PHP:发送请求登录后的网站

时间:2017-10-22 12:56:06

标签: php http-post

我有这个POST请求登录网站:

http://xxxx.net-kont.it/

POST / HTTP/1.1
Host: xxxx.net-kont.it
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0
Accept: */*
Accept-Language: it-IT,it;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: http://xxxx.net-kont.it/
Content-Length: 1904
Cookie: ASP.NET_SessionId=s44bymd3lm4dsykvymjljv5s
Connection: keep-alive

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: SSOAuth=EDCCFF8CD40064D70B3377CD0389FF7F807F0B774F2CE1CA6C015314911D3D69AB819EAB9938C14608842D25991D11D8F1A5A94090DB926BD7001C526B1920A51AC986182EB016C323983716720E8F345B54E02E44C65753E9183843D23F569EF3FE52C03FC8567E809A77387B8C; path=/; HttpOnly
X-Powered-By: ASP.NET
Date: Sun, 22 Oct 2017 12:26:40 GMT
Content-Length: 714
----------------------------------------------------------
http://xxxx.net-kont.it/aspx/Empty.aspx?ControllaRichieste=true&CheckCode=29a29a891a7d4d7773f480064e5c869929bcca40e7c84812111f9affbc3be4628a3b7defe8fb9b14f9911be9c6545e7cd31c2fc04b79a8d1e7280e0277264bdcec7428037a43961c3dda5bbd54a2e7ae&wsid=1a57f5e6-bf68-4f2f-9a71-c43e8e8bfbaf&wsnew=false

GET /aspx/Empty.aspx?ControllaRichieste=true&CheckCode=29a29a891a7d4d7773f480064e5c869929bcca40e7c84812111f9affbc3be4628a3b7defe8fb9b14f9911be9c6545e7cd31c2fc04b79a8d1e7280e0277264bdcec7428037a43961c3dda5bbd54a2e7ae&wsid=1a57f5e6-bf68-4f2f-9a71-c43e8e8bfbaf&wsnew=false HTTP/1.1
Host: xxxx.net-kont.it
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: it-IT,it;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: http://xxxx.net-kont.it/
Cookie: ASP.NET_SessionId=s44bymd3lm4dsykvymjljv5s; SSOAuth=EDCCFF8CD40064D70B3377CD0389FF7F807F0B774F2CE1CA6C015314911D3D69AB819EAB9938C14608842D25991D11D8F1A5A94090DB926BD7001C526B1920A51AC986182EB016C323983716720E8F345B54E02E44C65753E9183843D23F569EF3FE52C03FC8567E809A77387B8C
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sun, 22 Oct 2017 12:26:40 GMT
Content-Length: 95935
----------------------------------------------------------

发布请求标头需要以下字段:

    '__LASTFOCUS' => '',
    '__EVENTTARGET' => '',
    '__EVENTARGUMENT' => '',
    '__VIEWSTATE' => $viewstate,
    '__VIEWSTATEGENERATOR' => $viewstategenerator,
    'ctl00$hwsid' => $hwsid,
    'ctl00$PageSessionId' => $pagesessionid,
    'ctl00$DefaultUrl' => $defaulturl,
    'ctl00$GenericErrorUrl' => $genericerrorurl,
    'ctl00$PopupElement' => '',
    'ctl00$PollingTimeoutSecs' => $pollingtimeoutsecs,
    'ctl00$bodyContent$txtUser' => $user,
    'ctl00$bodyContent$txtPassword' => $password,
    '__CALLBACKID' => '__Page',
    '__CALLBACKPARAM' => '"hwsid="'.$hwsid.'"&PageSessionId="'.$pagesessionid.'"&DefaultUrl="'.$defaulturl.'"&GenericErrorUrl="'.$genericerrorurl.'"&PopupElement="'.'"&PollingTimeoutSecs="'.$pollingtimeoutsecs.'"&txtUser="'.$user.'"&txtPassword="'.$password,
    '__EVENTVALIDATION' => $eventvalidation

根据对帖子请求的分析,您会注意到通过发送从网站“ASP.NET_SessionId =”获得的第一个cookie,您会立即获得一个额外的身份验证cookie“SSOAuth =” 如何获取第二个cookie“SSOAuth =”以便我可以访问该站点?我试过这段代码:

 $user = "xx";  
 $password = "xx";

 $url = 'http://xxx.it/Default.aspx';
 $contents = file_get_contents($url);

 $dom = new DOMDocument;
 $dom->loadHTML($contents);

 $xpath = new DOMXpath($dom);

