我无法通过 curl 登录网站
I can not log in to the site through curl
我不明白我做错了什么。有一个服务站点:https://demo.moneta.ru/login.htm。带有令牌的通常形式。我敲了敲页面,保存了 cookie,从表单中取出令牌。我从表单数据发送到地址的下一个请求。使用 cookie 和令牌。我得到一个无花果。 401.
我检查了一切,我发送相同的数据,相同的 headers。告诉我,我错过了什么?
$receipt = new Receipt;
$receipt->get_scrf();
echo $receipt->get_auth();
Class Receipt {
private $scrf;
private $login_page_url = 'https://demo.moneta.ru/login.htm';
private $login_action_url = 'https://demo.moneta.ru/login';
private $login = 'LOGIN';
private $password = "PASSWORD";
public function get_auth(){
$headers = [
'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9',
'Accept-Encoding: gzip, deflate, br',
'Accept-Language: ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7',
'Cache-Control: max-age=0',
'Origin: https://demo.moneta.ru',
'Referer: https://demo.moneta.ru/login.htm',
'Sec-Fetch-Dest: document',
'Sec-Fetch-Mode: navigate',
'Sec-Fetch-Site: same-origin',
'Sec-Fetch-User: ?1',
'Upgrade-Insecure-Requests: 1',
'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36',
'Content-Type: application/x-www-form-urlencoded',
'Connection: keep-alive'
];
$post = [
'state' => $this->scrf,
'target' => 'desktop',
'login' => $this->login,
'password' => $this->password
];
return $this->get_page($this->login_action_url, $post, $headers);
}
public function get_scrf(){
$page_html = $this->get_page($this->login_page_url);
preg_match('/\<input\ type\=\"hidden\"\ name\=\"state\"\ value\=\"([0-9a-z\-]+)\"\>/', $page_html, $matches, PREG_OFFSET_CAPTURE);
if(isset($matches[1][0])){
$this->scrf = $matches[1][0];
return $matches[1][0];
}
return null;
}
private function get_page($url, $post=null, $headers=null){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url );
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_COOKIEJAR, dirname(__FILE__).'/cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, dirname(__FILE__).'/cookie.txt');
curl_setopt($ch, CURLOPT_POST, $post!==null );
if($headers){
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
}
if($post){
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
}
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
}
Request from browser
你有
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
其中 $post 是关联数组。
If value is an array, the Content-Type header will be set to multipart/form-data.
这不是表单的行为,并且与您明确设置的 Content-Type header 冲突:
'Content-Type: application/x-www-form-urlencoded'
尝试将 POST 数据作为 URL-encoded 字符串传递给 curl_setopt($ch, CURLOPT_POSTFIELDS, ...;
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query( $post ) );
我不明白我做错了什么。有一个服务站点:https://demo.moneta.ru/login.htm。带有令牌的通常形式。我敲了敲页面,保存了 cookie,从表单中取出令牌。我从表单数据发送到地址的下一个请求。使用 cookie 和令牌。我得到一个无花果。 401.
我检查了一切,我发送相同的数据,相同的 headers。告诉我,我错过了什么?
$receipt = new Receipt;
$receipt->get_scrf();
echo $receipt->get_auth();
Class Receipt {
private $scrf;
private $login_page_url = 'https://demo.moneta.ru/login.htm';
private $login_action_url = 'https://demo.moneta.ru/login';
private $login = 'LOGIN';
private $password = "PASSWORD";
public function get_auth(){
$headers = [
'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9',
'Accept-Encoding: gzip, deflate, br',
'Accept-Language: ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7',
'Cache-Control: max-age=0',
'Origin: https://demo.moneta.ru',
'Referer: https://demo.moneta.ru/login.htm',
'Sec-Fetch-Dest: document',
'Sec-Fetch-Mode: navigate',
'Sec-Fetch-Site: same-origin',
'Sec-Fetch-User: ?1',
'Upgrade-Insecure-Requests: 1',
'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36',
'Content-Type: application/x-www-form-urlencoded',
'Connection: keep-alive'
];
$post = [
'state' => $this->scrf,
'target' => 'desktop',
'login' => $this->login,
'password' => $this->password
];
return $this->get_page($this->login_action_url, $post, $headers);
}
public function get_scrf(){
$page_html = $this->get_page($this->login_page_url);
preg_match('/\<input\ type\=\"hidden\"\ name\=\"state\"\ value\=\"([0-9a-z\-]+)\"\>/', $page_html, $matches, PREG_OFFSET_CAPTURE);
if(isset($matches[1][0])){
$this->scrf = $matches[1][0];
return $matches[1][0];
}
return null;
}
private function get_page($url, $post=null, $headers=null){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url );
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_COOKIEJAR, dirname(__FILE__).'/cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, dirname(__FILE__).'/cookie.txt');
curl_setopt($ch, CURLOPT_POST, $post!==null );
if($headers){
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
}
if($post){
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
}
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
}
Request from browser
你有
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
其中 $post 是关联数组。
If
valueis an array, the Content-Type header will be set to multipart/form-data.
这不是表单的行为,并且与您明确设置的 Content-Type header 冲突:
'Content-Type: application/x-www-form-urlencoded'
尝试将 POST 数据作为 URL-encoded 字符串传递给 curl_setopt($ch, CURLOPT_POSTFIELDS, ...;
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query( $post ) );