Retrieving login cookie with php curl or c# -


i need programmatically log remote site, login cookie, go site has iframe checks cookie, display dashboard.

from gather, process appears be.

  1. go login page, retrieve login cookie (zend form)
  2. post username , password php form
  3. retrieve login cookie (phpsessid)
  4. store cookie in web browser file location or open c# view. preferably safari
  5. go hosted dashboard iframe, checks cookie.

i followed guide , able login first site , output html of page behind form.

login website, via c#

i tried modifying script use cookie container open request test server have iframe, , open in web browser. not appear work.

i believe php curl better way of achieving interacts directly web browser. guessing make storing cookie easier.

here c# script, able login. made quick bash command inserts sites url relative src , href references see if page load "test.html" file. not work

        system.net.cookiecollection cookies = new system.net.cookiecollection();         system.net.httpwebrequest request = (system.net.httpwebrequest)system.net.webrequest.create("http://surepathprofile.spower.com/entry");          request.cookiecontainer = new system.net.cookiecontainer();         request.cookiecontainer.add(cookies);         //get response server , save cookies first request..         system.net.httpwebresponse response = (system.net.httpwebresponse)request.getresponse();         cookies = response.cookies;          string geturl = "http://surepathprofile.spower.com/entry/login";         string postdata = string.format("username={0}&password={1}&submit={2}", "###username###", "####password####", "submit");         system.net.httpwebrequest getrequest = (system.net.httpwebrequest)system.net.webrequest.create(geturl);         getrequest.cookiecontainer = new system.net.cookiecontainer();         getrequest.cookiecontainer.add(cookies); //recover cookies first request         getrequest.method = system.net.webrequestmethods.http.post;         getrequest.useragent = "mozilla/5.0 (macintosh; intel mac os x 10_9_5) applewebkit/537.36 (khtml, gecko) chrome/40.0.2214.115 safari/537.36";         getrequest.allowwritestreambuffering = true;         getrequest.protocolversion = system.net.httpversion.version11;         getrequest.allowautoredirect = true;         getrequest.contenttype = "application/x-www-form-urlencoded";          byte[] bytearray = system.text.encoding.ascii.getbytes(postdata);         getrequest.contentlength = bytearray.length;             system.io.stream newstream = getrequest.getrequeststream(); //open connection         newstream.write(bytearray, 0, bytearray.length); // send data.         newstream.close();          system.net.httpwebresponse getresponse = (system.net.httpwebresponse)getrequest.getresponse();         cookies = response.cookies;          geturl = "http://104.131.149.136/"; //test server iframe         getrequest = (system.net.httpwebrequest)system.net.webrequest.create(geturl);         getrequest.cookiecontainer = new system.net.cookiecontainer();         getrequest.cookiecontainer.add(cookies); //recover cookies first request          getresponse = (system.net.httpwebresponse)getrequest.getresponse();          string sourcecode = "";         system.io.stream recievestream = getresponse.getresponsestream();         using (system.io.streamreader sr = new system.io.streamreader(recievestream))         {              sourcecode = sr.readtoend();                        }          system.console.write (sourcecode);          system.io.file.writealltext("test.html", sourcecode);           system.windows.forms.webbrowser webbrowser = new system.windows.forms.webbrowser();         webbrowser.documentstream = recievestream;

edit:

i made script using php curl, still doesn't work. appears creating phpsid 1 step closer. think since domain wrong (my server) instead of theirs not work.

session_start();         echo session_id();         $username = 'asd';     $password = 'asd';     $loginurl = 'http://surepathprofile.spower.com/entry/login';     $loginform = 'http://surepathprofile.spower.com/entry/';      //init curl     $ch = curl_init();        //curl_setopt($ch,curlopt_cookiejar, "cookie.txt");     //curl_setopt($ch,curlopt_cookiefile, "cookie.txt")       //$store = curl_exec($ch);      curl_setopt($ch, curlopt_url, $loginurl);      // enable http post     curl_setopt($ch, curlopt_post, 1);      //set post parameters     curl_setopt($ch, curlopt_postfields, 'user='.$username.'&pass='.$password.'&submit=submit');      //handle cookies login     curl_setopt($ch, curlopt_cookiejar, 'cookie.txt');        curl_setopt($ch,curlopt_useragent, "mozilla/5.0 (macintosh; intel mac os x 10_9_5) applewebkit/537.36 (khtml, gecko) chrome/40.0.2214.115 safari/537.36");     curl_setopt($ch,curlopt_ssl_verifypeer, false);     curl_setopt($ch,curlopt_cookiejar, "cookie.txt");     curl_setopt($ch,curlopt_cookiefile, "cookie.txt");        //setting curlopt_returntransfer variable 1 force curl     //not print out results of query.     //instead, return results string return value     //from curl_exec() instead of usual true/false.     curl_setopt($ch, curlopt_returntransfer, 1);      //execute request (the login)     $store = curl_exec($ch);      //the login done , can continue     //protected content.      //set url protected file     //curl_setopt($ch, curlopt_url, 'http://104.131.149.136/');      //execute request     //$content = curl_exec($ch);      print_r(curl_error($ch));     print_r(curl_getinfo($ch));     print_r(curl_errno($ch));

without username , password not test. here need.

