Question

我试图通过curl从服务器获取数据，但在授权后我收到空响应。此服务器上的站点使用AJAX显示内容，因此我首先检查了标题并查询在通过浏览器与其进行交互时发送的参数。

一般标题：

Remote Address:*.*.*.*:80
Request URL:http://example.com/search/search/?0.42697851033881307
Request Method:POST
Status Code:200 OK

表格数据：

QUERY:29061
QUERY_TYPE:2
QUERY_DATA:S1
PKW:X
LKW:X
FORMAT:json
LANG:ru

这是无休止的谷歌搜索和堆栈溢出的结果：

<?php
$curl = curl_init('http://example.com/authorization/login/');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($curl, CURLOPT_COOKIEFILE, 'cookie.txt');
curl_setopt($curl, CURLOPT_REFERER, 'http://example.com/');
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);

curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, [
    'LOGIN' => 'MY_LOGIN',
    'PASSWORD' => 'MY_PASSWORD',
    'REMEMBER' => true,
    'FORMAT' => 'json',
    'LANG' => 'ru'
]);

curl_exec($curl);
curl_close($curl);

$curl = curl_init('http://example.com/search/search/?0.42697851033881307');
curl_setopt($curl, CURLOPT_HEADER, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($curl, CURLOPT_COOKIEFILE, 'cookie.txt');
curl_setopt($curl, CURLOPT_REFERER, 'http://example.com/');
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);

$postFields = json_encode([
    'FORMAT' => 'json',
    'LANG' => 'ru',
    'QUERY' => '29061',
    'QUERY_TYPE' => '2',
    'QUERY_DATA' => 'S1',
    'PKW' => 'X',
    'LKW' => 'X'
]);
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'POST');
curl_setopt($curl, CURLOPT_POSTFIELDS, $postFields);
curl_setopt($curl, CURLOPT_HTTPHEADER, [
    'X-Requested-With: XMLHttpRequest',
]);

$response = curl_exec($curl);
curl_close($curl);
var_dump($response);

以下是回复：

string(1699) "HTTP/1.1 302 Moved Temporarily
Server: nginx/1.9.2
Date: Fri, 28 Aug 2015 14:57:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.10
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: ci_sessions=...; expires=Sat, 27-Aug-2016 14:57:21 GMT; Max-Age=31536000; path=/; httponly
Location: http://example.com/authorization/setVkorgInfo

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.9.2
Date: Fri, 28 Aug 2015 14:57:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.10
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: ci_sessions=...; expires=Sat, 27-Aug-2016 14:57:21 GMT; Max-Age=31536000; path=/; httponly
Set-Cookie: VKORG=5000; expires=Sat, 27-Aug-2016 14:57:21 GMT; Max-Age=31536000; path=/
Location: http://example.com/

HTTP/1.1 200 OK
Server: nginx/1.9.2
Date: Fri, 28 Aug 2015 14:57:21 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.10
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: ci_sessions=...; expires=Sat, 27-Aug-2016 14:57:22 GMT; Max-Age=31536000; path=/; httponly

{
    "status": true,
    "arr_messages": [],
    "data": []
}"

当我通过浏览器检索数据时，我在Chrome控制台中看到一个对象，其中包含数据＆＃34;：数组中的所需数据，但在我的脚本中它是空的。我的要求有什么问题？

此处的屏幕截图：http://joxi.ru/XEA48NSQozPAbz

如果我发错了params，我明白了：

{
    "status": false,
    "arr_messages": [
        {
            "id": "123456",
            "login": "MY_LOGIN",
            "type": "E",
            "text": "Error inputs",
            "date": "2015-08-28 22:24:20"
        }
    ],
    "data": []
}

