cUrl Login - Token Problem

by hanisnl

Posted: 10 years ago 2 replies

PROGRAMMING

Hi everybody !

I have this current problem .. I need to login into a website via cUrl .. website : www.v-tac [dot] ro/

Now based on the headers and based on the input fields I wrote a php function, but I hit a wall with the token .

HEADERS :

PHP Code:

  username=username&password=password&Submit=Conectare&option=com_users&task=user.login&return=aW5kZXgucGhwP0l0ZW1pZD0yMTY%3D&0dbf64fe20e2395a7d72ed5b64b3cf7c=1

FORM FIELDS - copy paste - this is the login form

HTML Code:

<fieldset class="userdata">
    
<p id="form-login-username">
        <label for="modlgn-username">Nume Utilizator</label>
        <input id="modlgn-username" type="text" name="username" class="inputbox" size="18">
    </p>
    <p id="form-login-password">
        <label for="modlgn-passwd">Parola</label>
        <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18">
    </p>
        <p id="form-login-remember">
        <label for="modlgn-remember">Retine utilizator</label>
        <input id="modlgn-remember" type="checkbox" name="remember" class="inputbox" value="yes">
    </p>
    
    <input type="submit" name="Submit" class="button" value="Conectare">
    <input type="hidden" name="option" value="com_users">
    <input type="hidden" name="task" value="user.login">
    <input type="hidden" name="return" value="aW5kZXgucGhwP0l0ZW1pZD0yMTY=">
    <input type="hidden" name="11b09608b3184e6258012d44846c81ed" value="1">    

</fieldset>

And this is the function I wrote to do the cUrl login :

PHP Code:

  function login_to_website($targetURL){ 

 
    global $browser_user_agent; 

    if(empty($targetURL)) { return; } 

    if(empty($login_url)) { $login_url = $targetURL; } 

    $url = $login_url; 

 
    $login_user     = "loginusername"; 

    $login_password = "loginpassword"; 

    $thetoken       = "this-is-my-problem-the-token-from-the-hidden-input";         

 
    $post_data = array();    

    $post_data['username']  = "$login_user";  

    $post_data['password']  = "$login_password";  

    $post_data['Submit']    = "Conectare"; 

    $post_data['option']    = "com_users"; 

    $post_data['task']      = "user.login"; 

    $post_data['return']    = "aW5kZXgucGhwP0l0ZW1pZD0yMTY%3D"; 

    $post_data[$thetoken]   = "1";           

 
    $postthis = http_build_query($post_data); 

 
    $login = curl_init(); 

 
    curl_setopt($login, CURLOPT_COOKIEJAR, dirname(__FILE__) . "/cookie.tmpz"); 

    curl_setopt($login, CURLOPT_COOKIEFILE, dirname(__FILE__) . "/cookie.tmpz"); 

    curl_setopt($login, CURLOPT_VERBOSE, true); 

    curl_setopt($login, CURLOPT_URL, $url); 

    curl_setopt($login, CURLOPT_USERAGENT, random_user_agent()); 

    curl_setopt($login, CURLOPT_FOLLOWLOCATION, TRUE); 

    curl_setopt($login, CURLOPT_RETURNTRANSFER, TRUE);   

    curl_setopt($login, CURLOPT_POST, TRUE); 

    $timeout = 5; 

    curl_setopt( $login, CURLOPT_CONNECTTIMEOUT, $timeout ); 

    curl_setopt( $login, CURLOPT_TIMEOUT, $timeout ); 

    curl_setopt( $login, CURLOPT_MAXREDIRS, 10 );    

 
    curl_setopt($login, CURLOPT_POSTFIELDS, $postthis); // POST vars 

 
    curl_setopt($login, CURLOPT_HEADER, 0); // debug headers sent - 1 

 
      $data = curl_exec ($login); 

 
      curl_setopt($login, CURLOPT_URL, $targetURL); 

 
      $datax = curl_exec ($login); 

      return $datax; 

 
      // close cURL resource, and free up system resources 

      curl_close($login); 

}

The problem is this the last array input.
the token is generated each time the page is loaded, located on the page as an input hidden field .

So the question is how do I get a fresh token that will work ?

Also I have tried to get the token with a xpath extract like this :

PHP Code:

      $htmlx = file_get_contents('http://www.v-tac.ro'); 

    $htmlx = mb_convert_encoding($htmlx, 'UTF-8', mb_detect_encoding($htmlx)); //make sure this is utf8 

    if(!strlen($htmlx)) {echo "No HTML here . stoping execution ."; return;} 

    $doc = new DomDocument; 

    @$doc->loadHTML($htmlx); 

    $xpath = new DOMXPath($doc); 

 
    echo $xpath->query('//fieldset[@class="userdata"]/input[5]')->item(0)->getAttribute("name"); 

    $thetoken = $xpath->query('//fieldset[@class="userdata"]/input[5]')->item(0)->getAttribute("name");

Help !?

#curl #login #problem #token

KirkMcD 10 years ago

Also I have tried to get the token with a xpath extract like this :

And what happens?
Have you tried to use curl to get the page?
You might want to keep your useragent consistent for the entire session.
- Thanks
- 1 reply
{{ DiscussionBoard.errors[9561873].message }}
- hanisnl 10 years ago
  
  SOLVED !
  
  Never ever mix file_get_contents and cUrl ... must use curl in all instances and it works great ..
  
  thanks anyway !
  
  Thanks
  
  {{ DiscussionBoard.errors[9562380].message }}

cUrl Login - Token Problem

Trending Topics

How do I effectively build and nurture an email list for affiliate marketing purposes?

Are Solo ADs the Most Cost Effective Way to Promote your Product?

Are billboards still effective in driving customers?

Been a while! Any of you Old Timers here?

How much does the rebranding affect CR ?