I'm trying to simulate a POST to a website based on what I see coming from Live HTTP headers in Firefox.
Here's a copy/paste of the log from the Firefox plugin:
POST /context?tab=login HTTP/1.1
Host: website User-Agent:
Mozilla/5.0 (X11; U; Linux i686;
en-US; rv:1.9.2.13) Gecko/20101206
Ubuntu/10.10 (maverick)
Firefox/3.6.13 Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115 Connection:
keep-alive Referer: referer
Cookie: fontsize=2;
JSESSIONID=0000pXE_BK7TjZFzEyNHqOKzXz2:-1
Content-Type:
application/x-www-form-urlencoded
Content-Length: 46
loginid=password&password=password&login=Login
And the response that follows immediately after the POST:
HTTP/1.1 302 Found Location:
website/context?tab=p00689
Content-Language: en-US
Set-Cookie:
JSESSIONID=0000oaKlIeeDRWkX5YCiJu5v1lM:-1;
Path=/ Transfer-Encoding:
chunked Date: Mon, 07 Feb 2011
14:15:21 GMT Server: WebSphere
Application Server/6.1 Expires:
Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: no-cache="set-cookie,
set-cookie2"
Based on my testing, a response that redirects to
website/context?tab=p00689
Means that the user was authenticated and everything worked properly.
However, when trying to accomplish this via PHP & cURL, I'm being redirected to a page that informs the user that their session has timed out.
Here's the code:
// Provider only likes Firefox
$agent = "User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101206 Ubuntu/10.10 (maverick) Firefox/3.6.13";
ini_set("user_agent", $agent);
// Cookie
$cookie = tempnam("/tmp", "curlcookie");
// Post everything that was posted to me.
$fields = $_POST;
foreach($fields as $key=>$value)
{
$fields_string .= "$key=$value&";
}
$fields_string = substr($fields_string, 0, strlen($fields_string) - 1);
// Custom headers
$headers = array(
"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
"Accept-Language: en-us,en;q=0.5",
"Accept-Encoding: gzip,deflate",
"Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive: 115",
"Connection: keep-alive");
// cURL options
$ch = curl_init("website");
curl_setopt($ch, CURLOPT_REFERER, "referer");
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch, CURLOPT_MAXREDIRS, 1);
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$output = curl_exec($ch);
$header = curl_getinfo($ch);
curl_close($ch);
// Debugging junk
echo nl2br($header["request_header"]);
echo "<br/><br/>Output:<br/><br/>$output";
The output from that script is as follows:
POST /context?tab=login HTTP/1.1
User-Agent: User-Agent: Mozilla/5.0
(X11; U; Linux i686; en-US;
rv:1.9.2.13) Gecko/20101206
Ubuntu/10.10 (maverick)
Firefox/3.6.13 Host: website
Pragma: no-cache Referer:
referer Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115 Connection:
keep-alive Content-Length:
46 Content-Type:
application/x-www-form-urlencoded
loginid=username&password=password&login=Login
Output: HTTP/1.1 302
Found
Location:website/context?tab=p00697
Content-Language: en-US Set-Cookie:
JSESSIONID=0000Tl8NL1Hg2dbNv_PEnq-bbvr:-1;
Path=/ Set-Cookie:
JSESSIONID=0000Zue58y1tXg3tt4XjB8exXw6:-1;
Path=/ Transfer-Encoding: chunked
Date: Mon, 07 Feb 2011 19:18:20 GMT
Server: WebSphere Application
Server/6.1 Expires: Thu, 01 Dec 1994
16:00:00 GMT Cache-Control:
no-cache="set-cookie,
set-cookie2"
Based on what I've posted, is there anything obvious that I'm missing? What should I try next? The requests look semantically the same; I'm not sure what I could be doing incorrectly.
The one thing that stands out is the following line of code:
$cookie = tempnam("/tmp", "curlcookie");
Now if this fails to create the file then tempnam would return false, meaning that the following lines of code:
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie);
are as good as not being set at all, you should keep the cookie file within the same directory as the executing script.
the next thing is:
$fields = $_POST;
foreach($fields as $key=>$value)
{
$fields_string .= "$key=$value&";
}
$fields_string = substr($fields_string, 0, strlen($fields_string) - 1);
You do not need to do this as CURLOPT_POSTFIELDS accepts an array so you should be able to do:
curl_setopt($ch, CURLOPT_POSTFIELDS, $_POST);
This will make sure that the entities are correctly parsed.
