使用 curl 登录 Facebook

Question

I need to login facebook with curl. I already tested in browser with condition disable cookie, javascript and Opera mini 4 User-agent. It login succefully. with that i check with inspect what happens within request header and response headers. i check it already. the first step facebook will generate 4 random values within hidden type input " lsd, jazoest,m_ts,li ". the second step after post it will redirect to specific location with session. Cause, i disable cookie. so i see facebook switch to session. after this step. i should see my timeline page. but, it nothing happens. it just post to login page without follow location. object httpConnect is wrapper from curl.

$headers = [
        'User-agent: Opera/9.80 (J2ME/MIDP; Opera Mini/4.0.10992/35.5561; U; hr) Presto/2.8.119 Version/11.10',
    ];

$facebook = new httpConnect('https://m.facebook.com/');

$facebook->setHeaders($headers);

$facebook->setOptions();

$facebook->sendRequest();

$sourceCode = $facebook->getResponse();

preg_match('/<input type="hidden" name="lsd" value="(.*?)" autocomplete="off" \/>/', $sourceCode, $lsd);

preg_match('/<input type="hidden" name="jazoest" value="(.*?)" autocomplete="off" \/>/', $sourceCode, $jazoest);

preg_match('/<input type="hidden" name="m_ts" value="(.*?)" \/>/', $sourceCode, $m_ts);

preg_match('/<input type="hidden" name="li" value="(.*?)" \/>/', $sourceCode, $li);

$data = [
    'lsd' => $lsd[1],
    'jazoest' => $jazoest[1],
    'm_ts'  => $m_ts[1],
    'li' => $li[1],
    'try_number' => 0,
    'unrecognized_tries' => 0,
    'email' => 'email',
    'pass' => 'password',
    'login' => 'Log In',
    '_fb_noscript' => 'true'
];

$options = [
    CURLOPT_POST            => TRUE,
    CURLOPT_POSTFIELDS      => $data,
    CURLOPT_FOLLOWLOCATION  => TRUE,
];

$facebook = new httpConnect('https://m.facebook.com/login/device-based/regular/login/?refsrc=https%3A%2F%2Fm.facebook.com%2F&amp;lwv=100&amp;refid=8');

$facebook->setHeaders($headers);

$facebook->setOptions($options);

$facebook->sendRequest();

echo $facebook->getResponse();

Answer 1

your login code is not even close to being complete,

first off, the first request to m.facebook.com to get the original cookie requires the accept-language header (seriously, it won't let you login without accept-language, weird shit, here is the 1 i am using: accept-language:en-US,en;q=0.8 ),

second, you're trying to parse HTML with regex, stop doing that , you have to use a proper HTML parser instead, PHP has several HTML parsers (including DOMDocument, XMLReader, XMLParser, SimpleXml,...), third, you're trying to hardcode the login form parameters, don't do that, extract them dynamically, you must fetch all <input> elements that is a descendant of the login_form element dynamically, and add them to your login request, and just fill out "email" and "pass" inputs manually.

next up, sometimes you will randomly get a request to install the facebook mobile app instead after logging in (this doesn't happen every time, but seemingly randomly), when you get this question, you MUST answer either yes or no, facebook will not allow you to continue the login before you answer. the question can be detected by looking for an <a> element with a href= that contains the string /login/save-device/cancel/ , and you can answer not interested by doing a simple GET request to the href pointed to by that a-element. finally, login success can be verified by looking for an a-element with an href containing /logout.php

you can find a sample login code from the FacebookRelay constructor of the msgme project, here: https://github.com/divinity76/msgme/blob/master/src/php/relays/facebook.relay.php