因此，如果我获得状态：true且为空＆＃34; arr_messages＆＃34;然后我发送了正确的请求。

UPD：这是获取内容的AJAX功能：

var getApiAjax=function(url, req, callback, errorcallback, async)
{
    if(typeof(errorcallback)=="undefined")
    {
        errorcalback=function(){return false;}
    }
    if(typeof(async)=="undefined")
    {
        async=true;
    }

    req.FORMAT = "json";
    req.LANG = "ru";
    var xhr=$.ajax(
    {
        url: url+"?"+Math.random(),
        type: "POST",
        data: req,
        async: async,
        dataType: "json",
        success: function(resp)
        {
            var showMes = true;
            if( spinnerModal.isShowSpinner() ){
                spinnerModal.hidePleaseWait(); 
                showMes = false;   
            } 

            if( typeof resp.arr_messages != "undefined" && resp.arr_messages.length ) {
                if (resp.status) {
                    showMessage( resp.arr_messages, callback, resp );
                } else {
                    showMessage( resp.arr_messages, errorcallback, resp );
                }

                if(showMes) informModal.showMessage();
            } else { 
                if (resp.status) {
                    callback( resp );
                } else {
                    errorcallback( resp )
                }
            }                             
        },
        error: function(msg)
        {   
            var arr_messages = new Array();

            if( spinnerModal.isShowSpinner() ) spinnerModal.hidePleaseWait();

            if( typeof msg == "string" )
            {
                arr_messages.push( { 'text' : msg, 'type' : 'E' } );
                showMessage( arr_messages, errorcallback, msg, true );
            }
            else 
            {
                errorcallback();               
            }
        }
    });
    return xhr;
};

我可以从浏览器的控制台调用此功能，并获得我想要的内容

getApiAjax("/search/search/",{
            'QUERY'         : "29061",
            'QUERY_TYPE'    : "2",
            'QUERY_DATA'    : "S1",
            'PKW'           : "X",
            'LKW'           : "X"
        })

屏幕截图：http://joxi.ru/WL211LSbgN42Xq

所以我无法弄清楚卷曲请求有什么问题：（

Answer 1

哇，结果出乎意料的简单:) 我不知道为什么，但是这个网站没有检查cookie的搜索查询。当一个人打开这个网站时，他只能看到登录表单，没有别的，所以如果访问者是一个人，他必须授权访问这个网站，然后访问者能够使用网站的服务，包括搜索。所以我决定我的脚本需要授权。经过一夜不眠之后，我想，如果我擅自提出要求会怎样？＆＃34; （我实际上想看到一些错误消息可以使用），所以我扔掉了我脚本的第一部分：

$curl = curl_init('http://example.com/authorization/login/');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($curl, CURLOPT_COOKIEFILE, 'cookie.txt');
curl_setopt($curl, CURLOPT_REFERER, 'http://example.com/');
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);

curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, [
    'LOGIN' => 'MY_LOGIN',
    'PASSWORD' => 'MY_PASSWORD',
    'REMEMBER' => true,
    'FORMAT' => 'json',
    'LANG' => 'ru'
]);

curl_exec($curl);
curl_close($curl);

并在我的浏览器中启动它。我接下来看到的东西震惊了我）））

string(2856) "HTTP/1.1 100 Continue

HTTP/1.1 200 OK
Server: nginx/1.9.2
Date: Sat, 29 Aug 2015 05:38:54 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.10
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: ci_sessions=.....; expires=Sun, 28-Aug-2016 05:38:55 GMT; Max-Age=31536000; path=/; httponly

{
    "status": true,
    "arr_messages": [],
    "data": {
        "ARTIDINFO": {
            "203653": {
                "ARTID": "203653",
                "PIN": "29061",
                "BRAND": "...",
                "NAME": "...",
                "IMG": "0",
                "NAMEP": []
            },
            "301175": {
                "ARTID": "301175",
                "PIN": "29061",
                "BRAND": "...",
                "NAME": "...",
                "IMG": "1",
                "NAMEP": []
            },
            "1696433": {
                "ARTID": "1696433",
                "PIN": "29061",
                "BRAND": "...",
                "NAME": "...",
                "IMG": "1",
                "NAMEP": []
            }.....

现在我不明白为什么服务器在未经授权的情况下向我发送数据，并且在我通过授权时没有通知O_o

空cURL json响应

1 个答案: