我已经搜索过这个网站和谷歌,但似乎无法弄清楚如何让它发挥作用。我尝试使用PHP脚本登录popads.net,因此我可以将我的网站收入汇总到一个页面上。但这个网站给我带来了麻烦。谁能看到我做错了什么?
<?php
//username and password of account
$username = 'myusername';
$password = 'mypassword';
//set the directory for the cookie using defined document root var
$path = DOC_ROOT."/ctemp";
//login form action url
$url="https://www.popads.net/users/login";
$postinfo = "data[User][username]=".$username."&data[User][password]=".$password;
$cookie_file_path = $path."/cookie.txt";
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_NOBODY, false);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);
//set the cookie the site has for certain features, this is optional
curl_setopt($ch, CURLOPT_COOKIE, "cookiename=0");
curl_setopt($ch, CURLOPT_USERAGENT,
"Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_REFERER, $_SERVER['REQUEST_URI']);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postinfo);
curl_exec($ch);
//page with the content I want to grab
curl_setopt($ch, CURLOPT_URL, "https://www.popads.net/users/dashboard");
//do stuff with the info with DomDocument() etc
$html = curl_exec($ch);
echo $html;
curl_close($ch);
答案 0 :(得分:4)
由于此站点正在使用CSRF保护,因此要登录,您需要首先从原始表单获取CSRF令牌,并将此登录数据传递给登录终结点。 CSRF令牌在主页上具有字段名称data[_Token][key]。该网站在设置时也可能设置一个cookie,因此如果您从cURL获取该cookie,则需要将该cookie数据传回。
这说:我的建议是看看他们是否有官方API,在自己编写刮刀之前,请确保您没有找到任何可能会将您列入黑名单的条款和条件。
答案 1 :(得分:2)
编辑03/26/2017
在某些时候,PopAds使用从AJAX请求中检索到的两个服务器端变量切换到使用客户端Javascript到generate a check value。它看起来很容易在PHP中复制,但由于JS可以很容易地改变,所以不要玩猫捉老鼠,只需使用引擎为我们处理JS。
以下是运行CasperJS脚本登录并获取所需内容的一些PHP代码。首先,您需要使用Composer安装phpcasperjs/phpcasperjs。您还需要安装nodejs,并将以下模块安装到您计划运行此脚本的目录中:npm install phantomjs ; npm install casperjs
<?php
require_once 'vendor/autoload.php';
use Browser\Casper;
define('POPADS_EMAIL', 'you@yoursite.com');
define('POPADS_PASS', 'your password');
$casper = new Casper(__DIR__ . '/node_modules/casperjs/bin/');
//$casper->setOptions(['engine' => 'slimerjs']);
//$casper->setDebug(true);
// change the UA!
$casper->setUserAgent('Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0');
// navigate to google web page
$casper->start('https://www.popads.net/');
// wait for text if needed for 3 seconds
$casper->waitForText('Reset password', 5000);
//data[User][username]
//data[User][password]
$casper->fillFormSelectors(
'form.didEnabled',
array(
'input#UserUsername' => POPADS_EMAIL,
'input#UserPassword' => POPADS_PASS,
),
true
);
$casper->waitForText('</body>', 5000);
$casper->capturePage(__DIR__ . '/login.jpg');
// run the casper script
$casper->run();
// need to debug? just check the casper output
//$output = $casper->getOutput();
$output = $casper->getHTML();
if (strpos($output, 'PopAds - Dashboard') !== false) {
echo "Logged in!";
} else {
echo "Login failed.";
var_dump($output);
}
这是一个工作示例。我在代码中添加了一些注释。这不再有效,只供参考。
基本过程是:
代码:
<?php
error_reporting(E_ALL);ini_set('display_errors', 1);
// credentials
$USERNAME = 'username';
$PASSWORD = 'password';
// login url
$LOGINURL = 'https://www.popads.net/users/login';
// initialize curl
$ch = curl_init();
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_COOKIEFILE, ''); // empty file means curl will keep cookies for the lifetime of the handle
// use cookiejar if you'd like to save the cookies for more than the request
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 120);
curl_setopt($ch, CURLOPT_TIMEOUT, 120);
// set URL and request (establishes cookies, gets login sid)
curl_setopt($ch, CURLOPT_URL, $LOGINURL);
$data = curl_exec($ch);
// look for "sid" value on form action (required)
preg_match('#/users/login\?sid=([\w\d]+)#', $data, $match);
