dongqiaogouk86049 2016-02-14 11:11

已采纳

使用cURL检索网站HTML页面，其中包含当前会话和安全页面上的cookie数据

Question fully revised on: Feb. 19th

The thing i want (in short):

I would like to get an HTML page using cURL that is secured with a user login(at time of cURL request the user is logged in with rights to the page).

More detailed:

The situation is that the user is on a webpage like index.php?w=2344&y=lalala&x=something which is secured(by security script class.Firewizz.Security.php). On that page there is a "print as pdf" button. This sends the user to the page getPDF.php this page sees where the request is coming from and gets that page using cURL and that output will be send to the browser as PDF print.

But for now i set the page variable static in the getPDF.php page so it does not check the referrer and i am 100% sure the page it try's to get is correct.

Also the output is just echoed as is and is not yet converted to PDF just so that won't interfere with the problem.

Expected output is now the same as it would be if the user goes to the page. except this is not the case, the user gets nothing.

What do we know? We know that the $_SESSION data is NOT being send to the cURL, i know this for a fact because i echoed the $_SESSION data on the output file which says they are empty.

After a lot of trying we still have no solution what so ever, still no '$_SESSION' data.

I do not want to compromise security script in any way, so the solution "remove ini_set('session.use_only_cookies', 1); is NOT what i am looking for."

On request(for the ones that are dedicated to help) i can send full script files but i will post relevant snippets below.

class.Firewizz.Security.php

<?php

/*
 * Firewizz UserLogin
 */

namespace Firewizz;



class Security
{

     // Start the session, with Cookie data
    public function Start_Secure_Session()
    {
        // Forces sessions to only use cookies.
        ini_set('session.use_only_cookies', 1);

        // Gets current cookies params
        $cookieParams = session_get_cookie_params();

        // Set Cookie Params
        session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $cookieParams["domain"], $this->isHTTPS, $this->deny_java_session_id);
        // Sets the session name
        session_name($this->session_name);

        // Start the php session
        session_start();

        // If new session or expired, generate new id
        if (!isset($_SESSION['new_session']))
        {
            $_SESSION['new_session'] = "true";

            // regenerate the session, delete the old one.
            session_regenerate_id(true);
        }
    }

    // Check of user is logged in to current session, return true or false;
    public function LOGGED_IN()
    {
        return $this->_login_check();
    }

    public function LOGOUT()
    {
    // Unset all session values
        $_SESSION = array();

        // get session parameters
        $params = session_get_cookie_params();

        // Delete the actual cookie.
        setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
        // Destroy session
        session_destroy();
        if (!headers_sent())
        {
            header("Location: " . $this->login_string, true);
        }
        else
        {
            echo '<script>window.location="/"</script>';
        }
    }

    // Must pass variables or send to login page!
    public function BORDER_PATROL($user_has_to_be_logged_in, $page_loaded_from_index)
    {
        $pass_border_partrol = true;

        if (!$this->LOGGED_IN() && $user_has_to_be_logged_in)
        {
            $pass_border_partrol = false;
        }
        if (filter_input(INPUT_SERVER, "PHP_SELF") != "/index.php" && $page_loaded_from_index)
        {
            $pass_border_partrol = false;
        }

        // Kick to login on fail
        if (!$pass_border_partrol)
        {
            $this->LOGOUT();
            exit();
        }

    }

    // Catch login, returns fail string or false if no errors
    public function CATCH_LOGIN()
    {
        if (filter_input(INPUT_POST, "id") == "login" && filter_input(INPUT_POST, "Verzenden") == "Verzenden")
        {
            // Variables from form.
            $email = filter_input(INPUT_POST, "email");
            $sha512Pass = filter_input(INPUT_POST, "p");

            // Database variables
            $db_accounts = mysqli_connect($this->mySQL_accounts_host, $this->mySQL_accounts_username, $this->mySQL_accounts_password, $this->mySQL_accounts_database);

            // Prepage sql
            if ($stmt = $db_accounts->prepare("SELECT account_id, verified, blocked ,login_email, login_password, login_salt, user_voornaam, user_tussenvoegsel, user_achternaam FROM accounts WHERE login_email = ? LIMIT 1"))
            {
                $stmt->bind_param('s', $email); // Bind "$email" to parameter.
                $stmt->execute(); // Execute the prepared query.
                $stmt->store_result();

                $stmt->bind_result($user_id, $verified, $blocked, $email, $db_password, $salt, $voornaam, $tussenvoegsel, $achternaam); // get variables from result.