I also think you can remove the ini_set as that's for native functions such as file_get_contents and fopen streams etc, so double check the line:
ini_set("user_agent", $agent);
Also I would check to see if there is a cookie already set from the main page, such as index.php as the site may block requests from sources that have come directly to the login page with data.
Related
I want to load this link. but i get some error. the return http is ok. what is going on here?
HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8
X-Robots-Tag:noindex, nofollow, nosnippet
Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Wed, 14 Feb 2018 00:25:58 GMT
Content-Security-Policy: script-src 'report-sample' 'nonce-9FVKa6PbBSHhVPp1t9CsQgHFpDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/viewer/
X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block Server: GSE
Set-Cookie: DRIVE_STREAM=UMl4FRnEZmE; Domain=.drive.google.com; Path=/; Secure; HttpOnly Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Accept-Ranges: none Vary: Accept-Encoding
Transfer-Encoding: chunked
php:
<?php
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://drive.google.com/file/d/1wn9lQWIipzLYqyuJMzwwUTh3XUSpuokP/view?usp=sharing");
curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIESESSION, 1);
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_HEADER, 1);
$output = curl_exec($ch);
curl_close($ch);
echo $output;
?>
You need to explicitly retrieve the response body from your curl request. See Can PHP cURL retrieve response headers AND body in a single request?
The issue, if I understand correctly that you're thinking the header information is an error, is most likely due to you are requesting the header information with the body with curl_setopt($ch, CURLOPT_HEADER, 1);. Try removing that line and you should get the body output.
If you want header information returned separately, you could try CURLOPT_HEADERFUNCTION instead, please see https://curl.haxx.se/libcurl/c/CURLOPT_HEADER.html
I am trying to login to a website in PHP and then store a cookie.However I am not able to get pass the login for some reason.Here is my code so far
First i get the cookie and XSRF-TOKEN .You can consider $cookie_file_path to exist but empty
$ch = curl_init("https://ahrefs.com/user/login");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_AUTOREFERER, true);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36');
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path );
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_REFERER, "");
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT , 120);
curl_setopt($ch, CURLOPT_TIMEOUT , 0);
$result = curl_exec($ch);
At this point my cookie file at location $cookie_file_path contain ahrefs_cookie and XSRF-TOKEN
Now i will send everything via post
$ch = curl_init("https://ahrefs.com/user/login");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36');
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8",
"Accept-Encoding: gzip, deflate",
"Accept-Language: en-US,en;q=0.8",
"Content-Type: application/x-www-form-urlencoded"
));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($curl_parameters));
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path );
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path );
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_REFERER, $url);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT , 120);
curl_setopt($ch, CURLOPT_TIMEOUT , 0);
$result = curl_exec($ch);
Here are the post data i am sending
$curl_parameters = array(
"_token" => $token, # I get the token by just downloading the page with curl and extract the token value.This value is refresh on each post
