I am attempting to login into my Elance account using cURL in PHP. I successfully login through the first login form. However, you have to answer a security question on the next page. I am trying to POST the answer and submit the form, however, I cannot get it to POST and submit the form. I am trying to do this in 1 .php file. Does the 2nd POST need to be done in a separate file or can it be done in the same file? Here is my code:
<?php
$username = 'Blah';
$password = 'BlahBlah';
$useragent = $_SERVER["HTTP_USER_AGENT"];
$postdata="lnm=$username&pwd=$password";
$postdata_2 = "challengeAnswer=Secret";
$ch = curl_init();
//Main Login
curl_setopt ($ch, CURLOPT_URL,"https://www.elance.com/php/landing/main/login.php");
curl_setopt ($ch, CURLOPT_HEADER, true);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt ($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt ($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
curl_setopt ($ch, CURLOPT_REFERER, "https://www.elance.com/php/landing/main/login.php");
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt ($ch, CURLOPT_POST, 1);
$result = curl_exec($ch);
//Security Question
curl_setopt($ch, CURLOPT_URL, "https://www.elance.com/php/trust/main/securityAudit.php?timestamp=1369701194&userid=4312662&saamode=NCR&hash=b5523cd532c401e374c8a06e6d2fbfa39ac82387&ncr_persisid=643029635&kmsi=&redirect=https%3A%2F%2Fwww.elance.com%2Fphp%2Fmyelance%2Fmain%2Findex.php%3Fredirect%3Dhttps%253A%252F%252Fwww.elance.com%252Fmyelance");
curl_setopt ($ch, CURLOPT_HEADER, true);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt ($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt ($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
curl_setopt ($ch, CURLOPT_REFERER, "https://www.elance.com/php/trust/main/securityAudit.php?timestamp=1369701194&userid=4312662&saamode=NCR&hash=b5523cd532c401e374c8a06e6d2fbfa39ac82387&ncr_persisid=643029635&kmsi=&redirect=https%3A%2F%2Fwww.elance.com%2Fphp%2Fmyelance%2Fmain%2Findex.php%3Fredirect%3Dhttps%253A%252F%252Fwww.elance.com%252Fmyelance");
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata_2);
curl_setopt ($ch, CURLOPT_POST, 1);
$result_2 = curl_exec($ch);
echo $result_2;
curl_close($ch);
?>
I have tried several different ways but none of them seem to work. I need help making the 2nd POST command.
if( $curl = curl_init() ) {
curl_setopt($curl, CURLOPT_URL, 'http://your-domain.com/file.php');
curl_setopt($curl, CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, "text=test");
$out = curl_exec($curl);
echo $out;
curl_close($curl);
}
After than you can get text variable in http://your-domain.com/file.php by $_POST['text'];
I can see timestamps and hashes on the paremeters of the second cURL
curl_setopt($ch, CURLOPT_URL, "https://www.elance.com/php/trust/main/securityAudit.php?timestamp=1369701194&userid=4312662&saamode=NCR&hash=b5523cd532c401e374c8a06e6d2fbfa39ac82387&ncr_persisid=643029635&kmsi=&redirect=https%3A%2F%2Fwww.elance.com%2Fphp%2Fmyelance%2Fmain%2Findex.php%3Fredirect%3Dhttps%253A%252F%252Fwww.elance.com%252Fmyelance");
That means for every request you are attempting from the first cURL, a new unique URL is created and that url will be the only one valid to attempt to post using your second cURL. You cant just copy and paste a url of the second "security question" screen to your second cURL because every time will has other timestamp and/or hashes.
You cannot just hardcode a url with timestamp/hash. It will be discarded from that site's server. you need somehow to obtain that url on-the-fly and use it in your second POST
Also there could be a "http referer" check in place.
Related
I am not sure how can or if I can use php multi curl function in the following situation:
I need to curl 3 different links while all of them are dependent to each other.
