1

I am trying to use cURL to automatic login into this site: GSC. The site is build using ASP.NET. I first perform a GET request to get session id, which works just fine. I then need to person a POST request to the same site with session id, username, password and some login position. The login position changes based on the window size of the browser, so I just choose some random ones. I've left of the username and password below, but I've checked them several times and the are correct. In Chrome I can see that there is also a query string parameter, but I'm not sure If I should include this anywhere? I've included two pictures the request + response I made manually in a Chrome Browser and the php script I'm using for the automatic login. Can anybody see, if I made any errors?

Request + response: First part of the request+response from Chrome console

Second part of the request+response from Chrome console

PHP script:

function get_headers_from_curl_response($headerContent)
{

    $headers = array();

    // Split the string on every "double" new line.
    $arrRequests = explode("\r\n\r\n", $headerContent);

    // Loop of response headers. The "count() -1" is to 
    //avoid an empty row for the extra line break before the body of the response.
    for ($index = 0; $index < count($arrRequests) -1; $index++) {

        foreach (explode("\r\n", $arrRequests[$index]) as $i => $line)
        {
            if ($i === 0)
                $headers[$index]['http_code'] = $line;
            else
            {
                list ($key, $value) = explode(': ', $line);
                $headers[$index][$key] = $value;
            }
        }
    }

    return $headers;
}
function regexExtract($text, $regex, $regs, $nthValue)
{
    if (preg_match($regex, $text, $regs)) {
        $result = $regs[$nthValue];
    }
    else {
         $result = "";
    }
return $result;
}
$regexViewstate = '/__VIEWSTATE\" value=\"(.*)\"/i';
$regexEventVal  = '/__EVENTVALIDATION\" value=\"(.*)\"/i';

$ch = curl_init("http://gsc.klub-modul.dk/cms/ShowContentPage.aspx?ContentPageID=1");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookies.txt');

$response = curl_exec($ch);
curl_close($ch);

$viewstate = regexExtract($response,$regexViewstate,$regs,1);
$eventval = regexExtract($response, $regexEventVal,$regs,1);

$params = array(
    '__EVENTTARGET' => '',
    '__EVENTARGUMENT' => '',
    '__VIEWSTATE' => $viewstate,
    '__EVENTVALIDATION' => $eventval, 
    'ctl00%24txtUsername' => 'xxx',
    'ctl00%24txtPassword' => 'xxx',
    'ctl00$ImgLogin.x' => '0',
    'ctl00$ImgLogin.y' => '0',
);

$ch2 = curl_init("http://gsc.klub-modul.dk/cms/ShowContentPage.aspx?ContentPageID=1");
curl_setopt($ch2, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch2, CURLOPT_HEADER, 1);
curl_setopt ($ch2, CURLOPT_POST, true);
curl_setopt($ch2, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch2, CURLOPT_POSTFIELDS, http_build_query($params));
curl_setopt ($ch2, CURLOPT_COOKIE,'cookies.txt');
curl_setopt($ch2,CURLOPT_COOKIEJAR,'cookies2.txt');

$response2 = curl_exec($ch2);
curl_close($ch2);

foreach(get_headers_from_curl_response($response2) as $value)
{
    foreach($value as $key => $value2)
    {
        echo $key . ": " .$value2 . "<br />";
    }
}
Niels Sønderbæk
  • 3,487
  • 4
  • 30
  • 43

1 Answers1

2

Your code looks clean to me, unless you didn't make any mistake elsewhere. Just one thing you need to fix:

'ctl00$txtUsername' => 'xxx',
'ctl00$txtPassword' => 'xxx',

You are using %24 inside the keys, which further urlencoded by the function http_build_query()

Sabuj Hassan
  • 38,281
  • 14
  • 75
  • 85