"email" => xxxxx#gmail.com,
"password" => xxxxx,
"return_to" => "/", #
"remember_me" => 1
);
Here is what happen on a successful login
POST /user/login HTTP/1.1
Host: ahrefs.com:443
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8
Content-Type: application/x-www-form-urlencoded
Cookie: _vwo_uuid_v2=9788FEFE2A8FD2A0894175F5AA899CC9|0edcdb3cdbf14c6dbb9bd958d78f6023; ajs_anonymous_id=%224084d228-28d6-42b7-8129-3faf51983652%22; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; __insp_slim=1453358056412; __insp_wid=88855823; __insp_nv=true; __insp_ref=d; __insp_targlpu=https%3A%2F%2Fahrefs.com%2F; __insp_targlpt=Ahrefs%20SEO%20Tools%3A%20Backlink%20Checker%20%26%20SEO%20Report; km_ai=jRUMYEFwlZb6sEf5ikr900Rt24E%3D; km_uq=; __insp_norec_sess=true; _vwo_uuid=9788FEFE2A8FD2A0894175F5AA899CC9; _vis_opt_exp_12_combi=5; PHPSESSID=mf02jth4fd9nnj626p7i4lqs11; XSRF-TOKEN=eyJpdiI6Iit1MWxXUmZPZ0lpQkx3b1pObUtDU2c9PSIsInZhbHVlIjoiWGtuSW1sRXRBTWpKY2FIaExBXC8wVzIxZFNOalNWRTI2WXBWdkxLbG5cL3k4VWZqVWllOVJPNHpwZGZcL0xMdFVDOE1WXC8xZUplMkk1SzNqbXFSbXRzZUNnPT0iLCJtYWMiOiIzZDVkMDQzODNiMDAwNzU0NGRkOWM2Y2Y4YmFiNTkxZmFmN2QxNmY2ZWE1ZjkxOTBiOGE0YjhjNTVkNGRkNzE2In0%3D; ahrefs_cookie=eyJpdiI6IkZjb2NzY0U2Q3d0d1wvQ0tKZTBuN1JnPT0iLCJ2YWx1ZSI6IjBEWDBSZ1dFbVNLMlF4RTJhK1lmZ1Q2MFllOG9sUERXTGtPTmFOXC9RQk1YSUdiaG5lVGRmZk1mOG1KUWJMdWxzSEQ1elJBdUVVMk9MalhpcmcrVVcwdz09IiwibWFjIjoiNDM0YzRlM2ZhZWFmMGNiYjA2MDdmMmI2N2E2ZGUyMzRjOGE2OGJkNDFkYWZhODdiYWJjNGRkNGQwNTNjY2E2ZCJ9; _gat=1; ajs_user_id=null; ajs_group_id=null; mp_462869d58108d4904e778d9b2b8fbead_mixpanel=%7B%22distinct_id%22%3A%20%2215262e404c33be-09e7d85a5-424f072e-384000-15262e404c48f2%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; kvcd=1453360373661; km_vs=1; km_lv=1453360374; wooTracker=RMJYZZqFbCxy; intercom-id=05c5d5fa-ccaa-4744-8c69-4fdb89bfa409; _ga=GA1.2.274586625.1453358055; _gat_elevioTracker=1; _gali=login_form
Origin: https://ahrefs.com
Referer: https://ahrefs.com/user/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 4E0199DA-8C20-44C9-BAAA-5B5AD8C56232
HTTP/1.1 302 Found
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 316
Content-Type: text/html; charset=UTF-8
Date: Thu, 21 Jan 2016 07:13:48 GMT
Location: https://ahrefs.com
Server: nginx/1.6.2
Set-Cookie: remember_82e5d2c56bdd0811318f0cf078b78bfc=eyJpdiI6IktHdUtuXC9peTJtTXRnMitmWldnVm5RPT0iLCJ2YWx1ZSI6ImxybTExSHZ5M2NIVXBpXC8wV2lRNmhtS2VKdm02VzhCUWtcL1gyb3FSb2hsVGZvcTAxclwvOUJzcTVjVjd1QjR0OGRpYjZCSEVwdDlCWUVmS05mOFBpRTR2SGNaYWl6Q2NCSWJGRlBwbndHVTgwPSIsIm1hYyI6ImZhMGYzZGM2ZjVkOWI3NDRmYTYzY2Q1OWI5OWRlOWUwZWI4OTU2NzQyYTlmNWM3YjlkZDA1M2FkYzU4OTJiNjEifQ%3D%3D; expires=Tue, 19-Jan-2021 07:13:47 GMT; Max-Age=157679999; path=/; domain=.ahrefs.com; httponly
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkxVbkVZUVlZTGUyWGE5R0ZFSVwveTd3PT0iLCJ2YWx1ZSI6Ilk3VlRFQ1dvaTFZS1huVFIwZ2k4bXZTSEtRSzFNVlh0QkFkQTNIZnBRc011akJpTlVJblFVVVlGcXBNcExRTThpUmkyTHo5aVpjQzhxeWhROGQ5RzlBPT0iLCJtYWMiOiI5ZTE0ZDUyMjdmMjYwZDY5NmI4YzBiNmQyOTdkNWRhZWNiYTFhYzhmZWMxMzBiZTUwODEyZWJkNDc4ZmZiMGNkIn0%3D; expires=Thu, 21-Jan-2016 09:13:48 GMT; Max-Age=7200; path=/; domain=.ahrefs.com
Set-Cookie: ahrefs_cookie=eyJpdiI6IjFSU2d2Wm9KRjFycHJkaktUazM3dHc9PSIsInZhbHVlIjoiXC9xd0I1TWNvMTl4UHN5UnRNUmxYd014dnp6TXNYbnlDQ1hyRTdXTFVUeWZYM1VWWlVHbTNcL0tNa3NlN3lVQmgzTTNrOVdIckVHV0JQNmhielVLMEpmUT09IiwibWFjIjoiMzZkNDU2OWRjMmM4NTMzYjAyNWZhNWFkMDgzYjc4ZWYwOTQ3M2E3Mzg5YzRlNjJhYzk0ZDI5YzE0ZjNkOTIwZiJ9; expires=Mon, 21-Mar-2016 07:13:48 GMT; Max-Age=5184000; path=/; domain=.ahrefs.com; httponly
X-Powered-By: PHP/5.6.14-0+deb8u1
What i am missing here , why i can't login via post ?
