//... some code for getting post data here
$curl_connection = curl_init('https://accounts.google.com/ServiceLoginAuth');
curl_setopt($curl_connection, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($curl_connection, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)");
curl_setopt($curl_connection, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl_connection, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl_connection, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl_connection, CURLOPT_COOKIEJAR, COOKIEJAR);
curl_setopt($curl_connection, CURLOPT_COOKIEFILE, COOKIEJAR);
curl_setopt($curl_connection, CURLOPT_HEADER, true);
curl_setopt($curl_connection, CURLOPT_RETURNTRANSFER,1);
curl_setopt($curl_connection, CURLOPT_CONNECTTIMEOUT, 120);
curl_setopt($curl_connection, CURLOPT_TIMEOUT, 120);
curl_setopt($curl_connection, CURLOPT_POSTFIELDS, $post_string);
$result = curl_exec($curl_connection);
curl_close($curl_connection);
echo $result;

Here is some modified code that works.
It first requests the login page to get the initial cookies and extract the required values for the login form. Next it performs a post to the login service. It then checks to see if it is trying to use javascript and meta tags to redirect to the destination URL.
It seemed like you already have code for grabbing the form fields, so I didn't post mine, but if you need it let me know. Just make sure $formFields is an associative array with keys being the field name, and the value being the field value.
<?php
/**
* Log in to Google account and go to account page
*
*/
$USERNAME = 'youraccount#gmail.com';
$PASSWORD = 'password';
$COOKIEFILE = 'cookies.txt';
// initialize curl handle used for all requests
$ch = curl_init();
// set some options on the handle
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_COOKIEJAR, $COOKIEFILE);
curl_setopt($ch, CURLOPT_COOKIEFILE, $COOKIEFILE);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 120);
curl_setopt($ch, CURLOPT_TIMEOUT, 120);
// url of our first request fetches the account login page
curl_setopt($ch, CURLOPT_URL,
'https://accounts.google.com/ServiceLogin?hl=en&service=alerts&continue=http://www.google.com/alerts/manage');
$data = curl_exec($ch);
// extract form fields from account login page
$formFields = getFormFields($data);
// inject email and password into form
$formFields['Email'] = $USERNAME;
$formFields['Passwd'] = $PASSWORD;
unset($formFields['PersistentCookie']);
$post_string = http_build_query($formFields); // build urlencoded POST string for login
// set url to login page as a POST request
curl_setopt($ch, CURLOPT_URL, 'https://accounts.google.com/ServiceLoginAuth');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_string);
// execute login request
$result = curl_exec($ch);
// check for "Redirecting" message in title to indicate success
// based on your language - you may need to change this to match some other string
if (strpos($result, '<title>Redirecting') === false) {
die("Login failed");
var_dump($result);
}
// login likely succeeded - request account page; unset POST so we do a regular GET
curl_setopt($ch, CURLOPT_URL, 'https://myaccount.google.com/?utm_source=OGB');
curl_setopt($ch, CURLOPT_POST, 0);
curl_setopt($ch, CURLOPT_POSTFIELDS, null);
// execute request for login page using our cookies
$result = curl_exec($ch);
echo $result;
// helpef functions below
// find google "#gaia_loginform" for logging in
function getFormFields($data)
{
if (preg_match('/(<form.*?id=.?gaia_loginform.*?<\/form>)/is', $data, $matches)) {
$inputs = getInputs($matches[1]);
return $inputs;
} else {
die('didnt find login form');
}
}
// extract all <input fields from a form
function getInputs($form)
{
$inputs = array();
$elements = preg_match_all('/(<input[^>]+>)/is', $form, $matches);
if ($elements > 0) {
for($i = 0; $i < $elements; $i++) {
$el = preg_replace('/\s{2,}/', ' ', $matches[1][$i]);
if (preg_match('/name=(?:["\'])?([^"\'\s]*)/i', $el, $name)) {
$name = $name[1];
$value = '';
if (preg_match('/value=(?:["\'])?([^"\'\s]*)/i', $el, $value)) {
$value = $value[1];
}
$inputs[$name] = $value;
}
}
}
return $inputs;
}

Login to remote site with PHP cURL

I'm new to using cURL and its hard to find good resources for it.
What I'm trying to do is login to a remote site, by having curl do the login form and then send back that it was successful.
The code I have doesn't seem to work and only tries to show the main page of the site.
$username="mylogin#gmail.com";
$password="mypassword";
$url="http://www.myremotesite.com/index.php?page=login";
$cookie="cookie.txt";
$postdata = "email=".$username."&password=".$password;
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_COOKIEJAR, $cookie);
curl_setopt ($ch, CURLOPT_REFERER, $url);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt ($ch, CURLOPT_POST, 1);
$result = curl_exec ($ch);
echo $result;
curl_close($ch);
What am I doing wrong. After this is working I want to redirect to another page and get content from my site.

