dongzhao2725 2015-11-26 16:39
浏览 40
已采纳

使用curl登录WS1

I'm trying to login into ws1.com using curl, however whenever i put the POST to true I'm getting error: Bad Request, this is the code that i tried:

<?php
$LOGINURL = "https://secure2.ws1.com/login";
$agent = "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$LOGINURL);
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "_csrf=QTRvNkJKaUoWBFYDBHkLDHFkP0MdMhAPOUZCASR9Xh4ZRDx7BC8LGA%3D%3D&LoginForm%5Bemail%5D=naczzalid%40hotmail.com&LoginForm%5Bpassword%5D=csc1233&LoginForm%5BrememberMe%5D=0&login-button=");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_COOKIEFILE, "cookies.txt");
curl_setopt($ch, CURLOPT_COOKIEJAR, "cookies.txt");
echo $result = curl_exec ($ch);
curl_close ($ch);
?>

Anyone please can explain to me what is the problem in this so i can learn how to do it?

  • 写回答

1条回答 默认 最新

  • douna2633 2015-11-27 20:06
    关注

    I tested some things with this form and if the csrf code is incorrect, then it gives a bad request.

    The csrf value changes for every request and is tied to your cookies. So you need to fetch the login page first and extract the correct csrf code before submitting.

    Working code:

    <?php
$LOGINURL = "https://secure2.ws1.com/login";
$agent = "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$LOGINURL);
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_COOKIEFILE, "cookies.txt");
curl_setopt($ch, CURLOPT_COOKIEJAR, "cookies.txt");
$result = curl_exec ($ch);

// extract csrf token
preg_match('/<input type="hidden" name="_csrf" value="([^"]+)">/i', $result, $csrf);
$csrf = $csrf[1];
$csrf = urlencode($csrf);

curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "_csrf={$csrf}&LoginForm%5Bemail%5D=naczzalid%40hotmail.com&LoginForm%5Bpassword%5D=csc1233&LoginForm%5BrememberMe%5D=0&login-button=");

$result = curl_exec($ch);

curl_close ($ch);

var_dump($result);
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥100 任意维数的K均值聚类
  • ¥15 stamps做sbas-insar,时序沉降图怎么画
  • ¥15 unity第一人称射击小游戏,有demo,在原脚本的基础上进行修改以达到要求
  • ¥15 买了个传感器,根据商家发的代码和步骤使用但是代码报错了不会改,有没有人可以看看
  • ¥15 关于#Java#的问题,如何解决?
  • ¥15 加热介质是液体,换热器壳侧导热系数和总的导热系数怎么算
  • ¥100 嵌入式系统基于PIC16F882和热敏电阻的数字温度计
  • ¥15 cmd cl 0x000007b
  • ¥20 BAPI_PR_CHANGE how to add account assignment information for service line
  • ¥500 火焰左右视图、视差(基于双目相机)