 $eventvalidation = $xpath->query('//*[@name="__EVENTVALIDATION"]')->item(0)->getAttribute('value');
 $viewstate = $xpath->query('//*[@name="__VIEWSTATE"]')->item(0)->getAttribute('value');
 $viewstategenerator = $xpath->query('//*[@name="__VIEWSTATEGENERATOR"]')->item(0)->getAttribute('value');
 $hwsid = $xpath->query('//*[@name="ctl00$hwsid"]')->item(0)->getAttribute('value'); 
 $pagesessionid = $xpath->query('//*[@name="ctl00$PageSessionId"]')->item(0)->getAttribute('value');
 $defaulturl = $xpath->query('//*[@name="ctl00$DefaultUrl"]')->item(0)->getAttribute('value');
 $genericerrorurl = $xpath->query('//*[@name="ctl00$GenericErrorUrl"]')->item(0)->getAttribute('value');
 $pollingtimeoutsecs = $xpath->query('//*[@name="ctl00$PollingTimeoutSecs"]')->item(0)->getAttribute('value');

 $cookies = array_filter(
   $http_response_header,
   function($v) {return strpos($v, "Set-Cookie:") === 0;}
 );
 $headers = [
 "Accept-language: it-IT,it;q=0.8,en-US;q=0.5,en;q=0.3",
 "Content-Type: application/x-www-form-urlencoded; charset=utf-8",
 "User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0",
 ];
 foreach ($cookies as $cookie) {
  $headers[] = preg_replace("/^Set-/", "", $cookie);
}

$request = array(
 'http' => array(
 'method' => 'POST',
 'timeout' => 0,
 'header'=> $headers,
    'content' => http_build_query(array(
    '__LASTFOCUS' => '',
    '__EVENTTARGET' => '',
    '__EVENTARGUMENT' => '',
    '__VIEWSTATE' => $viewstate,
    '__VIEWSTATEGENERATOR' => $viewstategenerator,
    'ctl00$hwsid' => $hwsid,
    'ctl00$PageSessionId' => $pagesessionid,
    'ctl00$DefaultUrl' => $defaulturl,
    'ctl00$GenericErrorUrl' => $genericerrorurl,
    'ctl00$PopupElement' => '',
    'ctl00$PollingTimeoutSecs' => $pollingtimeoutsecs,
    'ctl00$bodyContent$txtUser' => $user,
    'ctl00$bodyContent$txtPassword' => $password,
    '__CALLBACKID' => '__Page',
    '__CALLBACKPARAM' => '"hwsid="'.$hwsid.'"&PageSessionId="'.$pagesessionid.'"&DefaultUrl="'.$defaulturl.'"&GenericErrorUrl="'.$genericerrorurl.'"&PopupElement="'.'"&PollingTimeoutSecs="'.$pollingtimeoutsecs.'"&txtUser="'.$user.'"&txtPassword="'.$password,
    '__EVENTVALIDATION' => $eventvalidation,
    'ctl00$bodyContent$btnLogin' => 'Conferma'

   )),
  )
 );

 echo "<hr/>";
 $context = stream_context_create($request);

 $data = file_get_contents($url, false, $context);

 echo htmlentities($data);

但是我收到“身份验证失败”的以下输出:

<Notification><Error Code="" Alert="True" ClosePopup="True" Fatal="False" Message="Autenticazione fallita." /></Notification>

3 个答案:

答案 0 :(得分:3)

会话将在HTTP Headers中,file_get_contents只获取HTTP Body,因此您将丢失&#34;元数据&#34;其中发送你的cookie。

我真的建议使用比这更高级的东西。 @Tarun Lalwani建议你卷曲。可以实现这一点的卷曲,虽然我更喜欢使用更直观的内容作为Guzzle http://docs.guzzlephp.org/en/stable/

Guzzle使用PSR-7 http://www.php-fig.org/psr/psr-7/

这是一个Guzzle用例,您可以看到访问标题的容易程度:

$client = new GuzzleHttp\Client();
$res = $client->request('GET', 'https://api.github.com/user', [
    'auth' => ['user', 'pass']
]);
echo $res->getStatusCode();
// "200"
echo $res->getHeader('content-type');
// 'application/json; charset=utf8'
echo $res->getBody();
// {"type":"User"...'

答案 1 :(得分:2)

我已经解决了!比预期更容易....在这里我只需要删除引号&#34; :

    '__CALLBACKPARAM' => '"hwsid="'.$hwsid.'"&PageSessionId="'.$pagesessionid.'"&DefaultUrl="'.$defaulturl.'"&GenericErrorUrl="'.$genericerrorurl.'"&PopupElement="'.'"&PollingTimeoutSecs="'.$pollingtimeoutsecs.'"&txtUser="'.$user.'"&txtPassword="'.$password,

转换为:

 '__CALLBACKPARAM' => 'hwsid='.$hwsid.'&PageSessionId='.$pagesessionid.'&DefaultUrl='.$defaulturl.'&GenericErrorUrl='.$genericerrorurl.'&PopupElement='.'&PollingTimeoutSecs='.$pollingtimeoutsecs.'&txtUser='.$user.'&txtPassword='.$password,

答案 2 :(得分:-3)

看起来您正试图直接从网站解析数据,您是否考虑过让网站所有者建立API?无论如何,我建议使用phantomjs,这样刮板代码就更简单了,流量和其他JS对策也更容易解决。

相关问题
最新问题