| Re: How to cURL a JSP page [message #179433 is a reply to message #179432] |
Sun, 28 October 2012 14:04   |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
|
Senior Member |
|
|
On 10/28/2012 8:23 AM, Ankur Sinha wrote:
> On Sunday, 28 October 2012 14:13:48 UTC+5:30, J.O. Aho wrote:
>> On 28/10/12 04:12, Ankur Sinha wrote:
>>
>>> I am trying to cURL my university login page. I want users to enter their university id and pass in my website,
>>
>>> my website will curl to university website, authenticate and then allow them to login or give error accordingly.
>>
>>
>>
>> There are quite many people who won't do that, login in to a site from a
>>
>> third party page, as this can cause login credentials be stolen.
>>
>>
>>
>>
>>
>>> But my university portal is a jsp page.
>>
>>
>>
>> This don't make any difference how curl works.
>>
>>
>>
>>> And after having posted in StackOverflow and other forums before, this
>>
>>> is what I came up with. I need further help on where I am going wrong and how to rectify it.
>>
>>>
>>
>>> [/color]
[color=teal]>> [/color]
[color=royalblue]>>> <form class="form-horizontal" action="curl.php" method="POST">[/color]
[color=teal]>> [/color]
[color=royalblue]>>> <div class="control-group">[/color]
[color=teal]>> [/color]
[color=royalblue]>>> <label class="control-label" for="inputEmail">Username</label>[/color]
[color=teal]>> [/color]
[color=royalblue]>>> <div class="controls">[/color]
[color=teal]>> [/color]
[color=royalblue]>>> <input type="text" id="inputEmail" placeholder="Username">[/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=teal]>> You will not send any useful data to your curl page, see examples at[/color]
[color=teal]>> [/color]
[color=teal]>> w3schools: http://www.w3schools.com/html/html_forms.asp[/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=royalblue]>>> </div>[/color]
[color=teal]>> [/color]
[color=royalblue]>>> </div>[/color]
[color=teal]>> [/color]
[color=royalblue]>>> <div class="control-group">[/color]
[color=teal]>> [/color]
[color=royalblue]>>> <label class="control-label" for="inputPassword">Password</label>[/color]
[color=teal]>> [/color]
[color=royalblue]>>> <div class="controls">[/color]
[color=teal]>> [/color]
[color=royalblue]>>> <input type="password" id="inputPassword" placeholder="Password">[/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=teal]>> You will not send any useful data to your curl page, see examples at[/color]
[color=teal]>> [/color]
[color=teal]>> w3schools: http://www.w3schools.com/html/html_forms.asp[/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=royalblue]>>> </div>[/color]
[color=teal]>> [/color]
[color=royalblue]>>> </div>[/color]
[color=teal]>> [/color]
[color=royalblue]>>> <div class="control-group">[/color]
[color=teal]>> [/color]
[color=royalblue]>>> <div class="controls">[/color]
[color=teal]>> [/color]
[color=royalblue]>>> <label class="checkbox">[/color]
[color=teal]>> [/color]
[color=royalblue]>>> <input type="checkbox"> Remember me[/color]
[color=teal]>> [/color]
[color=royalblue]>>> </label>[/color]
[color=teal]>> [/color]
[color=royalblue]>>> <button type="submit" class="btn">Sign in</button>[/color]
[color=teal]>> [/color]
[color=royalblue]>>> </div>[/color]
[color=teal]>> [/color]
[color=royalblue]>>> </div>[/color]
[color=teal]>> [/color]
[color=royalblue]>>> </form>[/color]
[color=teal]>> [/color]
[color=royalblue]>>>
>>
>>>
>>
>>> Now this is my curl.php file:
>>
>>>
>>
>>> [/color]
[color=teal]>> [/color]
[color=royalblue]>>> <?php[/color]
[color=teal]>> [/color]
[color=royalblue]>>> $address = "http://evarsity.srmuniv.ac.in/srmswi/usermanager/youLogin.jsp"; //site URL[/color]
[color=teal]>> [/color]
[color=royalblue]>>> $post = "username=txtRegNumber&pass=txtPwd"; //Parameters to be sent. Written like GET.[/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=teal]>> You need to set the login name and password, in this case you just using[/color]