                $stmt->fetch();
                $password = hash('sha512', $sha512Pass . $salt); // hash the password with the unique salt.
                $tussen = ' ';
                if ($tussenvoegsel != "")
                {
                    $tussen = " " . $tussenvoegsel . " ";
                }
                $username = $voornaam . $tussen . $achternaam;



                if ($stmt->num_rows == 1)
                { // If the user exists
                    // Check blocked
                    if ($blocked == "1")
                    {
                        return 'Deze acount is geblokkeerd, neem contact met ons op.';
                    }

                    // We check if the account is locked from too many login attempts
                    if ($this->_checkBrute($user_id, $db_accounts) == true)
                    {
                        // Account is locked
                        // Send an email to user saying their account is locked
                        return "Te vaak fout ingelogd,<br />uw account is voor " . $this->blockout_time . " minuten geblokkerd.";
                    }
                    else
                    {
                        if ($db_password == $password && $verified == 1)
                        {
                            // Password is correct!, update lastLogin
                            if ($stmt = $db_accounts->prepare("UPDATE accounts SET date_lastLogin=? WHERE account_id=?"))
                            {
                                $lastlogin = date("Y-m-d H:i:s");

                                $stmt->bind_param('ss', $lastlogin, $user_id); // Bind "$email" to parameter.
                                $stmt->execute();
                                $stmt->close();
                            }

                            $ip_address = $_SERVER['REMOTE_ADDR']; // Get the IP address of the user.
                            $user_browser = $_SERVER['HTTP_USER_AGENT']; // Get the user-agent string of the user.

                            $user_id = preg_replace("/[^0-9]+/", "", $user_id); // XSS protection as we might print this value
                            $_SESSION['user_id'] = $user_id;
                            $username = $username; // XSS protection as we might print this value
                            $_SESSION['username'] = $username;
                            $_SESSION['login_string'] = hash('sha512', $password . $ip_address . $user_browser);
                            // Login successful.

                            if ($this->MailOnLogin != FALSE)
                            {
                                mail($this->MailOnLogin, 'SECUREPLAY - LOGIN', $username . ' logged in to the secureplay platform..');
                            }
                            return false;
                        }
                        else
                        {
                            // Password is not correct
                            // We record this attempt in the database
                            $now = time();
                            $db_accounts->query("INSERT INTO login_attempts (userID, timestamp) VALUES (" . $user_id . ", " . $now . ")");

                            return "Onbekende gebruikersnaam en/of wachtwoord.";
                        }
                    }
                }
                else
                {
                    return "Onbekende gebruikersnaam en/of wachtwoord.";
                }
            }
            else
            {
                return 'SQL FAIL! ' . mysqli_error($db_accounts);
            }
            return "Onbekende fout!";
        }


        return false;
    }

    private function _checkBrute($user_id, $db_accounts)
    {
        // Get timestamp of current time
        $now = time();
        // All login attempts are counted from the past 2 hours.
        $valid_attempts = $now - ($this->blockout_time * 60);

        if ($stmt = $db_accounts->prepare("SELECT timestamp FROM login_attempts WHERE userID = ? AND timestamp > $valid_attempts"))
        {
            $stmt->bind_param('i', $user_id);
            // Execute the prepared query.
            $stmt->execute();
            $stmt->store_result();
            // If there has been more than 5 failed logins
            if ($stmt->num_rows > $this->max_login_fails)
            {
                return true;
            }
            else
            {
                return false;
            }
        }
        else
        {
            return true;
        }
    }

    // Login Check if user is logged in correctly
    private function _login_check()
    {
        // Database variables
        $db_accounts = mysqli_connect($this->mySQL_accounts_host, $this->mySQL_accounts_username, $this->mySQL_accounts_password, $this->mySQL_accounts_database);

        // Check if all session variables are set
        if (isset($_SESSION['user_id'], $_SESSION['username'], $_SESSION['login_string']))
        {
            $user_id = $_SESSION['user_id'];
            $login_string = $_SESSION['login_string'];
            $username = $_SESSION['username'];
            $ip_address = $_SERVER['REMOTE_ADDR']; // Get the IP address of the user.
            $user_browser = $_SERVER['HTTP_USER_AGENT']; // Get the user-agent string of the user.

            if ($stmt = $db_accounts->prepare("SELECT login_password FROM accounts WHERE account_id = ? LIMIT 1"))
            {
                $stmt->bind_param('i', $user_id); // Bind "$user_id" to parameter.
                $stmt->execute(); // Execute the prepared query.
                $stmt->store_result();

                if ($stmt->num_rows == 1)
                { // If the user exists
                    $stmt->bind_result($password); // get variables from result.
                    $stmt->fetch();
                    $login_check = hash('sha512', $password . $ip_address . $user_browser);
                    if ($login_check == $login_string)
                    {
                        // Logged In!!!!
                        return $user_id;
                    }
                    else
                    {
                        // Not logged in
                        return false;
                    }
                }
                else
                {
                    // Not logged in
                    return false;
                }
            }
            else
            {
                // Not logged in
                //die("f3");
                return false;
            }
        }
        else
        {
            // Not logged in
            return false;
        }
    }

