0

I have not much experience with cUrl. I am creating a bot which login automatically to a site. I have used cUrl to do this. when i run my script it logs me in successfully ( I get the response "Ok" ) but when i redirects to some other page I get logged out. Here is my code:

<?php
$username="username";
$userpass="password";
$url="https://www.invertironline.com/User/DoLogin";
$cookie="cookie.txt";


$postdata = "username=".$username."&password=".$userpass."";

$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 10.0; Win64; 
    x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36");
curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_COOKIEJAR, realpath($cookie));
curl_setopt ($ch, CURLOPT_COOKIEFILE, realpath($cookie));
curl_setopt ($ch, CURLOPT_REFERER, $url);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt ($ch, CURLOPT_POST, 1);
$headers  = array();

$headers[] = 'application/xhtml+voice+xml;version=1.2, application/x- 
xhtml+voice+xml;version=1.2, text/html, application/xml;q=0.9, 
application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, 
*/*;q=0.1';
$headers[] = 'Connection: Keep-Alive';
$headers[] = 'Content-type: application/x-www-form-urlencoded;charset=UTF- 
8';
$headers[] = 'X-Requested-With: XMLHttpRequest';
$headers[] = 'Referer: https://www.invertironline.com/mercado/cotizaciones';
$headers[] = 'Origin: https://www.invertironline.com';
$headers[] = 'Host: www.invertironline.com';

curl_setopt ($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt ($ch, CURLOPT_HEADER, 1);
$result = curl_exec ($ch);
curl_close($ch);
echo $result;
header("Location: https://www.invertironline.com/mercado/cotizaciones");

here are some additional information: if I create a html form with the username and password with action and submit it, it logs me in and give back the following response : 

{"result":"OK","redirect":"/MiCuenta/EstadoCuenta"}

and in case of wrong credentials i get this response:

{"result":"Error"}

so when I use curl I am getting same response but when I try to redirect I am not logged in ( probably session is not saved) I have spend 3 days trying to find a solution for this but still can't solve it Any help will be highly appreciated

Shehzad
  • 337
  • 4
  • 25
  • 1
    Are you sure this should work? You are running authentication using cURL on your server and afterwards you redirect the browser to another URL without using any authentication – Nico Haase Jan 21 '19 at 08:44
  • I don't know sir I have searched a lot on google and find similar solutions – Shehzad Jan 21 '19 at 08:45
  • 1
    To add to @NicoHaase's comment; even if the web-server is on the same computer as the one you are using a browser on, the server's session is still a different one from the session in your browser. It's the same as logging in from Chrome and expecting to be logged in afterwards in Firefox. And that is on the same computer, most likely your web-server and the computer are not even the same machine. – jeroen Jan 21 '19 at 08:46
  • I had found many solutions for this problem for example : https://stackoverflow.com/questions/3008817/login-to-remote-site-with-php-curl I want to create a bot which log me in to this site automatically – Shehzad Jan 21 '19 at 08:49

1 Answers1

0

go see in the cookie.txt file . it should display in details what problem you have. if the session is availble but no response then please tell me so i ciould know how i could help you better,and if the file is clear,then there is a problem in your code in the phase of cookie store.so please check cookie.txt file and tell me what you find in it.

Lord Legolas
  • 16
  • 5
  • # Netscape HTTP Cookie File # https://curl.haxx.se/docs/http-cookies.html # This file was generated by libcurl! Edit at your own risk. #HttpOnly_www.invertironline.com FALSE / FALSE 0 __sid 2rihga350g50uwfia54slzme www.invertironline.com FALSE / FALSE 1579594271 i18n.langtag es-AR this is what in the cookie file – Shehzad Jan 21 '19 at 08:50
  • Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: * Access-Control-Allow-Methods: GET,POST Access-Control-Allow-Origin: http://www.invertironline.com Cache-Control: private,no-transform Connection: keep-alive Content-Length: 51 Content-Type: application/json; charset=utf-8 Date: Mon, 21 Jan 2019 08:51:30 GMT Server: Microsoft-IIS/8.5 Set-Cookie: __sid=me1cwbi04ot523howauj0lib; path=/; HttpOnly Set-Cookie: anon=; expires=Sun, 20-Jan-2019 08:51:30 GMT; path=/; HttpOnly X-AspNet-Version: 4.0.30319 X-AspNetMvc-Version: 5.2 this is what i got when i log in manually – Shehzad Jan 21 '19 at 08:53
  • # Netscape HTTP Cookie File # http://curl.haxx.se/rfc/cookie_spec.html # This file was generated by libcurl! Edit at your own risk. register.pandi.or.id FALSE / FALSE 0 JSESSIONID 05CA8241C5B76F70F364CA244E4D1DF4 – Lord Legolas Jan 21 '19 at 08:57
  • as you can see , the session in ur cookie file is not stored as session, $cookie = session_name() . '=' . time(); curl_setopt($ch, CURLOPT_COOKIESESSION, true); //try to store the session now – Lord Legolas Jan 21 '19 at 08:59
  • No sir, still the same issue – Shehzad Jan 21 '19 at 09:05
  • there is no problem other than the session since you said if u tried to log in with correct or wrong creidentiels you are getting a correct json response with correct or not so the only thing is that the session is not being stored in the cookie.file so keep in mind in ur code there is no session store proccess so that is the problem – Lord Legolas Jan 21 '19 at 09:13
  • Here is username and password : $username="zeeshan"; $userpass="zeeshan123"; can you please test it yourself ? I shall be very thankful to you – Shehzad Jan 21 '19 at 09:14