stackoom
  简体   繁体   中英

Login to website using cURL and PHP

 原文  2015-09-22 17:56:10       php/ html/ json/ curl/ web

Question

Hey I am trying to login to the NJIT site to check if username and password are correct. For some reason I keep getting rejected even if I use correct credentials. Also how do I strip the $result to check if it contains "Fail" which would mean the credentials were wrong. Here is my code.

Main: 

<?PHP
session_start();
require_once('functions.php');

//$UCID=$_POST['UCID'];
//$Pass=$_POST['Pass'];

$UCID="jko328";
$Pass="password";
$credentialsNJIT="user=".$UCID."&pass=".$Pass;

$njit_url="https://cp4.njit.edu/cp/home/login";

$njit_result=goCurlNJIT($credentialsNJIT, $njit_url);
echo $result;

?>

Here is the cURL function: 

function goCurlNJIT($postdata, $url){

session_start();

  $ch = curl_init();
    curl_setopt ($ch, CURLOPT_URL, $url);
    curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
    curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($ch, CURLOPT_PROTOCOLS, CURLPROTO_HTTPS);
    curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
    curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true);
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt ($ch, CURLOPT_REFERER, $url);
    curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);
    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
    curl_setopt ($ch, CURLOPT_POST, true);

    $result = curl_exec($ch);
    curl_close($ch);

    if(strpos($result, "Failed") === false){
       $response = "NJIT did not like credentials";
    }
    else{
       $response = "NJIT liked your credentials";
       }

echo $response;

}

2 answers

solution1
 0  2015-09-22 18:39:08

Actually when we load a page it saves the cookie and send it . So to sign in you first need to acess the page without credential and save the cookies . In next request you need to send the cookies . To avoid bot script login usually websites have dynamic hidden fields and other securities .. in this case you cant log on .

solution2
 0  2015-09-23 01:31:46

I'm updating the function too much and making it way more flexible. --You can update it further more if you want.

First and most importantly , you need to create a text file named cookie.txt in the directory where your scrapping file is. 

function goCurlNJIT($header = array(), $url, $post = false)
    {       
        $cookie = "cookie.txt";
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate,sdch');
        if (isset($header) && !empty($header))
        {
            curl_setopt($ch, CURLOPT_HTTPHEADER, $header);

        }
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_HEADER, 0);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($ch, CURLOPT_TIMEOUT, 200);
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
        curl_setopt($ch, CURLOPT_MAXREDIRS, 5);
        curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36");
        curl_setopt($ch, CURLOPT_COOKIEJAR, realpath($cookie));
        curl_setopt($ch, CURLOPT_COOKIEFILE, realpath($cookie));
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
        curl_setopt($ch, CURLOPT_REFERER, $url);

        //if it's a POST request instead of GET

        if (isset($post) && !empty($post) && $post)
        {
            curl_setopt($ch, CURLOPT_POST, true);
            curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
        } //endif
        $data = curl_exec($ch);
        curl_close($ch);
        if($info['http_code'] == 200){
            return ($data);     //this will return page on successful, false otherwise
        }else{
            return false;
        }
    }

if you'd paid a close look to Requested Headers , you can notice that there is one unusual header there, that is Upgrade-Insecure-Requests:1 (I personally haven't seen this before, so it's wise to send this along with request).

Next the request that you're posting is not like as it should be, you're missing stuff. 

$UCID="jko328";
$Pass="password";
$credentialsNJIT="user=".$UCID."&pass=".$Pass;    // where is uuid?

it should be something like this. You're skipping uuid from post string . 

pass=password&user=jko328&uuid=0xACA021

so putting altogether, 

$post['user'] = "jko328";
$post['pass'] = "password";
$post['uuid'] = '0xACA021';
$urlToPost = "https://cp4.njit.edu/cp/home/login";
$header['Upgrade-Insecure-Requests'] = 1;
//Now make call to function, and it'll work fine.
echo goCurlNJIT($header, $urlToPost, http_build_query($post));

and this will work fine. Make sure you've created cookie.txt file in the directory where your this scripts is.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Login to website using PHP and CURL login into website using the username and password in php curl How to login to a website using curl and PHP? automated login to remote website using curl php Trying to login to an ASPX website using PHP and cURL Remote login on website using php, curl and api PHP cURL Login Into Website using curl to login into a website curl login using php in asp.net website Login to other website using cURL?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM