Can't manage to login to university with php curl

Question

Here is the code that I have been using in order to write a script that logs into my university website in order to pull a file from behind the login.

What consistently happens is that it returns the login page (remembering my username in this form) but it does not authenticate. I have a feeling that the password isn't being transferred, but I don't know why. I've tried looking at the post requests that get sent through my browser when I do it manually, and everything looks fine. Fields should be username and password respectively...

<?php

$username = 'someuser';
$password = 'somepass';

$loginUrl = 'https://vault.andrews.edu/vault/goto/login';
$loginFields = array('username'=>$username, 'password'=>$password); //login form field names and values
$remotePageUrl = 'google.com'; // Will be changed to a remote page

$login = getUrl($loginUrl, 'post', $loginFields); //login to the site

$remotePage = getUrl($remotePageUrl); //get the remote page

function getUrl($url, $method='', $vars='') {
    $ch = curl_init();
    if ($method == 'post') {
        curl_setopt($ch, CURLOPT_POST, 1);
        curl_setopt($ch, CURLOPT_POSTFIELDS, $vars);
    }
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);

    //curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_4) AppleWebKit/600.7.12 (KHTML, like Gecko) Version/8.0.7 Safari/600.7.12");
    curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookies/cookies.txt');
    curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookies/cookies.txt');
    $buffer = curl_exec($ch);
    print $buffer;
    curl_close($ch);
    return $buffer;
}
print $login;

?>

Can anybody figure out why it's not going through? I'm sorry that I cannot share real credentials for you all to use.

you trying to log in to the https, so you need to use sertificat in order to log in — volkinc, Aug 18 '15 at 17:23

score 1 · Answer 1 · edited May 23 '17 at 12:06

1

you have two ways

first is to add

curl_setopt($ch, CURLOPT_SSL_VERIFYHOST , false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER , false);

second is supply certificate like here SSL Certificate request with cURL

edited May 23 '17 at 12:06

Community

1
1

answered Aug 18 '15 at 17:30

volkinc

2,143
1
15
19

Adding verify host false, verify peer true made it work. No certificate needed. – Jonathan Wheeler Aug 18 '15 at 19:52

score 1 · Accepted Answer · answered Aug 18 '15 at 18:38

1

The login form you're trying to use does not submit to itself. Instead, it submits to https://vault.andrews.edu/vault/app/login/set. Additionally, there is a hidden field in the form which may be required, service with the value http://www.andrews.edu/.

Making those changes:

$loginUrl = 'https://vault.andrews.edu/vault/app/login/set';
$loginFields = array('username'=>$username, 'password'=>$password, 'service' => 'http://www.andrews.edu/');

should fix your script.

answered Aug 18 '15 at 18:38

Jeremiah Winsley

2,537
18
30

Awesome! I set verify host to false, and verify peer to true, as well as adding in the service and it all works now :D – Jonathan Wheeler Aug 18 '15 at 19:52

Can't manage to login to university with php curl

2 Answers2