使用cURL针对PHP进行C ++身份验证

时间:2018-08-26 14:06:06

标签: php c++ curl libcurl

我正在尝试让我的c ++应用程序对Web数据库进行身份验证。为此,我有一个用于用户/密码的简单html表单,该表单触发了身份验证php脚本。

由于很难完全理解cURL,因此很难理解。 现在,我可以将数据发送到html表单,但是我什至不知道即时消息是否运行正常。

理想情况下,我希望您教我如何做以及如何阅读回复。我的意思是,如果登录正确,如何让C ++知道?

我拥有的所有代码:

HTML 

<html>
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>
<form method="post" action="check.php">
    <input type="text" name="uname"/>
    <input type="password" name="password"/>
    <input type="submit"/>
</form>
</html>

PHP 

<?php
$fileDir = '/var/www/html/forums/';
require($fileDir . '/src/XF.php');
XF::start($fileDir);
$app = \XF::setupAPP('XF\App');

$username = $_POST['uname']; $password = $_POST['password'];

$ip = $app->request->getIp();
$loginService = $app->service('XF:User\Login', $username, $ip);

$userValidate = $loginService->validate($password, $error);
if(!$userValidate)
{
    //Not good pass / user
    $data = ['validated' => false];
}
else $data = ['validated' => true];

header('Content-type: application/json');
echo json_encode($data);
?>

C ++ 

#include "stdafx.h"
#include <iostream>
#include <stdio.h>
#include <curl/curl.h>

using namespace std;

int main()
{
char username[20];
char password[25];

cout << "Username: ";
cin >> username;
cout << "Password: ";
cin >> password;

/*------------------------------------------*/

CURL *curl;
CURLcode res;

curl_global_init(CURL_GLOBAL_ALL);

curl = curl_easy_init();
if (curl) {
    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
    curl_easy_setopt(curl, CURLOPT_URL, "https://localhost/index.hmtl");
    curl_easy_setopt(curl, CURLOPT_POSTFIELDS, "uname=?&password=?", username, password);

    res = curl_easy_perform(curl);

    if (res != CURLE_OK) {
        fprintf(stderr, "curl_easy_perform() failed: %s\n", curl_easy_strerror(res));
    }
    curl_easy_cleanup(curl);
}
curl_global_cleanup();
}

编辑:工作解决方案 

#include "stdafx.h"
#include <iostream>
#include <stdio.h>
#include <string>
#include <curl/curl.h>

using namespace std;

string urlencode(const string &str) {
char *escaped = curl_escape(str.c_str(), str.length());
if (escaped == NULL) throw runtime_error("curl_escape failed!");

string ret = escaped;
curl_free(escaped);
return ret;
}

size_t my_write_function(const void * indata, const size_t size, const    size_t count, void *out) {
(*(string*)out).append((const char*)indata, size*count);
return size * count;
}

int main()
{
string username;
string password;

cout << "Username: ";
getline(cin, username);
cout << "Password: ";
getline(cin, password);

/*------------------------------------------*/

CURL *curl;
CURLcode res;

curl_global_init(CURL_GLOBAL_ALL);

curl = curl_easy_init();
if (curl) {
    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
    curl_easy_setopt(curl, CURLOPT_URL, "https://urlto/index.html");
    curl_easy_setopt(curl, CURLOPT_COPYPOSTFIELDS, string("uname=" + urlencode(username) + "&password=" + urlencode(password)).c_str());

    string response;
    curl_easy_setopt(curl, CURLOPT_URL, "https://urlto/check.php");
    curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, my_write_function);
    curl_easy_setopt(curl, CURLOPT_WRITEDATA, &response);
    res = curl_easy_perform(curl);

    //cout << "Response from website: " << response << endl;
    if (response.find("true") == string::npos) {
        cout << "Failed to login";
    }
    else cout << "Log in successful";

    if (res != CURLE_OK) {
        fprintf(stderr, "curl_easy_perform() failed: %s\n", curl_easy_strerror(res));
    }
    curl_easy_cleanup(curl);
}
curl_global_cleanup();
}

1 个答案:

答案 0 :(得分:0)

i dont even know if im doing properly.-好吧,您的代码中肯定有一些错误,

首先,如果用户名超过20个字节或密码超过25个字节,您会怎么办?尝试

string username;
getline(cin, username);

相反。 c ++将根据需要不断增加用户名的大小,直到您用完ram为止。

,我看到您正在使用CURLOPT_POSTFIELDS(并且错误地),直到您知道自己在做什么,我建议您改为使用CURLOPT_COPYPOSTFIELDS。 (顺便说一句,我几乎总是自己使用COPYPOSTFIELDS)这行是错误的:

curl_easy_setopt(curl, CURLOPT_POSTFIELDS, "uname=?&password=?", username, password);`

因为curl_easy_setopt()仅接受3个参数,但是您尝试赋予它5个。我不认为它甚至可以编译,但是即使可以编译,它在运行时也肯定不起作用。 尝试像这样:

string urlencode(const string& str)
{
    char *escaped = curl_escape(str.c_str(), str.length());
    if (unlikely(escaped==NULL))
    {
        throw runtime_error("curl_escape failed!");
    }
    string ret = escaped;
    curl_free(escaped);
    return ret;
}

curl_easy_setopt(curl, CURLOPT_COPYPOSTFIELDS, string("uname="+urlencode(username)+"&password="+urlencode(password)).c_str());

关于读取(和捕获)输出,有很多方法可以完成,但是如何钩住CURLOPT_WRITEFUNCTION呢?可能会起作用,例如:

size_t my_write_function( const void * indata, const size_t size, const size_t count, void *out){
    (*(string*)out).append((const char*)indata,size*count);
    return size*count;
}

然后

string response;
curl_easy_setopt(curl,CURLOPT_WRITEFUNCTION,my_write_function);
curl_easy_setopt(curl,CURLOPT_WRITEDATA,&response);
    res = curl_easy_perform(curl);
cout << "response from website: " << response << endl;

现在,您可以通过检查响应中是否存在字符串“ true”来检查是否登录(因为如果存在,它应该响应{validated:true}之类的东西),例如

if(response.find("true")==string::npos){
    cout << "failed to authenticate!";
}else{
    cout << "authenticated successfully!";
}

(还有一个警告,虽然可能很想在CURLOPT_WRITEFUNCTION中使用lambda回调,但这是一个陷阱,当给curl作为回调时,c ++ lambda可能会崩溃...到那儿了,这样做。)

相关问题
最新问题