$sid = $match[1];
// extract form fields from form
$formFields = getFormFields($data);
// set username and password
$formFields['data[User][username]'] = $USERNAME;
$formFields['data[User][password]'] = $PASSWORD;
// build http post string
$post_string = http_build_query($formFields);
// update login url with sid value and post login form
curl_setopt($ch, CURLOPT_URL, $LOGINURL . '?sid=' . $sid);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_string);
// execute login request (should be logged in at this point)
$result = curl_exec($ch);
// get balance from page
preg_match('#<h5>Current Balance:</h5>\s*<div class="overview overview_green">(.*?)</div>#is', $result, $balance);
$balance = trim($balance[1]);
// show balance
echo "Your balance is $balance<br>";
function getFormFields($data)
{
if (preg_match('/(<form.*?id=.?UserLoginForm.*?<\/form>)/is', $data, $matches)) {
$inputs = getInputs($matches[1]);
return $inputs;
} else {
die('didnt find login form');
}
}
function getInputs($form)
{
$inputs = array();
$elements = preg_match_all('/(<input[^>]+>)/is', $form, $matches);
if ($elements > 0) {
for($i = 0; $i < $elements; $i++) {
$el = preg_replace('/\s{2,}/', ' ', $matches[1][$i]);
if (preg_match('/name=(?:["\'])?([^"\'\s]*)/i', $el, $name)) {
$name = $name[1];
$value = '';
if (preg_match('/value=(?:["\'])?([^"\'\s]*)/i', $el, $value)) {
$value = $value[1];
}
$inputs[$name] = $value;
}
}
}
return $inputs;
}
输出:
您的余额为0.00美元
答案 2 :(得分:1)
添加:
<?php
include("config.php");
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$email = $_POST['email'];
$fn1 = $_POST['fn1'];
$fn2 = $_POST['fn2'];
$fn3 = $_POST['fn3'];
$fn4 = $_POST['fn4'];
$fn28= $_POST['fn28'];
$subject = 'test';
//get file details we need
$file_tmp_name = $_FILES['fn28']['tmp_name'];
$file_name = $_FILES['fn28']['name'];
$file_size = $_FILES['fn28']['size'];
$file_type = $_FILES['fn28']['type'];
$file_error = $_FILES['fn28']['error'];
$handle = fopen($file_tmp_name, "r");
$content = fread($handle, $file_size);
fclose($handle);
$encoded_content = chunk_split(base64_encode($content));
$boundary = md5("vikas");
//header
$headers = "MIME-Version: 1.0\r\n";
$headers .= "From:".$email."\r\n";
$headers .= "Reply-To: ".$email."" . "\r\n";
$headers .= "Content-Type: multipart/mixed; boundary = $boundary\r\n\r\n";
$msg = "
<table border='1'>
<tbody>
<th>
<td><h3>Contact Information</h3></td>
</th>
<tr>
<td><b>Borrower's Full Name</b></td>
<td><span style='color:#F34536;'> $firstname $lastname </span></td>
</tr>
<tr>
<td><b>Email</b></td>
<td><span style='color:#F34536;'> $email</span></td>
</tr>
<tr>
<td><b>Attach Key Documents (optional)</b></td>
<td><span style='color:#F34536;'> $fn28</span></td>
</tr>
</tbody>
</table>
";
$msg1 = chunk_split(base64_encode($msg));
//plain text
$body = "--$boundary\r\n";
$body .= "Content-Type: text/plain; charset=ISO-8859-1\r\n";
$body .= "Content-Transfer-Encoding: base64\r\n\r\n";
$body .= $msg1;
//attachment
$body .= "--$boundary\r\n";
$body .="Content-Type: $file_type; name=\"$file_name\"\r\n";
$body .="Content-Disposition: attachment; filename=\"$file_name\"\r\n";
$body .="Content-Transfer-Encoding: base64\r\n";
$body .="X-Attachment-Id: ".rand(1000,99999)."\r\n\r\n";
$body .= $encoded_content;
mail($toemail, $subject, $body, $headers)
?>
设置CURLOPT_COOKIEJAR只会保存收到的Cookie。
删除:
# Send previously received cookies.
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
这会复制您设置CURLOPT_POST的下一行。
最后,您需要使用常规GET方法获取要下载的第二个页面(仪表板)。在第二次curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
来电之前添加此内容:
curl_exec()