2017-02-03 131 views
2

即時通訊使用curl登錄bukalapak.com。 但總是重定向「你正在重定向」&我解決它使用捲曲跟位是真的,但爲什麼不在重定向後內嵌? 幫我&感謝之前bukalapak.com登錄使用PHP捲曲

<?php 
 
function curl($url, $post){ 
 
$curl = curl_init(); 
 
curl_setopt_array($curl, 
 
array(CURLOPT_URL => $url, //put your url here 
 
CURLOPT_SSL_VERIFYPEER => false, 
 
CURLOPT_SSL_VERIFYHOST => false, 
 
CURLOPT_RETURNTRANSFER => true, 
 
//CURLOPT_ENCODING => "", 
 
CURLOPT_POSTREDIR => 3, 
 
CURLOPT_HEADER => true, 
 
//CURLOPT_MAXREDIRS => 10, 
 
//CURLOPT_TIMEOUT => 30, 
 
//CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1, 
 
CURLOPT_CUSTOMREQUEST => "GET", 
 
CURLOPT_POST => true, 
 
CURLOPT_FOLLOWLOCATION => false, 
 
CURLOPT_COOKIEFILE => "cookie.txt", 
 
CURLOPT_COOKIEJAR => "cookie.txt", 
 
CURLOPT_POSTFIELDS => $post, 
 
CURLOPT_HTTPHEADER => array(
 
"cache-control: no-cache", 
 
"Content-type: text/html; charset=UTF-8" 
 
), 
 
)); 
 

 
$response = curl_exec($curl); 
 
$info = curl_getinfo($curl); 
 
$err = curl_error($curl); 
 
curl_close($curl); 
 
return $response; 
 
} 
 

 
$p = array(
 
"user_session[username]"=>"[email protected]", 
 
"user_session[password]"=>"Blablabla", 
 
"commit"=>"Login", 
 
"comeback"=>"%2F" 
 
); 
 

 
$login = curl("https://www.bukalapak.com/user_sessions", http_build_query($p)); 
 

 
echo $login; 
 
?>

HTTP/1.1 302 Found Server: nginx Date: Fri, 03 Feb 2017 06:28:03 GMT Content-Type: text/html; charset=utf-8 Location: https://www.bukalapak.com/ Transfer-Encoding: chunked Connection: keep-alive Status: 302 Found Cache-Control: max-age=0, private, must-revalidate, no-transform X-We-Need-To-Talk: Hey, you need to check out https://www.bukalapak.com/careers :) Vary: Origin X-Permitted-Cross-Domain-Policies: none X-XSS-Protection: 1; mode=block X-Request-Id: 90f9ca9a-4ade-4c3d-a0ea-592effd5c2ee X-Download-Options: noopen X-Found-Something: Found any vulnerabilities in our system? https://www.bukalapak.com/bug_reports X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Set-Cookie: _mkra_ctxt=8891a37006424c9c608a41bf3f6558de--302; path=/; max-age=5; HttpOnly Set-Cookie: lskjfewjrh34ghj23brjh234=RjhGMUlkUEpHb0NOaTNLeUFoT2x2RmxZeWxDTWRySEV6aUc4a0tBOWhqbGdZVS9kWUlOZHFOSXNVZWt2UmJCTkFBRXZLVW8wd21rUktrYXZQR05lUU01aHRuemdzVi91WnFqcUFid2s0MVhUbGhmQXk0cGIrVU5iaXR3UW1HQ21LeHJHRHhMRGZucGo3UUluZ2FLbjJMSWZiZVExODgyRmtUQXJaMTZjYVQxMXZSOWg5U3FGeHZZTGdxVllNTFp4MGtDcnJiaEEwL0NkTVNNT2lTWE8yQXNtNEIzWTVKc0h4NVdVeEVKYnZMSVFMQ29KcysyUGdnK2VZaWNLaVozL3NXYzVIcXlHWkY4SDZESjF4RXp6ak5wVXVOeXRXdjZ0YkZ1UWhPQVJNcjA9LS1od2k3aTgzM3pBSEx5TDVqcE9ZWUZ3PT0%3D--0f995ca0f739bbb3f94b4e92b6628da326a2cb5c; domain=.bukalapak.com; path=/; HttpOnly Strict-Transport-Security: max-age=31536000; includeSubdomains You are being redirected.

回答

0

第一關,登錄,您需要一個有效的Cookie的會話ID和 「authenticity_token」 組合。每個cookie會話都有自己獨特的authenticity_token,如果您沒有發佈正確的1,您將無法登錄。

您的代碼不會嘗試獲得authenticity_token。

您還缺少一堆登錄參數,這可能導致登錄無法進行。僅舉幾例,utf8comebackab_keep_logincommit(並有更多)

也,你的代碼中使用multipart/form-data編碼,但該網站使用application/x-www-form-urlencoded編碼,所以解決這個問題(使用http_build_query產生一個有效的x-WWW-窗體-urlencoded字符串)

先製作一個GET請求到登錄頁面,確保啓用了Cookie,解析出所有屬於該登錄請求的<input>標籤(但警告,也有含<input> html的幾種形式標籤,你只需要輸入屬於登錄表單,又名ID new_user_session),它們的名稱和值(使用DOMD爲此),修改用戶名/密碼變量,併發送登錄POST請求與所有這些標籤,並確保使用application/x-www-form-urlencoded編碼(也就是http_build_query爲您提供),就像真正的瀏覽器一樣。

https://github.com/divinity76/hhb_.inc.php/blob/master/hhb_.inc.php使用hhb_curl,這裏是一個例子(它應該工作,提供了一個真實的用戶名/密碼)

<?php 
declare(strict_types = 1); 
require_once ('hhb_.inc.php'); 
$hc = new hhb_curl(); 
$hc->_setComfortableOptions(); 
$hc->exec ('https://www.bukalapak.com/user_sessions'); 
$html = $hc->getResponseBody(); 
$domd = @DOMDocument::loadHTML ($html); 
$inputs = array(); 
foreach ($domd->getElementById ("new_user_session")->getElementsByTagName ("input") as $input) { 
    $inputs [$input->getAttribute ("name")] = $input->getAttribute ("value"); 
} 
var_dump ($inputs); 
assert (array_key_exists ('authenticity_token', $inputs)); 
$inputs ['user_session[username]'] = '[email protected]'; 
$inputs ['user_session[password]'] = 'Blablabla'; 
$hc->setopt_array (array (
     CURLOPT_POST => true, 
     CURLOPT_POSTFIELDS => http_build_query ($inputs), 
     CURLOPT_URL => 'https://www.bukalapak.com/user_sessions', 
     CURLOPT_HTTPHEADER => array (
       'Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8' 
     ) 
)); 
$hc->exec(); 
$html = $hc->getResponseBody(); 
hhb_var_dump ($hc->getStdErr(), $hc->getResponseBody());