Edit
If i set a wrong username/password you get the following
POST /user/login HTTP/1.1
Host: ahrefs.com:443
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8
Content-Type: application/x-www-form-urlencoded
Cookie: ajs_anonymous_id=%22e915c496-7e0b-46fc-8393-ec3c135edeac%22; _vis_opt_s=1%7C; km_ai=8tTicdoOSGYV7D%2F0bUXMtSQ%2BUhc%3D; _vwo_uuid=2E9A1BBEAC643740726E45FEDA088BB0; _vis_opt_exp_12_combi=3; PHPSESSID=mf02jth4fd9nnj626p7i4lqs11; remember_82e5d2c56bdd0811318f0cf078b78bfc=82e5d2c56bdd0811318f0cf078b78bfc=eyJpdiI6IktHdUtuXC9peTJtTXRnMitmWldnVm5RPT0iLCJ2YWx1ZSI6ImxybTExSHZ5M2NIVXBpXC8wV2lRNmhtS2VKdm02VzhCUWtcL1gyb3FSb2hsVGZvcTAxclwvOUJzcTVjVjd1QjR0OGRpYjZCSEVwdDlCWUVmS05mOFBpRTR2SGNaYWl6Q2NCSWJGRlBwbndHVTgwPSIsIm1hYyI6ImZhMGYzZGM2ZjVkOWI3NDRmYTYzY2Q1OWI5OWRlOWUwZWI4OTU2NzQyYTlmNWM3YjlkZDA1M2FkYzU4OTJiNjEifQ%3D%3D; _vwo_uuid_v2=2E9A1BBEAC643740726E45FEDA088BB0|b8caeecf523e81382e01b6691b0f508b; _vis_opt_test_cookie=1; _gat=1; __insp_slim=1453365450618; __insp_wid=88855823; __insp_nv=true; __insp_ref=d; __insp_targlpu=https%3A%2F%2Fahrefs.com%2F; __insp_targlpt=Ahrefs%20SEO%20Tools%3A%20Backlink%20Checker%20%26%20SEO%20Report; km_lv=x; km_uq=; __insp_norec_sess=true; _gat_elevioTracker=1; XSRF-TOKEN=eyJpdiI6ImZ3TGkraHJOVmRQMkhKb3NoZHdYNUE9PSIsInZhbHVlIjoiTThcL2hnY2VGZytGNTZsTXpseWVXb1lvMjVveEpLbFZJUzQ4cHRuNUFWWnpwVVpBSTZKVFdlKzZZN3hLdlpmMHdONGd2cGluTk91RkQ2Q0VJckt1ZWtnPT0iLCJtYWMiOiJjNjE5NWJmOTMyYzI4OWE4ZGFmZThiYjc1MDllYzVkMTBjMDUxNDg4MzQ4YmE5ZjMyOTRhNWM0YTk3ZjM4YmY1In0%3D; ahrefs_cookie=eyJpdiI6IndOUE1BZ1RDOW9VcE1uSU8wRmJwb1E9PSIsInZhbHVlIjoiWTZiaTdETG1ZVE8zWjdDNVo5bEc0NmhOU0VjNHFoZTdpTVVNdVhWMEtESUd6ZHQyTjhyY1JXWGdINkFQQmZ6WnlWb2hucUJqSnFoNmZpYjVtZ0txSWc9PSIsIm1hYyI6IjZlNzY5N2VlNzY0NzY1NGU4OWE5YzVlYTE4MmYzYTI4NmEwZDQwNjBjZDBkZGM3MGRjYjRkOGViOGRhYWM5YjYifQ%3D%3D; ajs_user_id=null; ajs_group_id=null; wooTracker=ZRa7vf7TNNp5; mp_462869d58108d4904e778d9b2b8fbead_mixpanel=%7B%22distinct_id%22%3A%20%22152630d4df88d7-087e038c3-424f072e-384000-152630d4df98b5%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; kvcd=1453365507959; km_vs=1; _ga=GA1.2.959678603.1453360761; intercom-id=08650ca0-7181-47ec-8ecb-0a6b3c045f19; _gali=login_form
Origin: https://ahrefs.com
Referer: https://ahrefs.com/user/login?return_to=%2F
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36
HTTP/1.1 302 Found
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 416
Content-Type: text/html; charset=UTF-8
Date: Thu, 21 Jan 2016 08:39:16 GMT
Location: https://ahrefs.com/user/login?return_to=%2F
Server: nginx/1.6.2
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkRLcHlIS1Z3YTV3RWtrZG1EUklXS1E9PSIsInZhbHVlIjoiZU1MaDJYSmp4K2VhaTRoMHp2eklJcWNSQjRONGtNcFA3ek5ubmhpXC9SNUlLVG0yVEZxMGJBUHMxTlBCbW9RM3RweEFGUENzbzFXXC9wRFZtQmlHQlBZdz09IiwibWFjIjoiMDRkMzNkZDQwMGU5MGJkZDJmOTk4MTgxMjA1NWViYzZhMmFhY2QyMjU0NjJjZmE2ODk1YjA3OTI1MmEzOTQ3ZSJ9; expires=Thu, 21-Jan-2016 10:39:16 GMT; Max-Age=7200; path=/; domain=.ahrefs.com
Set-Cookie: ahrefs_cookie=eyJpdiI6ImZIdEJGUHJSUmo3V2liZjhWaFdwM1E9PSIsInZhbHVlIjoiM3pyYkdSMDUxa3VZSXRScXZOb3VTbnBodndkS280SkJ6NzJ0Zm94UHo1ZHF0RVA3MVBKMThyOFJaWTdHTzdRajFycjREWE1rMkhPN1J6Ynl2ajJcL2FBPT0iLCJtYWMiOiIyZmFlMTdiOGFkNjg5YWQ0YTlmMDU3OGZhMDg5ODljNmE5NWIyOWY0NTNhN2FhZDJjYzVjNTViODY1MGYxMGYyIn0%3D; expires=Mon, 21-Mar-2016 08:39:16 GMT; Max-Age=5184000; path=/; domain=.ahrefs.com; httponly