With the unique id obtained from the first link I will access the second link to retrieve another unique id which will be used in the 3rd link for the final result. See example below for better understanding:
$agent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36";
//open the session with the first link
$url1 = "http://first-link-example.com/execute";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url1);
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_COOKIESESSION, TRUE);
curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookies.txt');
curl_setopt ($ch, CURLOPT_COOKIEFILE, 'cookies.txt');
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
$results = curl_exec($ch);
//get unique id from the link above
$unique1 = explode("string1", $results);
$unique1 = explode("string2", $unique1[1]);
//new request to access second link while preserving the session
$url2 = "http://second-link-example.com/execute?id=".$unique1[0];
curl_setopt($ch, CURLOPT_URL, $url2);
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_COOKIESESSION, TRUE);
curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookies.txt');
curl_setopt ($ch, CURLOPT_COOKIEFILE, 'cookies.txt');
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
$results2 = curl_exec($ch);
//get the second unique id from $results2 page
$unique2 = explode("string1", $results2);
$unique2 = explode("string2", $unique2[1]);
//final request to retrieve the desired string while preserving the session
$url3 = "http://third-link-example.com/execute?id=".$unique2[0]."/response";
curl_setopt($ch, CURLOPT_URL, $url3);
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_COOKIESESSION, TRUE);
curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookies.txt');
curl_setopt ($ch, CURLOPT_COOKIEFILE, 'cookies.txt');
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
$results3 = curl_exec($ch);
//get the desired string from $results3 page
$success = explode("string1", $results3);
$success = explode("string2", $success[1]);
echo $success[0];
curl_close($ch);
I did a lot of research on the web but couldn't find something appropriate and I wasn't able to understand how can I use multi curl in my situation or if it's possible.
Hopefully I made myself clear enough regarding what I'm looking for.
Thanks in advance to anyone who will be able to help me.
Short answer - NO.
Long answer - cURL multi handles are intended for asynchronous requests, i.e requests that don't block each other. In your case, each request blocks the one beforehand, as it is dependent on its response, so they must only be ran synchronously.
I am trying to login to a page, and then go to a different page, submit a form, and then I get another form on the same link, submit that, and then get another form on the same link, and submit that.
However, from what I see, I login fine ... but after that it keeps showing me the same page (the one after I login).
$username = 'xxxxxxx';
$password = 'yyyyyyy';
$useragent = $_SERVER["HTTP_USER_AGENT"];
$fields = array(
'username='. urlencode($username),
'password=' . urlencode($password),
);
$postdata = implode('&', $fields);
$ch = curl_init();
//Main Login
curl_setopt ($ch, CURLOPT_URL,"https://xxxxxxxxxxxx.com/index.php");
curl_setopt ($ch, CURLOPT_HEADER, true);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt ($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt ($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
curl_setopt ($ch, CURLOPT_REFERER, "https://xxxxxxxxxxx.com/index.php");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt ($ch, CURLOPT_POST, 1);
$result = curl_exec($ch);
$info = curl_getinfo($ch);
echo $result;
echo "<pre>";
print_r ($info);
echo "</pre>";
print curl_error($ch);
$contractid = "12345";
$fields = array(
'contract_id='. urlencode($contractid),
'submit='. urlencode("Next"),
);
$postdata2 = implode('&', $fields);
curl_setopt ($ch, CURLOPT_URL,"https://xxxxxxxxxxxx.com/index.php?page=Recovery");
curl_setopt ($ch, CURLOPT_HEADER, true);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt ($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt ($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
curl_setopt ($ch, CURLOPT_REFERER, "https://xxxxxxxxxxxxx.com/index.php?page=Recovery");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata2);
curl_setopt ($ch, CURLOPT_POST, 1);
$result_2 = curl_exec($ch);
$info = curl_getinfo($ch);
echo $result;
echo "<pre>";
print_r ($info);
echo "</pre>";
print curl_error($ch);
and twice more for each step, the same way and ending it with curl_close($ch);.
However, like I stated, it still shows only the main page.
After first curl request close curl and initialize again. Otherwise curl will not write anything to cookie file and at next call no cookies are sent!
