如何在java中更改phpsessid?

时间:2011-11-27 10:10:00

标签: java php

我有一个java代码,在我需要注册的网站上提交多部分表单。我已经在各种脚本上测试了我的脚本,当网站上的cookie看起来像user = username或uid = username等等时,它可以工作,但是当我有像PHPSESSID = xxxxxxxxxxxxxxxxxxxxxxx这样的东西时,id不起作用,我连改变它的价值。请帮帮我!

connection.setRequestMethod("POST");
connection.setDoOutput(true);
connection.setDoInput(true);
connection.setRequestProperty("Content-Type", "multipart/form-data; boundary=" + boundary);
if(is_cookie){
connection.setRequestProperty("Cookie", cookie);
            }
            connection.setRequestProperty("USER-AGENT", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.121 Safari/535.2");
            connection.setRequestProperty("Connection", "Keep-Alive");
            connection.setRequestProperty("Accept-Charset","iso-8859-1,*,utf-8");
            DataOutputStream httpStreamWriter = new DataOutputStream(connection.getOutputStream ());

2 个答案:

答案 0 :(得分:0)

PHPSESSIONID是PHP在服务器端生成的ID。如果您没有该ID,则可能无法向该PHP脚本发送任何数据,因为服务器会通过该ID“识别”该用户。

要回答您的问题:您无法更改该ID。

答案 1 :(得分:0)

是。你可以!

*但这取决于服务器配置

在我的情况下(这是用于教育目的的最小代码):

  • 我通过使用该ID
  • 登录,使用我自己的PHPSESSID创建会话
  • 然后我做了一个多部分的帖子

    try {
    
        String charset = "UTF-8";
        String cookie = "PHPSESSID=aohgsqanei5v2n6su95e0f4vq1";  //custom id
    
        URLConnection connection;
        InputStream response;
    
        // Construct the POST data for login change to desired param/value
        String data = "login=" + URLEncoder.encode(".....", charset) +   
                "&password=" + URLEncoder.encode(".....", charset);
    
        byte[] dataBytes = data.getBytes(charset);
    
        String _url_login_post = "http://www.domain.com/index.php?action=login";
        connection = new URL(_url_login_post).openConnection();
        connection.setDoOutput(true);
        connection.addRequestProperty("Cookie", cookie);
    
        OutputStream outputStream =
                new BufferedOutputStream(connection.getOutputStream());
        outputStream.write(dataBytes);
        outputStream.flush();
    
        response = connection.getInputStream();
        response.read();
    
        //Find the directory for the SD Card using the API
        //*Don't* hardcode "/sdcard"
        File sdcard = Environment.getExternalStorageDirectory();
        File binaryFile = new File(sdcard, "404.jpg"); //must exist on sdcard
    
        String param = "content"; //form data param name 
        String _message = "Message here..."; //form data value
        String delimeter = "------WebKitFormBoundary";
        String delimeter_end = "--";
        String boundary = Long.toHexString(System.currentTimeMillis()); //random
        String CRLF = "\r\n"; // Line separator required by multipart/form-data.
    
        String _url_mpart_post = "http://www.domain.com/index.php?action=user&mode=";
        connection = new URL(_url_mpart_post).openConnection();
    
        connection.setDoOutput(true);
        connection.setDoInput(true);
        connection.setRequestProperty("Content-Type", 
            "multipart/form-data; boundary=----WebKitFormBoundary" + boundary);
        connection.addRequestProperty("Cookie", cookie);
    
        OutputStream output = connection.getOutputStream();
        PrintWriter writer = 
                new PrintWriter(new OutputStreamWriter(output, charset), true);
    
        // Send normal param.
        writer.append(delimeter + boundary).append(CRLF);
        writer.append("Content-Disposition: form-data; name=\"" + 
                param + "\"").append(CRLF);
        writer.append(CRLF).append(_message).append(CRLF).flush();
    
        // Send binary file.
        writer.append(delimeter + boundary).append(CRLF);
        writer.append("Content-Disposition: 
                form-data; name=\"datafile\"; filename=\"" +
                binaryFile.getName() + "\"").append(CRLF);
        writer.append("Content-Type: " 
                URLConnection.guessContentTypeFromName(binaryFile.getName()))
        .append(CRLF);
        writer.append(CRLF).flush();
        file.copy(binaryFile, output);
    
        output.flush(); // Important before continuing with writer!
        writer.append(CRLF).flush(); // CRLF indicates end of boundary.
    
        // End of multipart/form-data.
        writer.append(delimeter + boundary + delimeter_end).append(CRLF).flush();
        writer.close();
    
        response = connection.getInputStream();
        response.read();
    
    } catch (Exception e) { }