I got a problem with managing remote logins.

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Mamsaac
Forum Newbie
Posts: 3
Joined: Sun Aug 31, 2008 11:49 pm

I got a problem with managing remote logins.

Post by Mamsaac »

Ok, the problem is, I believe, not too complex, but I've been working with this script and I got a few problems.

What I want to do is simply to run a script from localhost (my computer) and login into an external site. Then, as a logged user, access a certain page and take the output, then save it in a file.

Now, sending the post data is no problem (I'm not using cURL, but I already managed that problem with another function), so the login isn't big deal. After I login to a certain site, it happens that the site manages the sessions with cookies. So, I receive the output of the cookies:

Code: Select all

HTTP/1.1 302 Found
Date: Mon, 01 Sep 2008 04:44:04 GMT
Server: Apache
Accept-Ranges: bytes
X-Powered-By: PHP/4.4.8
Set-Cookie: MDAAuth=<ENCRYPTEDCOOKIE>; expires=Wed, 01 Oct 2008 04:44:04 GMT; path=/; domain=.<SITE>.com
Set-Cookie: surs_2=<ANOTHERENCRYPTEDVALUE>; path=/; domain=.<SITE>.com
Set-Cookie: purs_2=<ATHIRDANDLASTCOOKIE>; expires=Thu, 30 Aug 2018 04:44:04 GMT; path=/; domain=.<SITE>.com
 
So, my problem is right there. Since cookies work client-side and browsers don't accept cookies that are not created by the domain that will use them, I can't just simply say:

Ok, I decided it could be a good idea to put the code I have so far (it's pretty small as I've been working in other things...).

I took the 'file_post_contents' function from the php manual (a user posted it) and made very little changes.

Code: Select all

<?php
 
function file_post_contents($url, $headers = '') {
    $url = parse_url($url);
 
    if (!isset($url['port'])) {
        if ($url['scheme'] == 'http') {
            $url['port'] = 80;
        }
        else if ($url['scheme'] == 'https') {
            $url['port'] = 443;
        }
    }
    $url['query'] = isset($url['query']) 
                    ? $url['query'] 
                    : '';
 
    $url['protocol'] = $url['scheme'].'://';
    $headers =  "POST ".$url['protocol'].$url['host'].$url['path']." HTTP/1.0".PHP_EOL.
                "Host: ".$url['host'].PHP_EOL.
                "Referer: ".$url['protocol'].$url['host'].$url['path'].PHP_EOL.
                $headers.
                "Content-Type: application/x-www-form-urlencoded".PHP_EOL.
                "Content-Length: ".strlen($url['query']).PHP_EOL.
                PHP_EOL.$url['query'];
    $fp = fsockopen($url['host'], $url['port'], $errno, $errstr, 30);
    if($fp) {
        fputs($fp, $headers);
        $result = '';
        while(!feof($fp)) {
            $result .= fgets($fp, 128);
        }
        fclose($fp);
        return $result;
    }
}
 
$url = 'SITETOLOGIN.COM';
$login = 'LOGIN_NAME';
$pass = 'PASSWORD';
 
/**
 * I will eventually modify this "predatos" array to receive data over _GET 
 * The variables so far are to test with one site.
 */
 
$predatos = Array();
$predatos['EMAILADDR'] = $login;
$predatos['PASSWORD'] = $pass;
$predatos['path'] = 'apath'; //Just one variable I need to post.
$predatos['post'] = 'login'; //Another variable I need to post.
 
/**
 * From here on, I will be deleting many lines of code that would be commented...
 * They were mainly to test what the hell was going on.
 */
$datos = http_build_query($predatos);
$var = file_post_contents($url . '?' . $datos); //file_post_contents makes the login 
                                                //and receives a header response, 
                                                //which contains cookies.
$arrHeaders = split(PHP_EOL, $var); 
 
/**
 * This one is the part when I start to get it wrong.
 * At least from my little shy knowledge, one can use the "Cookie:" header to tell the server
 * So, I take the last "Set-cookie: stuff" response and change it (I already know how it outputs,
 * that's why I'm using exact values). I create a single line.
 * Example of how this line looks: 
Cookie: MDAAuth=<Very big encrypted value>, surs_2=<ANOTHER BIG VALUE>, purs_2=<ANOTHER BIG VALUE> 
 * I actually wonder if I should make several "Cookie: name=vale" lines, one per cookie. Also, I'm 
 * not sure if it should end in a ;
 */
$resultado = 'Cookie: ';
for($i = 5; $i < 8; $i++) {
    $resParcial = substr($arrHeaders[$i], 12);
    $resParcial = split(';', $resParcial);
    $resultado .= $resParcial[0];
    $resultado .= ($i < 7) ? ', ': PHP_EOL;
}
 
/**
 * After creating the Cookie: line, I just try again last function, but now passing headers as
 * parameters.
 */
echo file_post_contents('SITE_THAT_DISPLAYS_INFO_FOR_LOGGED_USERS', $resultado);
 
/**
 * I'm not sure if the site is blocking my actions (I actually have no evil intention in doing 
 * all these... in intentions in hacking, but rather in gathering information for publishing 
 * a weekly list. It takes time to take the info, so I want to make it automatic.
 * Anyway, I said that I'm not sure if the site is blocking my actions because I get a:
 * "Found: The document has moved <a href="link">here</a>"
 * I hope this was detailed enough. Thanks in advance.
 */
?>
After I created a session and retrieved the information, then saving it to a file is a piece of cake... But I'm not sure how to do it.

So, thanks in advance =) This is my first post, I hope I didn't break any rule (I did search the forums and all before posting... and read the sticky topics)
Last edited by Mamsaac on Mon Sep 01, 2008 2:40 am, edited 1 time in total.
Mamsaac
Forum Newbie
Posts: 3
Joined: Sun Aug 31, 2008 11:49 pm

Re: I got a problem with managing remote logins.

Post by Mamsaac »

I made a small edit since nobody was helping. I thought that maybe I wasn't being explicit enough in the situation, so now I posted a good part of the code with lots of descriptive comments =)

Just posting to point it out.
Mamsaac
Forum Newbie
Posts: 3
Joined: Sun Aug 31, 2008 11:49 pm

Re: I got a problem with managing remote logins.

Post by Mamsaac »

Bah, I fixed it. I should have read more in the Internet... so, it was a ; and not a ,.

You can close this or leave it here <_< as you wish.
Post Reply