I had let this go for a good while but revisited it later. Since this question is viewed regularly. This is eventually what I ended up using that worked for me.
define("DOC_ROOT","/path/to/html");
//username and password of account
$username = trim($values["email"]);
$password = trim($values["password"]);
//set the directory for the cookie using defined document root var
$path = DOC_ROOT."/ctemp";
//build a unique path with every request to store. the info per user with custom func. I used this function to build unique paths based on member ID, that was for my use case. It can be a regular dir.
//$path = build_unique_path($path); // this was for my use case
//login form action url
$url="https://www.example.com/login/action";
$postinfo = "email=".$username."&password=".$password;
$cookie_file_path = $path."/cookie.txt";
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_NOBODY, false);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);
//set the cookie the site has for certain features, this is optional
curl_setopt($ch, CURLOPT_COOKIE, "cookiename=0");
curl_setopt($ch, CURLOPT_USERAGENT,
"Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_REFERER, $_SERVER['REQUEST_URI']);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postinfo);
curl_exec($ch);
//page with the content I want to grab
curl_setopt($ch, CURLOPT_URL, "http://www.example.com/page/");
//do stuff with the info with DomDocument() etc
$html = curl_exec($ch);
curl_close($ch);
Update: This code was never meant to be a copy and paste. It was to show how I used it for my specific use case. You should adapt it to your code as needed. Such as directories, vars etc

I had same question and I found this answer on this website.
And I changed it just a little bit (the curl_close at last line)
$username = 'myuser';
$password = 'mypass';
$loginUrl = 'http://www.example.com/login/';
//init curl
$ch = curl_init();
//Set the URL to work with
curl_setopt($ch, CURLOPT_URL, $loginUrl);
// ENABLE HTTP POST
curl_setopt($ch, CURLOPT_POST, 1);
//Set the post parameters
curl_setopt($ch, CURLOPT_POSTFIELDS, 'user='.$username.'&pass='.$password);
//Handle cookies for the login
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
//Setting CURLOPT_RETURNTRANSFER variable to 1 will force cURL
//not to print out the results of its query.
//Instead, it will return the results as a string return value
//from curl_exec() instead of the usual true/false.
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
//execute the request (the login)
$store = curl_exec($ch);
//the login is now done and you can continue to get the
//protected content.
//set the URL to the protected file
curl_setopt($ch, CURLOPT_URL, 'http://www.example.com/protected/download.zip');
//execute the request
$content = curl_exec($ch);
curl_close($ch);
//save the data to disk
file_put_contents('~/download.zip', $content);
I think this was what you were looking for.Am I right?
And one useful related question. About how to keep a session alive in cUrl: https://stackoverflow.com/a/13020494/2226796

View the source of the login page. Look for the form HTML tag. Within that tag is something that will look like action= Use that value as $url, not the URL of the form itself.
Also, while you are there, verify the input boxes are named what you have them listed as.
For example, a basic login form will look similar to:
<form method='post' action='postlogin.php'>
Email Address: <input type='text' name='email'>
Password: <input type='password' name='password'>
</form>
Using the above form as an example, change your value of $url to:
$url="http://www.myremotesite.com/postlogin.php";
Verify the values you have listed in $postdata:
$postdata = "email=".$username."&password=".$password;
and it should work just fine.

This is how I solved this in ImpressPages:
//initial request with login data
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://www.example.com/login.php');
curl_setopt($ch, CURLOPT_USERAGENT,'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/32.0.1700.107 Chrome/32.0.1700.107 Safari/537.36');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, "username=XXXXX&password=XXXXX");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie-name'); //could be empty, but cause problems on some hosts
curl_setopt($ch, CURLOPT_COOKIEFILE, '/var/www/ip4.x/file/tmp'); //could be empty, but cause problems on some hosts
$answer = curl_exec($ch);
if (curl_error($ch)) {
echo curl_error($ch);
}
//another request preserving the session
curl_setopt($ch, CURLOPT_URL, 'http://www.example.com/profile');
curl_setopt($ch, CURLOPT_POST, false);
curl_setopt($ch, CURLOPT_POSTFIELDS, "");
$answer = curl_exec($ch);
if (curl_error($ch)) {
echo curl_error($ch);
}

Panama Jack Example not work for me - Give Fatal error: Call to undefined function build_unique_path(). I used this code - (more simple - my opinion) :
// options$login_email = 'alabala#gmail.com';$login_pass = 'alabala4807';$cookie_file_path = "/tmp/cookies.txt";$LOGINURL = "http://alabala.com/index.php?route=account/login"; $agent = "Nokia-Communicator-WWW-Browser/2.0 (Geos 3.0 Nokia-9000i)";// begin script$ch = curl_init();// extra headers$headers[] = "Accept: */*";$headers[] = "Connection: Keep-Alive";// basic curl options for all requestscurl_setopt($ch, CURLOPT_HTTPHEADER, $headers);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_USERAGENT, $agent); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path); curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path); // set first URLcurl_setopt($ch, CURLOPT_URL, $LOGINURL);// execute session to get cookies and required form inputs$content = curl_exec($ch); // grab the hidden inputs from the form required to login$fields = getFormFields($content);$fields['email'] = $login_email;$fields['password'] = $login_pass;// set postfields using what we extracted from the form$POSTFIELDS = http_build_query($fields); // change URL to login URLcurl_setopt($ch, CURLOPT_URL, $LOGINURL); // set post optionscurl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $POSTFIELDS); // perform login$result = curl_exec($ch); print $result; function getFormFields($data){ if (preg_match('/()/is', $data, $matches)) { $inputs = getInputs($matches[1]); return $inputs; } else { die('didnt find login form'); }}function getInputs($form){ $inputs = array(); $elements = preg_match_all("/(]+>)/is", $form, $matches); if ($elements > 0) { for($i = 0;$i $el = preg_replace('/\s{2,}/', ' ', $matches[1][$i]); if (preg_match('/name=(?:["\'])?([^"\'\s]*)/i', $el, $name)) { $name = $name[1]; $value = ''; if (preg_match('/value=(?:["\'])?([^"\'\s]*)/i', $el, $value)) { $value = $value[1]; } $inputs[$name] = $value; } } } return $inputs;}$grab_url='http://grab.url/alabala';//page with the content I want to grabcurl_setopt($ch, CURLOPT_URL, $grab_url);//do stuff with the info with DomDocument() etc$html = curl_exec($ch);curl_close($ch);var_dump($html); die;

Categories