X-Powered-By: PHP/5.6.14-0+deb8u1
Regards
Hello fellow programmers.
I am beginner programmer and I have failed attempt into creating a script for uploading image on one specific site.
My boss needs to upload images to specific site. To speed things up I need to create a script for that.
I usually use multi-part form data with cURL, but this site it is different.
Here are the headers
POST /upload-new.php?banner_url=http%3A%2F%2Ftest.com&ad_type=1&banner_size= HTTP/1.1
Host: admin.domain.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: lv,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: application/octet-stream
X-File-Name: indonesia.gif
X-File-Size: 15450
X-File-Type: image/gif
X-File-Date: Fri, 29 May 2015 09:48:22 GMT
X-Requested-With: FileDrop-XHR-FileAPI
Referer: https://admin.domain.com/campaigns-edit.php
Content-Length: 15450
Cookie: goals=
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
GIF89a,รบ
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 13 Jun 2015 16:22:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
----------------------------------------------------------
https://admin.domain.com/data/tmp-uploads/159310_20150613122208_indonesia.gif
GET /data/tmp-uploads/159310_20150613122208_indonesia.gif HTTP/1.1
Host: admin.domain.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: lv,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: https://admin.domain.com/campaigns-edit.php
Cookie: goals=
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 13 Jun 2015 16:22:08 GMT
Content-Type: image/gif
Content-Length: 15450
Last-Modified: Sat, 13 Jun 2015 16:22:08 GMT
Connection: keep-alive
Etag: "557c58b0-3c5a"
Accept-Ranges: bytes
This is what I tried
$file = realpath($file_name);
$finfo = new finfo(FILEINFO_MIME);
$mimetype = $finfo->file($file);
$cfile = curl_file_create($file, $mimetype);
$PostData = array( '' => $cfile );
//$headers
$headers = array();
$headers[] = 'X-File-Name: indonesia.gif';
$headers[] = 'X-File-Size: 15450';
$headers[] = 'X-File-Type: image/gif';
$headers[] = 'X-File-Date: Fri, 29 May 2015 09:48:22 GMT';
$headers[] = 'X-Requested-With: FileDrop-XHR-FileAPI';
$URL = "https://admin.domain.com/upload-new.php?banner_url=http%3A%2F%2Ftest.com&ad_type=1&banner_size="
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $URL);
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_POST, 1);
// curl_setopt($ch, CURLOPT_POSTFIELDS,$PostData);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_REFERER, $reffer);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);
$size = filesize($lfile);
$file = fopen($lfile, 'r');
curl_setopt($ch, CURLOPT_POSTFIELDS, "#" . $lfile);
curl_setopt($ch, CURLOPT_INFILE, $file);
curl_setopt($ch, CURLOPT_INFILESIZE, $size);
If (StrLen ($Proxy) > 0)
{
curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
curl_setopt($ch, CURLOPT_PROXY,$Proxy);
}
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 120);
curl_setopt($ch, CURLOPT_TIMEOUT, 120);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$result = curl_exec($ch);
curl_close($ch);
Website answers with link to image which gives me 404. So seems like I am failing to send over the file.