}

secured_page

<?php
require_once 'assets/class.Firewizz.Security.php';

if (!isset($SECURITY))
{
    $SECURITY = new Firewizz\Security();
}

// Check if user is logged in or redirect to login page;
$SECURITY->BORDER_PATROL(true, true);


// CONTENT bla bla

?>

getPDF.php

<?php
// Requires
require_once 'assets/class.FirePDF.php';
require_once 'assets/class.Firewizz.Security.php';
$SECURITY = new \Firewizz\Security();
$SECURITY->Start_Secure_Session();

// Html file to scrape, if this works replace with referer so the page that does the request gets printed.(prepend by security so it can only be done from securePlay
$html_file = 'http://www.website.nl/?p=overzichten&sort=someSort&s=67';

// Output pdf filename
$pdf_fileName = 'Test_Pdf.pdf';

/*
 * cURL part
 */

// create curl resource
$ch = curl_init();

// set source url
curl_setopt($ch, CURLOPT_URL, $html_file);

// set cookies
$cookiesIn = "user_id=" . $_SESSION['user_id'] . "; username=" . $_SESSION['username'] . "; login_string=" . $_SESSION['login_string'] . ";";

// set cURL Options
$tmp = tempnam("/tmp", "CURLCOOKIE");
if ($tmp === FALSE)
{
    die('Could not generate a temporary cookie jar.');
}

$options = array(
    CURLOPT_RETURNTRANSFER => true, // return web page
    //CURLOPT_HEADER => true, //return headers in addition to content
    CURLOPT_ENCODING => "", // handle all encodings
    CURLOPT_AUTOREFERER => true, // set referer on redirect
    CURLOPT_CONNECTTIMEOUT => 120, // timeout on connect
    CURLOPT_TIMEOUT => 120, // timeout on response
    CURLOPT_MAXREDIRS => 10, // stop after 10 redirects
    CURLINFO_HEADER_OUT => true,
    CURLOPT_SSL_VERIFYPEER => false, // Disabled SSL Cert checks
    CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
    CURLOPT_COOKIEJAR => $tmp,
    //CURLOPT_COOKIEFILE => $tmp,
    CURLOPT_COOKIE => $cookiesIn
);

// $output contains the output string
curl_setopt_array($ch, $options);
$output = curl_exec($ch);

// close curl resource to free up system resources
curl_close($ch);

// output the cURL
echo $output;
?>

How we test

Current testing is done by logging the user in and going to the correct page we want to get with cURL and verifying he sees the page(which works). Now we run the getPDF.php page in a new tab. in which we see a blank page due to the security failure. if we add echo "session data:" . $_SESSION["login_string"]; in the security script we see the variables in the $_SESSION is blank. When we paste the same line in the getPDF.php we see it is being set there. So we know for a fact is has not been transferred by cURL.

Some short information.

So with above code we get a blank page;
$_SESSION data not send;
Pretty sure cookies not send either;
Tried various cURL setups, none with success all the same;
Would be perfect if ALL $_SESSION AND $_COOKIE data is passed;
Tried everything said in comments or answers.

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

3条回答默认最新

doukui2011 2016-02-20 10:01

关注

Ok it is solved

After a lot of research.

Cookie data is passed but that does not make it session data.. This was fixed using the following method:

private function Cookie2Session($name)
{
    if (filter_input(INPUT_COOKIE, $name))
    {
        $_SESSION[$name] = filter_input(INPUT_COOKIE, $name);
    }
}

// following lines put within the BORDER_PATROL Method
if (filter_input(INPUT_COOKIE, 'pdfCurl'))
{
    $this->Cookie2Session('user_id');
    $this->Cookie2Session('username');
    $this->Cookie2Session('login_string');
    $this->Cookie2Session('REMOTE_ADDR');
    $this->Cookie2Session('HTTP_USER_AGENT');
    $_SESSION['new_session'] = "true";
}

Small alteration to the method _login_check()

// Login Check if user is logged in correctly
private function _login_check()
{
    // Database variables
    $db_accounts = mysqli_connect($this->mySQL_accounts_host, $this->mySQL_accounts_username, $this->mySQL_accounts_password, $this->mySQL_accounts_database);

    // Check if all session variables are set
    if (isset($_SESSION['user_id'], $_SESSION['username'], $_SESSION['login_string']))
    {
        $user_id = $_SESSION['user_id'];
        $login_string = $_SESSION['login_string'];
        $username = $_SESSION['username'];
        $ip_address = $_SERVER['REMOTE_ADDR']; // Get the IP address of the user.
        $user_browser = $_SERVER['HTTP_USER_AGENT']; // Get the user-agent string of the user.

