简体繁体 English

PHP curl发布到aspx页面导致500服务器错误

[英]PHP curl posting to aspx page causing 500 server error

原文 2009-09-19 05:43:12 2 3 php/ asp.net/ curl

This is a little complex question and a little hard to explain. 这是一个有点复杂的问题，有点难以解释。

We have build a script to auto login and collect the information from one asp.net based website, the script is in PHP using curl. 我们已经构建了一个脚本来自动登录并从一个基于asp.net的网站收集信息，该脚本是使用curl的PHP。 We have been testing the script and it works 20-30% of the time which means the script is complete and works. 我们已经在测试脚本，并且该脚本可以在20％到30％的时间内正常工作，这意味着该脚本可以正常工作。 But rest of the time it fails, as the server gives 500 Internal Server error when we post the login details. 但是其余时间它会失败，因为当我们发布登录详细信息时，服务器会显示500 Internal Server错误。

The same script and the same details work sometimes and does not work sometimes, can any one tell me what could be the cause of this kind of problems? 相同的脚本和相同的细节有时起作用，有时却不起作用，谁能告诉我这种问题的起因是什么？

What should we check? 我们应该检查什么？ We have set all the cookies, viewstate, event validation etc. Also tried to encode the special characters in post fields. 我们已经设置了所有cookie，viewstate，事件验证等。还尝试了在post字段中编码特殊字符。

Thanks in Advance. 提前致谢。

-happyhardik -happyhardik

Additions: - We don't have access to the .Net server - We have been giving the same input (login details) to the .Net server everytime we tried - The .Net website works fine in the browser every time (almost 100%) 补充：-我们无权访问.Net服务器-每次尝试都向.Net服务器提供相同的输入（登录详细信息）-每次.Net网站在浏览器中都能正常运行（几乎100％）

3 个解决方案

Either the .NET application is broken, or your code is. .NET应用程序已损坏，或者您的代码已损坏。

First thing to do is figure out what need's fixin': 首先要做的是弄清楚需要解决的问题：

Strip your PHP code down to some "bare essentials" test. 将您的PHP代码简化为一些“基本要点”测试。 The same (valid) username/password, every time. 每次都使用相同（有效）的用户名/密码。 Run it 20 times or so... 运行20次左右...

How often does it succeed? 它多久成功一次？

If you get 20-30% success rate, then it's a problem on the .NET side. 如果您获得20-30％的成功率，那么在.NET方面是一个问题。 (The same inputs to that system are producing different results). （对该系统的相同输入产生不同的结果）。

If you get 100% or 0% success, it's probably something on your side (in some cases, you're sending bad requests) 如果您获得100％或0％的成功率，那可能是您的帮助（在某些情况下，您发送的请求很差）

If you have access to the .NET server (or the people who maintain it), get a look at what's causing the 500 error. 如果您可以访问.NET服务器（或维护该服务器的人员），请查看导致500错误的原因。 There's bound to be some unhandled exception somewhere in their logs. 他们的日志中一定会有一些未处理的异常。

根据我的经验，如果您发送请求的速度过快，某些网站会尝试通过不同类型的错误来减慢您的速度。

We have set all the cookies, viewstate, event validation etc. Also tried to encode the special characters in post fields. 我们已经设置了所有cookie，viewstate，事件验证等。还尝试了在post字段中编码特殊字符。

How do you know that your cookies and viewstate are correct for the machine you are sending the requests from? 您怎么知道您的Cookie和viewstate对于您发送请求的机器是正确的？ Or that they are correct for the server you are sending the requests to? 还是它们对您向其发送请求的服务器是正确的？

ViewState is an encoded representation of the ASP.NET page fields at the time it was sent to a browser, and is encoded based on various things, including the MachineKey of the server, a hash of the page code, and potentially the MAC address of the server - get any one of those wrong for what appears to be a postback and the server will throw an HttpException with a message of "Invalid Viewstate". ViewState是将ASP.NET页面字段发送到浏览器时的一种编码表示形式，它是根据各种因素进行编码的，包括服务器的MachineKey，页面代码的哈希以及可能的MAC地址。服务器-将任何错误归因于似乎是回发，服务器将抛出HttpException消息“ Invalid Viewstate”。

There are any number of other reasons why a server may throw an exception back out at you, ranging from other errors on the site code, through to it being too busy to handle requests, to as Sab suggests active rejecting of your requests. 服务器可能会向您抛出异常的其他原因有很多，从站点代码中的其他错误到太忙而无法处理请求，甚至是Sab建议主动拒绝您的请求。 Your best bet would be to try and work with the site owner to come up with a solution that both parties can work with - however I'm inclined to assume that you're doing some sort of semi-illicit screen scraping that the sites owners wouldn't be two happy with, otherwise they would have already provided you with an API. 最好的选择是尝试与网站所有者合作，提出双方都可以使用的解决方案-但是，我倾向于假设您正在对网站所有者进行某种半非法的屏幕抓取不会很满意，否则他们会已经为您提供了API。