programmatic login with curl
Posted: Fri Sep 02, 2011 10:42 pm
There's a local site where I sometimes buy and sell stuff. Kind of like ebay. I'm trying to log in programmatically so I can perform some account management programmatically. I turned on Fiddler and logged in like normal. I captured all the headers, content, etc....then carefully attempted to build those same headers and content in php and programmatically submit the form with my login credentials. Unfortunately it was an epic fail. The curl_exec sits and spins forever. Never returns. If I kill the browser window executing my php code (locally), the response flushes to a text file. When I examine the file, all I see is gobbldygook, like what you see when unprintable characters are printed.
Before submitting my usn/pwd via programmatic post, I curl to the login page and obtain a sessionid in the cookie header. I grab this and place it in the header going back to the server, which seems to me simulates what the server wants. Here's my function:
I must be doing some things wrong. Any ideas?
Before submitting my usn/pwd via programmatic post, I curl to the login page and obtain a sessionid in the cookie header. I grab this and place it in the header going back to the server, which seems to me simulates what the server wants. Here's my function:
Code: Select all
function Login($email, $password, $sessionID){
$url = "http://www.ksl.com/public/member/signin";
$post_data["member[email]"] = $email;
$post_data["member[password]"] = $password;
$headerArray = array(
"Accept: image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*",
"Referer: http://www.ksl.com/public/member/signin",
"Accept-Language: en-US",
"User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2;)",
"Content-Type: multipart/form-data; boundary=---------------------------7db29d24150a56",
"Accept-Encoding: gzip, deflate",
"Host: www.ksl.com",
"Content-Length: 682",
"Connection: Keep-Alive",
"Pragma: no-cache",
"Cookie: PHPSESSID=" . $sessionID . "; s_cc=true; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|2730AD6F85011AD9-6000010FC023FD31[CE]; _chartbeat2=jsxshjtoqwh4xhbe"
);
//traverse array and prepare data for posting (key1=value1)
foreach ($post_data as $key => $value) {
$post_items[] = $key . '=' . $value;
}
//create the final string to be posted using implode()
$post_string = implode('&', $post_items);
//create cURL connection
$curl_connection = curl_init($url);
//set options
curl_setopt($curl_connection, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($curl_connection, CURLOPT_USERAGENT, $userAgent);
curl_setopt($curl_connection, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl_connection, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl_connection, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($curl_connection, CURLOPT_HTTPHEADER, $headerArray);
curl_setopt($curl_connection, CURLOPT_POSTFIELDS, $post_string);
//execute post
$result = curl_exec($curl_connection);
WriteFile("KSL_login.txt",$result . "\n\rcurl_getinfo: " . curl_getinfo($curl_connection) . "\n\rError: " . curl_error($curl_connection));
//close the connection
curl_close($curl_connection);
return $result;
}