to cookies, not need, , possibly never need:

curl_setopt($ch,curlopt_ssl_verifypeer, false);

if post fields done this, may need url encoded urlencode()

   curl_setopt($ch, curlopt_postfields, 'user='.$username.'&pass='.$password.'&submit=submit');

when post data in array, encode not needed because curl change content type encoded:

content-type: application/x-www-form-urlencoded

to

 content-type: multipart/form-data

you can try cookie jar, work:

 curl_setopt($ch,curlopt_cookiefile, "cookie.txt")

but have own routine handle cookies. not going explain when need use routine gets involved. not hurt use routine time, do.

this php code should want. (untested)
header on first line stuff echoed @ end of script
request headers ($request) make http request browser request, not needed. sites require login made browser.

it important below followlocation true

when site purposely tries fool curl programmers, have set:

curl_setopt($ch, curlopt_followlocation, false);

put code in loop, , follow request (after curl_exec()) with:

$status = intval(curl_getinfo($ch,curlinfo_http_code)); if ($status > 299 && $status < 400){   $location = curl_getinfo($ch,curlinfo_redirect_url ); }

then repeat code on again because there redirects. keep repeating code until there no more requests. (e.g. http code: 200

cookiesession used on first request clear curl cookies.

curl_setopt($ch, curlopt_cookiesession , true );

i broke curl_setopt 4 sections.
returntransfer, followlocation used
post, postfields, , httpheader depend on type of request
encoding not needed, here, because used accept-encoding: gzip, deflate in httpheader, thing have when don't want result gzipped.
connecttimeout, timeout , failonerror highly recommended not required.

untested php

(untested because did not have password)

<?php  header('content-type: text/plain; charset=utf-8');   $user = ""; $pass = "";  $post = array('username'=>$user,'password'=>$pass,'submit'=>'submit');   $request = array(); $request[] = 'host: surepathprofile.spower.com'; $request[] = 'connection: keep-alive'; $request[] = 'pragma: no-cache'; $request[] = 'cache-control: no-cache'; $request[] = 'accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8'; $request[] = 'user-agent: mozilla/5.0 (windows nt 5.1) applewebkit/537.36 (khtml, gecko) chrome/41.0.2272.101 safari/537.36'; $request[] = 'dnt: 1'; $request[] = 'origin: http://surepathprofile.spower.com'; $request[] = 'referer: http://surepathprofile.spower.com/entry/login'; $request[] = 'accept-encoding: gzip, deflate'; $request[] = 'accept-language: en-us,en;q=0.8';   $url = 'http://surepathprofile.spower.com/entry/login'; $ch = curl_init($url);  curl_setopt($ch, curlopt_returntransfer, true); curl_setopt($ch, curlopt_followlocation, true);  curl_setopt($ch, curlopt_post, true); curl_setopt($ch, curlopt_postfields, $post); curl_setopt($ch, curlopt_httpheader, $request); curl_setopt($ch, curlopt_encoding,"");  curl_setopt($ch, curlopt_connecttimeout, 100); curl_setopt($ch, curlopt_timeout,100); curl_setopt($ch, curlopt_failonerror,true); curl_setopt($ch, curlopt_encoding,"");  curl_setopt($ch, curlopt_verbose, true); curl_setopt($ch, curlopt_httpheader, $request); curl_setopt($ch, curlinfo_header_out, true); curl_setopt($ch, curlopt_header, true);   $data = curl_exec($ch); if (curl_errno($ch)){     $data .= 'retreive base page error: ' . curl_error($ch); } else {   $info = rawurldecode(var_export(curl_getinfo($ch),true));   // cookies:    $skip = intval(curl_getinfo($ch, curlinfo_header_size));    $requestheader= substr($data,0,$skip);   $e = 0;   while(true){     $s = strpos($requestheader,'set-cookie: ',$e);     if (!$s){break;}     $s += 12;     $e = strpos($head,';',$s);     $cookie = substr($requestheader,$s,$e-$s) ;     $s = strpos($cookie,'=');     $key = substr($cookie,0,$s);     $value = substr($cookie,$s);     $cookies[$key] = $value;   }  // create cookie subsequent requests:   $cookie = '';  $show = '';  $head = '';  $delim = '';  foreach ($cookies $k => $v){    $cookie .= "$delim$k$v";    $delim = '; ';  }  echo <<<eot use $cookies this:  curl_setopt($ch, curlopt_cookiesession , true ); curl_setopt($ch, curlopt_cookie, $cookie );   header:  $requestheader  cookie:  $cookie   info: $info  data  :  $data    eot;

-

Popular posts from this blog