// =====>> add this code, because cURL req comes from server. <<=====
        if (isset($_SESSION["REMOTE_ADDR"]) && ($_SERVER['REMOTE_ADDR'] == $_SERVER['SERVER_ADDR']))
        {
            $ip_address = $_SESSION["REMOTE_ADDR"];
        }

// {rest of code}

Small updates to the getPHP.php file:

<?php
// Requires
require_once 'assets/class.FirePDF.php';
require_once 'assets/class.Firewizz.Security.php';
$SECURITY = new \Firewizz\Security();
$SECURITY->Start_Secure_Session();

// Html file to scrape, if this works replace with referer so the page that does the request gets printed.(prepend by security so it can only be done from securePlay
$html_file = 'http://www.secureplay.nl/?p=overzichten&sort=SpeelplaatsInspecties&s=67';

// Output pdf filename
$pdf_fileName = 'Test_Pdf.pdf';

/*
 * cURL part
 */

// create curl resource
$ch = curl_init();

// set source url
curl_setopt($ch, CURLOPT_URL, $html_file);

// set cookies
$cookiesIn = "user_id=" . $_SESSION['user_id'] . "; username=" . $_SESSION['username'] . "; login_string=" . $_SESSION['login_string'] . "; pdfCurl=true; REMOTE_ADDR=" . $_SERVER['REMOTE_ADDR'] . "; HTTP_USER_AGENT=" . $_SERVER['HTTP_USER_AGENT'];
$agent = $_SERVER['HTTP_USER_AGENT'];

// set cURL Options
$tmp = tempnam("/tmp", "CURLCOOKIE");
if ($tmp === FALSE)
{
    die('Could not generate a temporary cookie jar.');
}

$options = array(
    CURLOPT_RETURNTRANSFER => true, // return web page
    //CURLOPT_HEADER => true, //return headers in addition to content
    CURLOPT_ENCODING => "", // handle all encodings
    CURLOPT_AUTOREFERER => true, // set referer on redirect
    CURLOPT_CONNECTTIMEOUT => 120, // timeout on connect
    CURLOPT_TIMEOUT => 120, // timeout on response
    CURLOPT_MAXREDIRS => 10, // stop after 10 redirects
    CURLINFO_HEADER_OUT => true,
    CURLOPT_SSL_VERIFYPEER => false, // Disabled SSL Cert checks
    CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
    CURLOPT_COOKIEJAR => $tmp,
    //CURLOPT_COOKIEFILE => $tmp,
    CURLOPT_COOKIE => $cookiesIn,
    CURLOPT_USERAGENT => $agent
);

// $output contains the output string
curl_setopt_array($ch, $options);
$output = curl_exec($ch);

// close curl resource to free up system resources
curl_close($ch);

// output the cURL
echo $output;
?>

With the above knowledge you can totally use cURL to visit a secure page with current session data with only minor consessions in your security.

本回答被题主选为最佳回答 , 对您是否有帮助呢?

查看更多回答(2条)

报告相同问题？

关注问题

使用cURL检索网站HTML页面，其中包含当前会话和安全页面上的cookie数据 php
2016-02-14 11:11

回答 3 已采纳 Ok it is solved After a lot of research. Cookie data is passed but that does not make it session
php使用curl爬取页面,json数据获取不完整 json php 有问必答
2021-08-02 16:03

回答 2 已采纳你访问的是同一个url?你爬取的是列表内容。并没有去请求详细内容
在PHP页面上使用带有CURL的OAUTH API php
2018-10-11 11:57

回答 2 已采纳 Check out below sample code of cURL call in php. You need to change your domain name instead of ex
PHP使用curl进行模拟请求时的参数解析
2020-12-22 22:41

BladeZeng的博客 curl_setopt (int ch, string option, mixed value) curl_setopt()函数将为一个CURL会话设置选项。option参数是你想要的设置，value是这个选项给定的值。 CURLOPT_AUTOREFERER 当根据Location:重定向时，自动设置...
php curl带上网站所有的cookie进行访问，为什么显示未登录呢？ php
2018-05-16 06:30

