zobayer1
July 3rd, 2011, 09:35 PM
I am trying to do this for last 2 days. I have used cURL to submit forms to pages, but this time it is slightly different and difficult. The page I am submitting to has 8 hidden fields. So what I did it, first open the page, parse the fields and then submit the login form to target address. But this is not working...
My target is to log in this site http://livearchive.onlinejudge.org/, so I just made a page with a simple form like, page named "la_submit.php"
<html><body>
<form action="la_process.php" method="post" enctype="multipart/form-data">
Username: <input name="username" type="text" maxlength="20" />
Password: <input name="password" type="password" maxlength="20" />
<input name="submit" type="submit" value="Log In" />
</form>
</body></html>
Then in la_process.php, I have done as follows, (well, there are some unused codes, please just ignore them, like file upload part, as I have copied it from my other simpler application)
<?php
if(isset($_POST['submit'])===true) {
extract($_POST);
if($_FILES['srcefile']['error'] == 0) {
// a file has been uploaded
$temp = $_FILES['srcefile']['tmp_name'];
$name = 'upload/'.basename($temp);
move_uploaded_file($temp, $name);
$fp = fopen($name, 'r');
$srcecode = fread($fp, filesize($name));
fclose($fp);
}
}
else { header('location: la_submit.php'); }
$cookie_fname = realpath('cookie').'/'.md5($username . $password . rand(0, 2147483647));
echo '<style type="text/css">pre { padding-left:20px; }</style>';
echo '<hr/><pre>Cookie Filename:<br/>'.$cookie_fname.'</pre>';
$ch = curl_init();
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_fname);
curl_setopt($ch, CURLOPT_URL,"http://livearchive.onlinejudge.org/");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$page = curl_exec($ch);
$info = curl_getinfo($ch);
$loginform = '!';
$data['username'] = $username;
$data['passwd'] = $password;
if(preg_match_all('/<form(.*)>(.*)<\/form>/smU', $page, $matches)) {
foreach($matches[0] as &$value) {
if(preg_match('/id="mod_loginform"/', $value)) {
$loginform = $value;
echo '<hr/><pre>'.htmlspecialchars($loginform).'</pre>';
preg_match_all('/<input.+type="hidden"(.*)>/', $loginform, $hidden);
foreach($hidden[0] as &$field) {
echo '<hr/><pre>'.htmlspecialchars($field).'<br/>';
preg_match('/name="[^\s]*"/', $field, $field_name);
preg_match('/value="[^\s]*"/', $field, $field_value);
$tmp1 = preg_replace('/name="(.*)"/', '$1', $field_name[0]);
$tmp2 = preg_replace('/value="(.*)"/', '$1', $field_value[0]);
echo '['.$tmp1.']['.$tmp2.']</pre>';
$data[$tmp1] = $tmp2;
}
break;
}
}
}
$data['Submit'] = 'Login';
if($loginform == '!') { header('location: la_submit.php'); }
echo '<hr/><pre>';
foreach($data as $tmp1 => $tmp2) {
echo '['.$tmp1.']['.$tmp2.']<br/>';
}
echo '</pre>';
$post_url = '';
foreach($data as $key => $value)
$post_url .= $key.'='.rawurlencode($value).'&';
$post_url = rtrim($post_url, '&');
echo '<hr/><pre>'.$post_url.'</pre>';
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_fname);
curl_setopt($ch, CURLOPT_URL,"http://livearchive.onlinejudge.org/index.php?option=com_comprofiler&task=login");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$page = curl_exec($ch);
$info = curl_getinfo($ch);
echo '<hr/>'.$page. '<hr/>Curl Status: ';
print_r($info);
?>
I always get the response that login failed. "Please log in or register to view or modify your profile. ", can anyone tell me please, what's wrong here...
So, how can I log in successfully here? please help me
Just for information, if you try to test it on your localhost / server, you will need to make two folders named "upload" and "cookie" with write permission for user.
My target is to log in this site http://livearchive.onlinejudge.org/, so I just made a page with a simple form like, page named "la_submit.php"
<html><body>
<form action="la_process.php" method="post" enctype="multipart/form-data">
Username: <input name="username" type="text" maxlength="20" />
Password: <input name="password" type="password" maxlength="20" />
<input name="submit" type="submit" value="Log In" />
</form>
</body></html>
Then in la_process.php, I have done as follows, (well, there are some unused codes, please just ignore them, like file upload part, as I have copied it from my other simpler application)
<?php
if(isset($_POST['submit'])===true) {
extract($_POST);
if($_FILES['srcefile']['error'] == 0) {
// a file has been uploaded
$temp = $_FILES['srcefile']['tmp_name'];
$name = 'upload/'.basename($temp);
move_uploaded_file($temp, $name);
$fp = fopen($name, 'r');
$srcecode = fread($fp, filesize($name));
fclose($fp);
}
}
else { header('location: la_submit.php'); }
$cookie_fname = realpath('cookie').'/'.md5($username . $password . rand(0, 2147483647));
echo '<style type="text/css">pre { padding-left:20px; }</style>';
echo '<hr/><pre>Cookie Filename:<br/>'.$cookie_fname.'</pre>';
$ch = curl_init();
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_fname);
curl_setopt($ch, CURLOPT_URL,"http://livearchive.onlinejudge.org/");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$page = curl_exec($ch);
$info = curl_getinfo($ch);
$loginform = '!';
$data['username'] = $username;
$data['passwd'] = $password;
if(preg_match_all('/<form(.*)>(.*)<\/form>/smU', $page, $matches)) {
foreach($matches[0] as &$value) {
if(preg_match('/id="mod_loginform"/', $value)) {
$loginform = $value;
echo '<hr/><pre>'.htmlspecialchars($loginform).'</pre>';
preg_match_all('/<input.+type="hidden"(.*)>/', $loginform, $hidden);
foreach($hidden[0] as &$field) {
echo '<hr/><pre>'.htmlspecialchars($field).'<br/>';
preg_match('/name="[^\s]*"/', $field, $field_name);
preg_match('/value="[^\s]*"/', $field, $field_value);
$tmp1 = preg_replace('/name="(.*)"/', '$1', $field_name[0]);
$tmp2 = preg_replace('/value="(.*)"/', '$1', $field_value[0]);
echo '['.$tmp1.']['.$tmp2.']</pre>';
$data[$tmp1] = $tmp2;
}
break;
}
}
}
$data['Submit'] = 'Login';
if($loginform == '!') { header('location: la_submit.php'); }
echo '<hr/><pre>';
foreach($data as $tmp1 => $tmp2) {
echo '['.$tmp1.']['.$tmp2.']<br/>';
}
echo '</pre>';
$post_url = '';
foreach($data as $key => $value)
$post_url .= $key.'='.rawurlencode($value).'&';
$post_url = rtrim($post_url, '&');
echo '<hr/><pre>'.$post_url.'</pre>';
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_fname);
curl_setopt($ch, CURLOPT_URL,"http://livearchive.onlinejudge.org/index.php?option=com_comprofiler&task=login");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$page = curl_exec($ch);
$info = curl_getinfo($ch);
echo '<hr/>'.$page. '<hr/>Curl Status: ';
print_r($info);
?>
I always get the response that login failed. "Please log in or register to view or modify your profile. ", can anyone tell me please, what's wrong here...
So, how can I log in successfully here? please help me
Just for information, if you try to test it on your localhost / server, you will need to make two folders named "upload" and "cookie" with write permission for user.