我正在制作一个需要使用curl对Exchange 2010 Outlook Web Access进行身份验证的Web门户,我在线找到了一个脚本,但是如果我使用正确的密码或错误的密码,它仍然表示执行php代码时登录成功。
# !/usr/bin/php5
<?php
# OWA Login Check
# Written by Scott Milliken
# Modified by Chris Funderburg for Exchange 2007 - May 21, 2010
# Permission granted to use under the GPL
$username = "username";
$password = "password";
# You can just use the base URL for your default mailbox
# or you can add on to it to specify a group mailbox
# $mailboxURL = "https://email.mydomain.com" for default
# or for a shared NOC mailbox in the IT department...
$mailboxURL = "https://youdomain/owa/";
$authURL = "https://yourdomain/owa/auth/logon.aspx?url=https://remote.vneonline.com/owa/&reason=0";
# First go to the URL that a user would use so that you can get your session cookie set
$pg = curl_init();
curl_setopt( $pg, CURLOPT_URL, $mailboxURL );
curl_setopt( $pg, CURLOPT_USERAGENT, "Mozilla/5.0 (compatible; MSIE 5.01; Windows NT 5.0)" );
curl_setopt( $pg, CURLOPT_FOLLOWLOCATION, true );
# You need to define a cookie jar to store and retrieve
# the session cookies or this won't work
curl_setopt( $pg, CURLOPT_COOKIEJAR, "cookies.txt" );
curl_setopt( $pg, CURLOPT_COOKIEFILE, "cookies.txt" );
curl_setopt( $pg, CURLOPT_HEADER, false );
curl_setopt( $pg, CURLOPT_RETURNTRANSFER, true );
# Setting these to false is handy for checking multiple
# frontends that may share the same SSL cert, such as
# ones in a round robin DNS scheme, but you address
# them by the "real name" of the host
curl_setopt( $pg, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt( $pg, CURLOPT_SSL_VERIFYHOST, false );
# Set this to true for debugging
curl_setopt( $pg, CURLOPT_VERBOSE, false );
$response = curl_exec( $pg );
$info = curl_getinfo( $pg );
# Set the form data for posting the login information
$postData = array();
$postData["url"] = $mailboxURL;
$postData["reason"] = "0";
$postData["destination"] = $mailboxURL;
$postData["flags"] = "0";
$postData["username"] = $username;
$postData["password"] = $password;
$postData["SubmitCreds"] = "Log On";
$postText = "";
foreach( $postData as $key => $value ) {
$postText .= $key . "=" . $value . "&";
}
curl_setopt( $pg, CURLOPT_REFERER, $info["url"] );
curl_setopt( $pg, CURLOPT_URL, $authURL );
curl_setopt( $pg, CURLOPT_POST, true );
curl_setopt( $pg, CURLOPT_POSTFIELDS, $postText );
$response = curl_exec( $pg );
# At this point you can either print the following
# status to show the result of logging in, or you
# can make another call to the web server for the
# individual frames, such as
# $mailboxURL . "/Inbox/?Cmd=contents" will give you
# the listing of inbox headers (if you call curl again)
$info = curl_getinfo( $pg );
$needle = "Connected to Microsoft Exchange";
if ( strpos( $response, $needle ) )
printf( "OK - Logon to OWA successful.\n" );
else
printf( "Critical - Logon to OWA failed.\n" );
?>
我需要能够使用curl php进行正确的身份验证。