I'm currently developing a Dashboard for users that grabs graph data from another site. To get this graph, it requires you to be logged in.
The form I'm attempting to replicate contains this code:
<form method="POST" action="https://redacted/auth/login" accept-charset="UTF-8" id="loginform" name="loginform"><input name="_token" type="hidden" value="xyxRW0w8ZjHyP7ZvrCFygqcNkPZ37P35wh8NifuC">
<table class="form spaceform">
<tr>
<td class='label'><label for="email">Email address:</label></td>
<td><input name="email" type="text" id="email"></td>
</tr>
<tr>
<td class='label'></td>
<td>
<input id="has_account_new" name="has_account" type="radio" value="new">
<label for="has_account_new">I am a new customer</label><br />
<input id="has_account_return" checked="checked" name="has_account" type="radio" value="return">
<label for="has_account_return">I am a returning customer</label>
</td>
</tr>
<tr>
<td class='label'><label for="password">Password:</label></td>
<td><input name="password" type="password" value="" id="password"></td>
</tr>
<tr>
<td></td>
<td><a href="https://redacted/auth/forgot">Forgot your password?</a></td>
</tr>
<tr>
<td colspan='2' align='center' class='noborder'><br />
<input type="submit" value="Login">
</td>
</tr>
</table>
<input name="_token" type="hidden" value="xyxRW0w8ZjHyP7ZvrCFygqcNkPZ37P35wh8NifuC">
<input type="hidden" name="page_transfer" value="0" />
</form>
and the PHP code I'm currently using to try and login and grab the graphs:
$username = 'demo@demo.com';
$password = 'demo';
$loginUrl = 'https://redacted/auth/login/';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $loginUrl);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, 'email='.$username.'&password='.$password.'&has_account=return&_token=PM2dY2hlbkPLvB97FyjL7cnPwryHXgfiex5050Iy&page_transfer=0');
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
$store = curl_exec($ch);
curl_setopt($ch, CURLOPT_URL, 'https://redacted/ucp/view-graph/157/0/1');
$content = curl_exec($ch);
curl_close($ch);
echo $content;
The current output is HTML redirecting me back to their login form which I'm guessing is because I'm missing something on the POST request. I'm also seeing tokens inside the login form which I'm unsure of, could this be something to-do with it?