 |
 |
|
cdc
I have a function located in an external file that gets included in several of my scripts. The function's purpose is to submit a form:
function hitForm($loginURL, $loginFields, $referer=""  {$ch = curl_init(); curl_setopt($ch, CURLOPT_COOKIEJAR, "cookies.txt"); curl_setopt($ch, CURLOPT_COOKIEFILE, "cookies.txt"); curl_setopt($ch, CURLOPT_URL, $loginURL); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_REFERER, $referer); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 400); curl_setopt($ch, CURLOPT_POSTFIELDS, $loginFields); $ret = curl_exec($ch); curl_close($ch); return $ret; } Now this has worked on thousands of sites, but I'm currently running into an issue with one site. The site is telling me that I don't have cookies enabled when I try to submit the form. I've tried opening up the permissions on cookies.txt, but that didn't seem to do anything. I should also mention that all the scripts that are using this function are located in their own directories and therefore have their own cookies.txt files. I've never had this problem with my other two dozen scripts, however. Any idea of something I should be looking at? It's not a huge deal if I have to skip this site, but I did already do some work so I'd like to have it included. thedarkness
Corect me if I'm wrong dude but wouldn't you have to "GET" a page from the site to allow it to set the cookie/s (maybe you do that elsewhere)? If that's not the issue then maybe check you have write permission on the directory where cookies.txt will live.
HTH, td perkiset
I think TD is right on - the site would not expect you to be posting without having first GOTten a page, which would have contained <the cookie> that they want to see on the post.
cdc
Yes, I tried that as well, but still no luck. I moved on. I'm guessing that site is broken considering my code works for the other 10,000 sites.
I just wanted to make sure I wasn't missing something obvious that would keep coming up to bite me in the ass. Thanks. perkiset
I don't think so... but I am not good with cURL because I don't trust other libs by default.
I will post my personal WebRequest PHPclass a bit later today - it's what I use because I can put it anywhere that at least hasphp4.3 an nothing else./p nop_90
I agree with perks that i do not trust other libs by default.
Then again i don't trust myself by default. Like the time i was posting on a certain social network imformation of how lonely people could find casual sex partners.(Part of my way of helping less fortunate people). This certain network on functions like add friend, send message etc did not have a session key.And you where able to inject JS into the page. Anyway i went to sleep one nite. And I had a dream. In my dream I was coding, but i determined that my method of imformation propagation was inefficient. It would be much more effective if the person who visit my profile, would add the same imformation to his profile, and then notify 10 of his friends. In my dream it worked great, in like 2 days i contacted like all people on this social network Then i remember "don't talk about xss it is icky and will get u in trouble" Fortunately it was all a dream  Certain sites if you do not have a legit useragent string will return bogus message like "system is down" "system error XXXXXXX, please send e-mail to _______ describing problem" Other places in the post they have "control chars" which you can not see, but if are not included return an error. Another places has tons of JS and then modifies form with JS. (not sure if this is to screw u over). If ur code works on other sites but not this one, and if u can post using browser, some sort of nasty going on
perkiset
At the core, however, if you see all the headers and content coming at you, and respond the correct way, the server will not know that you are a bot not a browser CAVEAT: Some of us have spent a lot of time both defeating this very point, so this is not true in all circumstances.
But, for the most part people will not be a Nutballs or Nop and have their systems locked down so tight that your bots cannot get in. All that being said, if it's only one out of 10K then who gives a shit /p thedarkness
quote author=perkiset link=topic=50.msg251#msg251 date=1177202566 if it's only one out of 10K then who gives a shit purists..... who have to know... it's funny but kinda sad too  td mailrouter
Open a site in FF with LiveHTTP headers installed. Check out what information your browser sends them and replicate it in your script.
Try again basura
quote author=cdc link=topic=50.msg169#msg169 date=1177146220 I have a function located in an external file that gets included in several of my scripts. The function's purpose is to submit a form: function hitForm($loginURL, $loginFields, $referer="" {$ch = curl_init(); curl_setopt($ch, CURLOPT_COOKIEJAR, "cookies.txt"); curl_setopt($ch, CURLOPT_COOKIEFILE, "cookies.txt"); curl_setopt($ch, CURLOPT_URL, $loginURL); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_REFERER, $referer); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 400); curl_setopt($ch, CURLOPT_POSTFIELDS, $loginFields); $ret = curl_exec($ch); curl_close($ch); return $ret; } Now this has worked on thousands of sites, but I'm currently running into an issue with one site. The site is telling me that I don't have cookies enabled when I try to submit the form. I've tried opening up the permissions on cookies.txt, but that didn't seem to do anything. I should also mention that all the scripts that are using this function are located in their own directories and therefore have their own cookies.txt files. I've never had this problem with my other two dozen scripts, however. Any idea of something I should be looking at? It's not a huge deal if I have to skip this site, but I did already do some work so I'd like to have it included. Spamm on Social Networks are really interesting, and as describes mailrouter, you can get the values that request the page instead and make headers inPHPwith the correct information.I suggest you to use a "Explorer PHPsimulator browser" like Snoopy, aPHPclass that allows a lot of "good" job to post on some socialnetworks...maybe sends emails, private messages and a lot of "texts" with interests links in it...I think cdc, your dream it could become true in Social Ingeniery, trying to locate usefull keywords from his/her profiles and then trying to make a neccesity in this subject, this way its a help to this subject to get a better "state" in life...in his/her life by buying "something" provided by the link... And its not difficult to make his/her friends do the same, marketing plus spam techniques plus clever programmingits the KEY of success..Slime perkiset
 I think you're going to do quite well here Slime... |
Thread Categories
 |
|
Best of The Cache Home |
|
|
Search The Cache |
- Ajax
- Apache & mod_rewrite
- BlackHat SEO & Web Stuff
- C/++/#, Pascal etc.
- Database Stuff
- General & Non-Technical Discussion
- General programming, learning to code
- Javascript Discussions & Code
- Linux Related
- Mac, iPhone & OS-X Stuff
- Miscellaneous
- MS Windows Related
- PERL & Python Related
- PHP: Questions & Discussion
- PHP: Techniques, Classes & Examples
- Regular Expressions
- Uncategorized Threads