|
|
curl, asp.net and login forms: msg#00038
|
Subject: |
curl, asp.net and login forms |
Hello,
I have a litle php script that used to work but stopped suddenly. I suspect the asp servering host changed some settings.
I searched thru the form and it doesnt have any viewstate in the form nor headers. I use libcurl/7.12.0 OpenSSL/0.9.7a ipv6 zlib/1.2.1.2 libidn/0.5.6 on a linux box.
I used the following code to log in to a asp.NET form. The code used to work until recently when it replies me back the same login form no matter what settings I use.
I define an array postData like this:
$postData[ 'ProcForm' ] = "Process";
$postData[ 'userid' ] = "0";
$postData[ 'Join' ] = 2;
$postData[ 'CheckCookie' ] = "1";
$postData[ 'pmode' ] = "0";
$postData[ 'from' ] = "";
$postData[ 'OrgUserEmail' ] = "";
$postData[ 'misspelledmail' ] = "";
$postData[ 'hidErrorCode' ] = "";
$postData[ 'hidbEmail' ] = "";
$postData[ 'username' ] = $luzer;
$postData[ 'password' ] = $pass;
//$postData[ 'login' ] = "Sign In >";
then I use the following code to login:
$ch = curl_init();
curl_setopt($ch, CURLOPT_POST, 13);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cok);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cok);
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_USERAGENT, $ua);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_HEADER, 1);
//curl_setopt($ch, CURLOPT_HTTPHEADER, $myHeader);
curl_setopt($ch, CURLOPT_REFERER, $ref);
$buf2 = curl_exec ($ch);
curl_close ($ch); unset($ch);
echo $buf2;
I also tried to force curl to use HTTP 1.0 but it doesnt work (i look thru the headers)
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
The form does not use HTTPS. I tried also without the CURLOPT_SLL options but the result is the same.
The remote form issues 2 302 redirects which curl parses well but since I am not logged in I can't access the redirect target and I redirected back to the login form.
I insepcted the asp form very well, it uses _javascript_ but doesn't do any _javascript_ redirection or cookie setting/inspection.
The headers sent back by the asp server after my login attempt:
HTTP/1.1 200 OK
Connection: keep-alive
Date: Fri, 09 Jun 2006 01:32:38 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml",CP="ALL DSP COR CURa ADMa DEVa TAIa OUR BUS UNI COM NAV INT STA"
cache-control: private
pragma: no-cache
cache-control: private
pragma: no-cache
Content-Length: 8686
Content-Type: text/html
Expires: Wed, 01 Mar 2006 02:32:38 GMT
Set-Cookie: CKSPTED=1;
path=/
Cache-control: private
The cookie file is writeable and the cookies show up in it everytime I run the script.
I used livehttpheaders to see whats going on when I sign in thru firefox and I obersed that it redirects to another file then tried to access that with curl after the first login curl_exec but it redirects me to the login form (curl doesnt login).
Another thing that concerns me from what I saw in the headers while comunicating thru firefox:
Content-Type: application/x-www-form-urlencoded
Content-Length: 174
ProcForm=Process&userid=0&Join=2&CheckCookie=1 [...snip...] login=Sign+In+%3E
Does curl encodes the headers to look same way as firefox encodes them ? Could this be the problem?
Any suggestion are greatly appreciated,
Thank you,
--
danyvip
_______________________________________________
http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-and-php
|
Try Searching:
servers, voip, java, networking, microsoft ...
|
|
|
| |
