sending data using HttpWebRequest with a login page

Question

I'm trying to send data for this page by using HttpWebRequest class :

www.stage1.darotools.com/Quran.v1.admin/_FormsWizard/CreateForm.asp

but I faced a problem with the login authentication . heres my code :

    System.Text.UTF8Encoding encoding = new System.Text.UTF8Encoding();
    string postData = "ctlMessageID=" + 348;
    postData += ("&ctlUserID=" + 7);
    postData += ("&ctlTitle=" + 7);
    postData += ("&ctlEmail=" + "rrawhi@gmail.com");
    postData += ("&ctlIsSystem=" + 0);
    postData += ("&ctlFormBody=");
    postData += ("&ctlEnableCaptcha=");
    postData += ("&ctlEmailAttachedFiles=");
    postData += ("&ctlMailingList=");
    postData += ("&ctlCommentaryTitle=" + 1);
    postData += ("&ctlIsActive=" + 2);
    postData += ("&ctlCommentaryPersonID=" + 6);
    postData += ("&ctlOrderKey=");
    postData += ("&Commentary_TextControl_html=" + "aaaaaaaaaaaa");
    postData += ("&controlValue4=" + 666666);
    postData += ("&ctlLanguageID=" + 1);
    postData += ("&ctlAya=" + 349);
    postData += ("&PathInfo=" + "dbsFramed, dbsFramed");
    postData += ("&Caller=" + "rawhi");
    byte[] data = encoding.GetBytes(postData);

    // Prepare web request...
    HttpWebRequest myRequest = (HttpWebRequest)WebRequest.Create("http://stage1.darotools.com/Quran.v1.admin/_FormsWizard/CreateForm.asp");
    myRequest.Method = "POST";
    myRequest.ContentType = "application/x-www-form-urlencoded";
    myRequest.ContentLength = data.Length;
    Stream newStream = myRequest.GetRequestStream();
    // Send the data.
    newStream.Write(data, 0, data.Length);
    newStream.Close();

And this is the Login page :

www.stage1.darotools.com/Quran.v1.admin/Login.asp

Thanks in advance.

Answer 1

First off, it looks like you aren't actually sending the request. To send the POST request to the server you need to request the response:

HttpWebResponse response = (HttpWebResponse)myRequest.GetResponse();
string responseContent = null;
using (StreamReader reader = new StreamReader(response.GetResponseStream()))
 {
    //get the text content of the response, if needed
    responseContent = reader.ReadToEnd();
 }

Also, it looks like the page you are posting to is looking for an established and authenticated Session. Try posting credentials to the login page (http://stage1.darotools.com/Quran.v1.admin/Login.asp) first. Set HttpWebRequest.CookieContainer to a new CookieContainer() instance. Then, do another post to the CreateForm.asp page but be sure to set the new HttpWebRequest.CookieContainer object to use the same instance of the CookieContainer you used when you did a POST to the login page. Then the cookies received from the login page will be sent to the CreateForm.asp page and the session will be "maintained" from the server's perspective. For instance:

CookieContainer m_cookies = new CookieContainer();
HttpWebRequest myRequest = (HttpWebRequest)WebRequest.Create("http://stage1.darotools.com/Quran.v1.admin/Login.asp");
...

HttpWebResponse response = (HttpWebResponse)myRequest.GetResponse();
HttpWebRequest formRequest = (HttpWebRequest)WebRequest.Create("http://stage1.darotools.com/Quran.v1.admin/_FormsWizard/CreateForm.asp");
formRequest.CookieContainer = myRequest.CookieContainer;
using (StreamReader reader = new StreamReader(response.GetResponseStream()))
 {
    //get the text content of the response, if needed
    responseContent = reader.ReadToEnd();
 }

Answer 2

Try to use:

myRequest.Credentials = new NetworkCredential("username", "password", "domain"); // domain is not needed in case of forms authentication

If this doesn't work you can authenticate user on login page and passing CookieContainer there and then reuse that CookieContainer when requesting needed page.

Answer 3

Maybe this links will help you:

webrequest login session

keep session id over httpwebrequest

Answer 4

There are a few different things that could be going on here

Try setting some credentials

myRequest.Credentials = CredentialCache.DefaultCredentials;

// if we have a proxy set its creds as well
if( myRequest.Proxy != null )
{
     myRequest.Proxy.Credentials = CredentialCache.DefaultCredentials;
}

And make sure you're setting a UserAgent and Accpet settings as well.

myRequest.UserAgent = "Foo";
myRequest.Accept = "*/*";

If you add these I don't think you will have any issues.