问题出在哪里,我不明白。
使用codeigniter框架登录
获取消息"遇到错误不允许您请求的操作。"
我认为问题有CSFR的问题吗?我该如何连接?
请,
private $url = 'http://domain';
private $username = 'username';
private $password = 'password';
public function __construct()
{
# LOG #
self::console('TOKEN:'.self::getToken().' COOKIE:'.self::getCookie() );
# CURL #
self:: curl(
'/admin/ajax/login',
array(
'token' => self::getToken(),
'username' => $this->username,
'password' => $this->password
)
);
}
private function curl( $url, $fields = null )
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_USERAGENT,'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/32.0.1700.107 Chrome/32.0.1700.107 Safari/537.36');
curl_setopt($ch, CURLOPT_URL, $this->url . $url );
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 600);
curl_setopt($ch, CURLOPT_POST, count($fields));
curl_setopt($ch, CURLOPT_POSTFIELDS, !empty($fields) ? http_build_query($fields) : null );
curl_setopt($ch, CURLOPT_COOKIEJAR, dirname(__FILE__).'\cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, dirname(__FILE__).'\cookie.txt');
$result = curl_exec($ch);
if(curl_errno($ch))
{
return 'Curl error: ' . curl_error($ch);
}else{
return print_r($result);
}
curl_close($ch);
}
private function getCookie()
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 600);
curl_setopt($ch, CURLOPT_USERAGENT,'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/32.0.1700.107 Chrome/32.0.1700.107 Safari/537.36');
curl_setopt($ch, CURLOPT_URL, $this->url.'/admin/ajax/login' );
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec($ch);
preg_match('/^Set-Cookie:\s*([^;]*)/mi', $result, $value);
parse_str($value[1], $cookies);
return $cookies['bopsystoken'];
}
private function getToken()
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER,0);
curl_setopt($ch, CURLOPT_TIMEOUT, 600);
curl_setopt($ch, CURLOPT_USERAGENT,'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/32.0.1700.107 Chrome/32.0.1700.107 Safari/537.36');
curl_setopt($ch, CURLOPT_URL, $this->url.'/login' );
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec($ch);
if(curl_errno($ch))
{
return 'Curl error: ' . curl_error($ch);
}else{
preg_match('/type="hidden" name="token" value="(.*?)" /mi', str_replace(array("\n","\r","\t"),'',$result), $token);
return $token[1];
}
curl_close($ch);
}
private function console($e)
{
echo '<script>console.log("'.$e.'")</script>';
}