[color=teal]>> [/color]
[color=teal]>> static values txtRegNumber / txtPwd, you need to assign those dynamically.[/color]
[color=teal]>> [/color]
[color=teal]>> See http://www.php.net/manual/en/language.variables.basics.php[/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=royalblue]>>> $welcomeMessage = "Welcome..."; //This is the message that is displayed when a login is successful[/color]
[color=teal]>> [/color]
[color=royalblue]>>> [/color]
[color=teal]>> [/color]
[color=royalblue]>>> $options = array([/color]
[color=teal]>> [/color]
[color=royalblue]>>> CURLOPT_USERAGENT => 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)',[/color]
[color=teal]>> [/color]
[color=royalblue]>>> CURLOPT_POST => true, //using post[/color]
[color=teal]>> [/color]
[color=royalblue]>>> CURLOPT_URL => $address, //where to go[/color]
[color=teal]>> [/color]
[color=royalblue]>>> CURLOPT_POSTFIELDS => $post, //input params[/color]
[color=teal]>> [/color]
[color=royalblue]>>> CURLOPT_RETURNTRANSFER => true, //Returns a string value of the request[/color]
[color=teal]>> [/color]
[color=royalblue]>>> CURLOPT_SSL_VERIFYPEER => false, //Avoid SSL problems[/color]
[color=teal]>> [/color]
[color=royalblue]>>> CURLOPT_COOKIEFILE => 'cookie.txt', //Save cookies[/color]
[color=teal]>> [/color]
[color=royalblue]>>> CURLOPT_COOKIEJAR => 'cookies.txt' //Cookies located[/color]
[color=teal]>> [/color]
[color=royalblue]>>> CURLOPT_USERPWD ==> [username]:[password]);[/color]
[color=teal]>> [/color]
[color=royalblue]>>> [/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=teal]>> You need to make the connection to the site, see example at php.net:[/color]
[color=teal]>> [/color]
[color=teal]>> http://www.php.net/manual/en/function.curl-init.php[/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=royalblue]>>> if (strpos($content, $welcomeMessage) !== false){[/color]
[color=teal]>> [/color]
[color=royalblue]>>> /*[/color]
[color=teal]>> [/color]
[color=royalblue]>>> Do whatever,I don't know what to do here though[/color]
[color=teal]>> [/color]
[color=royalblue]>>> */[/color]
[color=teal]>> [/color]
[color=royalblue]>>> }[/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=teal]>> You should make error checks, see examples at php.net:[/color]
[color=teal]>> [/color]
[color=teal]>> http://www.php.net/manual/en/function.curl-errno.php[/color]
[color=teal]>> [/color]
[color=teal]>> http://www.php.net/manual/en/function.curl-error.php[/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=teal]>> When you confirm that you have logged in, you have to be sure that the[/color]
[color=teal]>> [/color]
[color=teal]>> string you look for don't include HTML tags.[/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=teal]>> [/color]
[color=royalblue]>>> curl_close($ch); //close connections[/color]
[color=teal]>> [/color]
[color=royalblue]>>> ?>[/color]
[color=teal]>> [/color]
[color=royalblue]>>>
>>
>>>
>>
>>> Please let me know where I am going wrong, why I am not able to login and after logging in, how to log out.
>>
>>
>>
>> Drop the cookie, if you want the university web server to know it, make
>>
>> a curl request to the logout link/page.
>>
>>
>>
>>
>>
>> Good luck with your school assignment.
>>
>>
>>
>> --
>>
>>
>>
>> //Aho
>
> I am making this for my college out of my own interest after conducting a survey. So this is not my assignment and people said they won't sign up freshly and they wanted to login using existing ids and passwords provided by the university.
>
I agree with J.O. You'll find a lot more people won't sign in using the
credentials from another site. Only those with no concept of security
will do it the way you want.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]