我在我网站的索引页面上使用以下表单尝试登录论坛:
<form method = "post" action = "/forum/ucp.php?mode=login">
<div id = "field_container">
<div class = "field"><input name = "username" type = "text" placeholder = "Username" /></div>
<div class = "field"><input name = "password" type = "password" placeholder = "Password" /></div>
</div>
<div class = "submit"><input type = "submit" value = "Login" /></div>
</form>
但是,提交此表单只会将用户带到论坛的登录页面。它不会给出错误,也不会记录用户。缺少哪些链接可以使其工作?
编辑:以下是论坛本身的表格:
<form action="./ucp.php?mode=login" method="post" id="login">
<div class="panel">
<div class="inner"><span class="corners-top"><span></span></span>
<div class="content">
<h2>Login</h2>
<fieldset class="fields1">
<dl>
<dt><label for="username">Username:</label></dt>
<dd><input type="text" tabindex="1" name="username" id="username" size="25" value="" class="inputbox autowidth"></dd>
</dl>
<dl>
<dt><label for="password">Password:</label></dt>
<dd><input type="password" tabindex="2" id="password" name="password" size="25" class="inputbox autowidth"></dd>
<dd><a href="./ucp.php?mode=sendpassword">I forgot my password</a></dd>
</dl>
<dl>
<dd><label for="autologin"><input type="checkbox" name="autologin" id="autologin" tabindex="4"> Log me on automatically each visit</label></dd>
<dd><label for="viewonline"><input type="checkbox" name="viewonline" id="viewonline" tabindex="5"> Hide my online status this session</label></dd>
</dl>
<input type="hidden" name="redirect" value="./ucp.php?mode=login">
<dl>
<dt> </dt>
<dd><input type="hidden" name="sid" value="7703a705e2d9971b1eae77b1f3ff61d6">
<input type="hidden" name="redirect" value="index.php">
<input type="submit" name="login" tabindex="6" value="Login" class="button1"></dd>
</dl>
</fieldset>
</div>
<span class="corners-bottom"><span></span></span></div>
</div>
<div class="panel">
<div class="inner"><span class="corners-top"><span></span></span>
<div class="content">
<h3>Register</h3>
<p>In order to login you must be registered. Registering takes only a few moments but gives you increased capabilities. The board administrator may also grant additional permissions to registered users. Before you register please ensure you are familiar with our terms of use and related policies. Please ensure you read any forum rules as you navigate around the board.</p>
<p><strong><a href="./ucp.php?mode=terms">Terms of use</a> | <a href="./ucp.php?mode=privacy">Privacy policy</a></strong></p>
<hr class="dashed">
<p><a href="./ucp.php?mode=register" class="button2">Register</a></p>
</div>
<span class="corners-bottom"><span></span></span></div>
</div>
</form>
编辑:除了SID之外,您还必须确保提交按钮的名称是“登录”。
答案 0 :(得分:0)
我认为您遇到的问题是,原始表单包含两个额外的隐藏字段:
<input type="hidden" name="sid" value="7703a705e2d9971b1eae77b1f3ff61d6">
<input type="hidden" name="redirect" value="index.php">
重定向字段不应该是问题。
对于sid字段,我自己假设两个功能。它可以是一个防止XSS的哈希,或者它只是登录将分配给的sid。但我认为第二个因为所选名称会更合理:)
因此,在使表单工作之前,您需要做的是使用curl获取登录公式,提取sid并将其作为隐藏字段添加到您自己的表单中。
如果有帮助,请告诉我。