CURLOPT_COOKIEJAR
The name of a file to save all internal cookies to when the handle is
closed, e.g. after a call to curl_close.
// after end of first curl call
curl_close($ch);
// before second curl call
$ch = curl_init();
I'm facing with error which is not resolved from 3 days . let me know where i'm going wrong . Like wise i need to login into portal and redirect it to next webpage .
url="http://gis.lntecc.com/BWSSBLnT/login.aspx?ReturnUrl=%2fbwssblnt%2fScada.aspx%3ffield1%3dKathriguppe%2cSW2DM0402%2c235505H073%2c450&field1=Kathriguppe,SW2DM0402,235505H073,450";
$useragent="xyz";
$ch = curl_init();
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_USERPWD, 'abc:123');
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, 'Login1_Username=abc&Login1_Password=123');
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
$store = curl_exec ($ch);
echo $store;
curl_close ($ch);
The post field names on the website are not the same in your code.
The proper names are Login1$UserName and Login1$Password, you need to look at the name attribute, not the ID.
That being the case, your code should be:
curl_setopt ($ch, CURLOPT_POSTFIELDS, 'Login1$UserName=abc&Login1$Password=123');
hey guys easy way to login into the webpages using php script is just removing url and following with the thing
header("Location: http://gis.lntecc.com/bwssblnt/Scada.aspx? field1=Kathriguppe%2cSW2DM0402%2c235505H073%2c450")
I'm new to cURL and I'm trying to access my ebay account using php cURL, I have an existing code but ebay doesn't seem to let me log in using cURL. It just displays the login page when I echo the result.
$username="testtest";
$password="testtest";
$url="https://signin.ebay.co.uk/ws/eBayISAPI.dll?co_partnerId=2&siteid=3&UsingSSL=1";
$gacookie="/var/www/barcode/cookie/cookie.txt";
$postdata = 'userid='. $username .':pass='. $password;
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_COOKIEJAR, $gacookie);
curl_setopt ($ch, CURLOPT_COOKIEFILE, $gacookie);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt ($ch, CURLOPT_POST, 1);
$AskApache_result = curl_exec ($ch);
curl_close($ch);
echo $AskApache_result;
Is it possible to login to ebay using php cURL by username and password or tokens?
Post data should look like this:
foo=bar&field=value
In your case:
$postdata = 'userid='. $username .'&pass='. $password;
try adding the following code
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
and troubleshoot further with
var_dump($AskApache_result);
echo curl_error($ch);
This is my code:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://www.membersite.com/login.php");
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, 'username=deleted&password=deleted');
curl_setopt ($ch, CURLOPT_COOKIEJAR, 'C:\xampp\htdocs\scrape\cookie.txt');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$store = curl_exec ($ch);
curl_setopt($ch, CURLOPT_URL, "http://www.membersite.com/memberlist.php");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$page = curl_exec ($ch);
echo $page;
curl_close($ch);
But I don't think it's successfully logging in as the site (my own, by the way) doesn't show a log of me signing in. I know the username and password are correct, as are the URLs. I get a cookie.txt file back with what looks like good data but I'm not sure.
If I try some basic debugging, like this:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://www.membersite.com/login.php");
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, 'username=deleted&password=deleted');
curl_setopt ($ch, CURLOPT_COOKIEJAR, 'C:\xampp\htdocs\scrape\cookie.txt');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
if(!$store = curl_exec($ch))
{
echo "login fail";
}
curl_setopt($ch, CURLOPT_URL, "http://www.membersite.com/memberlist.php");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
if(!$page = curl_exec($ch))
{
echo "page fail";
}
echo $page;
curl_close($ch);
I get a "page fail" being printed to the page, so I guess the logging in isn't working.
Any help? thanks.
Nevermind, downloaded a phpBB cURL library and sorted it.
Add the CURLOPT_COOKIEFILE option with same value as the CURLOPT_COOKIEJAR option.
You also need to use those two options for each subsequent request (ie your request for memberlist.php).
You can see a way of doing it here.