Can anybody please give me some guidance?
I want a PHP-cURL script to do the following request.
http://site5.way2sms.com/QuickContacts
POST /QuickContacts HTTP/1.1
Host: site5.way2sms.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:8.0) Gecko/20100101 Firefox/8.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Connection: keep-alive
X-Requested-With: XMLHttpRequest
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://site5.way2sms.com/Main.action?id=0CD36BD332A5C7AE77FDBA1CBDBFFBB6.w809
Content-Length: 16
gads=ID=e2cdae9b764355fa:T=1333862873:S=ALNI_MYvxochQ56ILMvBDr4oyyqCIDVn3w
Pragma: no-cache
Cache-Control: no-cache
folder=DashBoard
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html
Content-Length: 1901
Date: Sun, 08 Apr 2012 06:07:52 GMT
Connection: close
I think the returned content is in XML format. How to handle them?
If you want generate a post request to the URL and catch the returned data using cURL you can use the following function.
function cURL($url, $header=NULL, $cookie=NULL, $p=NULL)
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, $header);
curl_setopt($ch, CURLOPT_NOBODY, $header);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_COOKIE, $cookie);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
if ($p) {
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $p);
}
$result = curl_exec($ch);
if ($result) {
return $result;
} else {
return curl_error($ch);
}
curl_close($ch);
}
Like,
$data = cURL("http://site5.way2sms.com/QuickContacts", NULL, NULL, array("post_var" => value, "another_post_var" => val2));
I am getting some info from a https web server using PHP plus cURL. All info got as HTTP GET is ok but when I need to do some HTTP POST I get a no sense output. Web server is ok as If i get the info from a web browser all works ok.
I am using following code:
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1");
if($method == "POST"){
print_r($post_fields);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);
curl_setopt($ch,CURLOPT_HTTPHEADER, array (
"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
"Accept-Language: es-es,es;q=0.8,en-us;q=0.5,en;q=0.3",
"Accept-Encoding: gzip, deflate",
"Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7"
));
}
if ($usecookie) {
curl_setopt($ch, CURLOPT_COOKIEJAR, $usecookie);
curl_setopt($ch, CURLOPT_COOKIEFILE, $usecookie);
}
if ($refer != "") {
curl_setopt($ch, CURLOPT_REFERER, $refer );
}
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
Answer header is:
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2011 11:04:39 GMT
Server: Apache
Cache-Control: must-revalidate
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
max-age: Thu, 01 Jan 1970 00:00:00 GMT
X-Powered-By: Servlet/2.4 JSP/2.0
idWl: PRO-LOW16_6604
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Any idea about where the problem could be?
It clearly shows its gziped...
Content-Encoding: gzip
Transfer-Encoding: chunked
Passing the returned data through the below function will inflate it back to readable content.
function gzdecoder($d){
$f=ord(substr($d,3,1));
$h=10;$e=0;
if($f&4){
$e=unpack('v',substr($d,10,2));
$e=$e[1];$h+=2+$e;
}
if($f&8){
$h=strpos($d,chr(0),$h)+1;
}
if($f&16){
$h=strpos($d,chr(0),$h)+1;
}
if($f&2){
$h+=2;
}
$u = gzinflate(substr($d,$h));
if($u===FALSE){
$u=$d;
}
return $u;
}