回答 2 已采纳 curl获取的是源代码，就是你邮件查看源代码，得到什么就是什么，js动态解析的内容是获取不到的，要获取js动态解析添加的内容，需要用webbrowser之类的window组件或者用谷歌chrome v
（PHP）使用Curl获取空白页面（Mytischtennis） php
2017-12-06 16:11

回答 1 已采纳 You need to set two more options in your curl request: // Add some more headers here if you need
Php CURL用于cookie和会话 php
2014-04-24 07:55

回答 2 已采纳 define('POSTURL', 'http://hostfast.info/includes/process.php?action=update'); define('POSTVARS',
php curl 发起get和post网络请求、发送文件等
2020-04-20 13:13

xiao助阵的博客 curl介绍https://www.cnblogs.com/niuben/p/11558420.html curl是一个开源的网络链接库，支持http, https, ftp, gopher, telnet, dict, file, and ldap 协议。之前均益介绍了python版本的pycurlhttp://junyiseo....
cURL将html页面结果清空 html php
2019-01-31 12:01

回答 2 已采纳 You can use this code to get page content " function GetHtmlContents( $url ) { $user_a
PHP Curl无法加载页面 php
2019-03-21 09:37

回答 1 已采纳 the url https://www.yellowpages.com.au does not serve a page, it just redirects you (via a HTTP Lo
Hubstaff - 使用php cURL检索数据 php
2015-09-14 04:30

回答 1 已采纳 @Michal I have solved my own problem and created this simple class to help anyone else in connecti
PHP中使用CURL实现GET和POST请求数据
2017-09-14 10:08

weixin_33805557的博客 PHP中使用CURL实现GET和POST请求一、什么是CURL？ cURL 是一个利用URL语法规定来传输文件和数据的工具，支持很多协议，如HTTP、FTP、TELNET等。最爽的是，PHP也支持 cURL 库。使用PHP的cURL库可以简单和有效...
PHP使用Curl登录HTTPS页面 https php ssl
2016-01-14 16:47

回答 2 已采纳 First, I don't think you can do the 'array' thing like that as that will make PHP/CURL create mult
PHP中使用CURL实现GET和POST请求
2015-06-11 18:07

xuan_lin的博客使用PHP的cURL库可以简单和有效地去抓网页。你只需要运行一个脚本，然后分析一下你所抓取的网页，然后就可以以程序的方式得到你想要的数据了。无论是你想从从一个链接上取部分数据，或是取一个XML文件并把其导入...
php基础(03):curl 网络请求
2021-08-04 15:27

小鱼不会游泳的博客 1.curl概述： PHP支持的由Daniel Stenberg创建的libcurl库允许你与各种的服务器使用各种类型的协议进行连接和通讯。 libcurl目前支持http、https、ftp、gopher、telnet、dict、file和ldap协议。libcurl同时也支持...
PHP curl 发起get和post网络请求
2020-02-03 08:34

西红柿炒番茄31的博客 curl介绍 curl是一个开源的网络链接库，支持http, https, ...之前均益介绍了python版本的pycurl http://junyiseo.com/python/607.html ，现在介绍怎么使用php版本的URL. curl get请求 function curl_get($url){ ...
curl 和 wget 的使用和区别
2022-09-16 11:07

讓丄帝愛伱的博客 CURL是一个开源项目，主要的产品有curl和libcurl：curl是一个跨平台的URL命令行工具，libcurl是一个C语言的网络协议扩展库。两者都是基于多种互联网通用协议对指定URL的资源进行数据传输。GUN Wget也是一个免费的...
没有解决我的问题, 去提问

悬赏问题

¥15 import arcpy出现importing _arcgisscripting 找不到相关程序
¥15 onvif+openssl，vs2022编译openssl64
¥15 iOS 自定义输入法-第三方输入法
¥15 很想要一个很好的答案或提示
¥15 扫描项目中发现AndroidOS.Agent、Android/SmsThief.LI!tr
¥15 怀疑手机被监控，请问怎么解决和防止
¥15 Qt下使用tcp获取数据的详细操作
¥15 idea右下角设置编码是灰色的
¥15 全志H618ROM新增分区
¥15 在grasshopper里DrawViewportWires更改预览后，禁用电池仍然显示

码龄粉丝数原力等级 --

使用cURL检索网站HTML页面，其中包含当前会话和安全页面上的cookie数据

The thing i want (in short):

More detailed:

How we test

Some short information.

3条回答默认最新

码龄粉丝数原力等级 --

悬赏问题

使用cURL检索网站HTML页面，其中包含当前会话和安全页面上的cookie数据

The thing i want (in short):

More detailed:

How we test

Some short information.

3条回答 默认 最新

悬赏问题

3条回答默认最新