Page 1 of 1

Help: Automate Login & Webpage Forms

Posted: Sat Jun 28, 2008 10:16 pm
by gumOnShoe
Hi I'm attempting to develop some tools for a website that I frequent. http://www.newgrounds.com

I'm using cURL to load information from webpages and then eventually submitting results to a form. I can only submit results to the form if I'm logged in. If I don't use cURL, then I can do something like

Code: Select all

 
<form action="http://www.newgrounds.com/bbs/somephpdocument.php" method="get">
User 1: <input type="hidden" name="var1" value ="data"><br>
User 2: <input type="text" name="var2" value="data"><br>
<input type="hidden" name="action" value="1">
<input type="submit" value="Submit">
</form>
 
The actual php document is unimportant, but the point is that this allows me to use forms that I can only use when I'm logged in.

So, I'd like to know how I might log in while using cURL, as the following fails while trying to do the same thing:

Code: Select all

$curlID = curl_init('http://www.newgrounds.com/bbs/somephpdocument.php);
curl_setopt($curlID,CURLOPT_POST,1);
curl_setopt ($curlID, CURLOPT_POSTFIELDS, "var1=$data1&var2=$data2&action=1");
curl_setopt ($Curl_Session, CURLOPT_FOLLOWLOCATION, 1);
curl_exec ($curlID);
curl_close ($curlID);
This code fails to give me the result, as the page I'm trying to navigate to wants me to login.

This hear appears to be the code used to log in:

Code: Select all

 
<form method="post" action="http://www.newgrounds.com/account/" id="loginboxform" onsubmit="AttemptLogin();return(false);">
 
<ul>
  <li><a href="http://www.newgrounds.com/join">Not a member? SIGN UP!</a></li>
 
  <li><input type="submit" class="hiddensubmit" value="s" /><a href="http://www.newgrounds.com/join/forgot">Forgot login?</a></li>
</ul>
 
<p>
  <strong>USERNAME:</strong>
  <input type="text" name="lb_username" id="lb_username" maxlength="20" class="inputfield formtext" />
</p>
<p>
 
  <strong>PASSWORD:</strong>
  <input type="password" name="lb_userpass" id="lb_userpass" maxlength="10" class="inputfield formtext" />
</p>
 
<div id="loginbox_button">
  <p class="save">
    <input type="checkbox" name="lb_remember" id="lb_remember" value="on" />
    <a class="textclick" href="javascript&#058;HandleClick('lb_remember');">Save Info!</a>
 
  </p>
  <span class="btn"><a href="javascript&#058;AttemptLogin();">Jack In!&nbsp;></a></span>
</div>
<div id="loginbox_animation_login" class="hidecode">
  <p class="save"><strong class="status">Logging in&hellip;</strong></p>
</div>
 
</form>
 
Just from looking at it, and with my recently acquired knowledge of forms (this is my first venture into anything more than a static webpage (though I'm quite familiar with programming software)), the important values seem to be:

lb_username
lb_userpass

I'd assume that if I set those, and then were able to call: javascript:AttemptLogin();

that I could then log in.

I'm still very much new to php though, and I do not know its limitations. I've seen that it is possible to log into gmail with the following code, but that seems to be a different sort of task, and I'm not sure how to apply it here. (note the code is kind of glitchy, some '[' need to be replaced with '<' due to the forum it was originally placed on.

Code: Select all

<?php
// Username/pass
$username = 'elbekko';
$password = "80236045";
 
// Initialise cURL
$c = curl_init('https://'.$username.':'.$passwo
rd.'@gmail.google.com/gmail/feed/atom');
 
// We are defining headers here! The cookie doesn't matter, I just took one of my old ones =) If you leave the headers out, it will NOT WORK
// I took these from firefox with LiveHTTPHeaders when opening the feed, and removed unneeded ones
$headers = array(
"Host: mail.google.com",
"User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.0.4) Gecko/20060508 Firefox/1.5.0.4",
"Accept: text/xml,application/xml,application/xhtml
+xml,text/html;q=0.9,text/plain;q=0.8,imag
e/png,*/*;q=0.5",
"Accept-Language: en-gb,en;q=0.5",
"Accept-Encoding: text", # No gzip, it only clutters your code!
"Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Cookie: GX=DQAAAGwAAABOuf-Go9DoiR7F6-gFELuk7NpDDtV
SCSLxSB1sjgOJgq_4CB2BRFzLFk84DnOSzAEXZy-vJ
K-AGjvhtu6IUaUnJ2WOpYyv2MaDleaDR0R7It9Am5m
FG6i5kHMBOVugeUtyrR2N0ideLWw55PFpEIOg; GMAIL_AT=8879d3f33773aeb1-10bb52e204b; GMAIL_LOGIN=1149795949203/1149795949203/11
49795965875/1149795967531/1149795968015/11
49795970062/1149795970906/false/false; TZ=-120; GMAIL_RTT=47; GMAIL_LOGIN=T1149795949203/1149795949203/1
149795965875; SID=DQAAAGsAAABZIFzNinP2L98jk-2AfOySfLyN71
ST4NUjclt-vBovwmQxL23F4cX8xhBsso_hIVOdDBMa
XhKMxQJtCvPTMUZaG7i_HTiXjdJH80-kurWP4yTn0U
eOXk856Kz4rbFISLoPqigw8NNgDmwvklbClUet; S=gmail=t2x3QxCmf34:gmail_yj=7YxC8N0srqY:g
mproxy=S-dkzk2Cgas:gmproxy_yj=7IXK8bAXG1U; PREF=ID=10f88613f4bbde6f:TM=1149795971:LM=
1149795971:GM=1:S=WuznVPgf8tKv7cTA\n",
"Date: ".date(DATE_RFC822)
);
// We set some options
curl_setopt($c, CURLOPT_HTTPAUTH, CURLAUTH_ANY); // use authentication
curl_setopt($c, CURLOPT_HTTPHEADER, $headers); // send the headers
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1); // We need to fetch something from a string, so no direct output!
curl_setopt($c, CURLOPT_FOLLOWLOCATION, 1); // we get redirected, so follow
curl_setopt($c, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 1);
curl_setopt($c, CURLOPT_UNRESTRICTED_AUTH, 1); // always stay authorised
curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 1);
 
// Show the result
$str = curl_exec($c); // Get it
preg_match('#<fullcount>(.*)</fullcount>#'
, $str, $array); // Use a regex to get what's between <fullcount>(.*)</fullcount>
echo 'New messages in [a href="http://gmail.com">Gmail inbox[/a>: '. $array[0]; // Output it
 
curl_close($c); // Close the curl stream
?>