dongqiang5541 2017-02-04 08:11
浏览 46
已采纳

使用asp.net url设置密码字段的发布数据

I'm trying to login to this asp.net page from my PHP code, (set username field value, set password field value, press button and then check where it is redirected.) I can set the username field, but for some reason I cannot set the password field (see line 226 in HTML file).

<?php
$url = "https://www.lectio.dk/lectio/518/login.aspx";
$ckfile = tempnam("/tmp", "CURLCOOKIE");
$useragent = 'Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.2 (KHTML, like Gecko) Chrome/5.0.342.3 Safari/533.2';

$username = "XXXXXXX";
$password = "XXXXXXX";


$f = fopen('log.txt', 'w'); // file to write request header for debug purpose

/**
    Get __VIEWSTATE & __EVENTVALIDATION
 */
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_COOKIEJAR, $ckfile);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);

$html = curl_exec($ch);

curl_close($ch);

preg_match('~<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="(.*?)" />~', $html, $viewstate);
preg_match('~<input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="(.*?)" />~', $html, $eventValidation);

$viewstate = $viewstate[1];
$eventValidation = $eventValidation[1];

/**
 Start Login process
 */
$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, false);
curl_setopt($ch, CURLOPT_COOKIEJAR, $ckfile);
curl_setopt($ch, CURLOPT_COOKIEFILE, $ckfile);
curl_setopt($ch, CURLOPT_HEADER, FALSE);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_REFERER, $url);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_STDERR, $f);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);

// Collecting all POST fields
$postfields = array();
$postfields['__EVENTTARGET'] = "m_Content_submitbtn2";
$postfields['__EVENTARGUMENT'] = "";
$postfields['__VIEWSTATE'] = $viewstate;
$postfields['__EVENTVALIDATION'] = $eventValidation;
$postfields['m$Content$username2'] = $username;
$postfields['m$Content$password2'] = $password;

curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);
$ret = curl_exec($ch); // Get result after login page.
$last_url = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
print $last_url;
?>
  • 写回答

1条回答 默认 最新

  • dragonlew9876 2017-02-04 08:31
    关注

    From what I can see the password seems to be sent through the POST field m$Content$passwordHidden. Try changing $postfields['m$Content$password2'] = $password; to $postfields['m$Content$passwordHidden'] = $password;

    Edit: I found something else you can change. When I send a login request I have __EVENTTARGET set to m$Content$submitbtn2 and __VIEWSTATEX instead of __VIEWSTATE so:

    preg_match('~<input type="hidden" name="__VIEWSTATEX" id="__VIEWSTATEX" value="(.*?)" />~', $html, $viewstate);
    ...
    $postfields['__EVENTTARGET'] = "m$Content$submitbtn2";
    ...
    $postfields['__VIEWSTATEX'] = $viewstate;
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 关于模型训练的一个问题
  • ¥15 装了几千台服务器从来没遇到这种问题,哎看下哪位帮我解决吧
  • ¥15 单片机程序上的困难问题
  • ¥15 请教某软件缓存Ts文件破解合并mp4的方法
  • ¥15 求小游戏炸弹人中关于敌人的C++代码
  • ¥15 拿到这个服务器最高权限有偿
  • ¥50 来个抓app跳转支付宝转链接的
  • ¥15 remotes安装提示没有description文件
  • ¥15 AttributeError: 'NoneType' object has no attribute 'drop_duplicates'报错
  • ¥15 以下代码,运行结果报错