I wan't to login to a ssl site with my php script. If i load the page with the post login form i get a session cookie with the value
JSESSIONID=E180962D04FFCCDCEFF3ACA063347C23; Path=/qisserver; Secure
And the source code of the page shows the session id in the form post destination:
<form method="post" action="https://foo.bar/baz;jsessionid=E180962D04FFCCDCEFF3ACA063347C23?state=user&type=1&category=auth.login&startpage=portal.vm" name="loginform">
If I login i get a new session cookie with a location:
JSESSIONID=91E63CBCE0E309D5ACE2F609453E0D63; Path=/qisserver; Secure
Location=https://foo.bar/baz;jsessionid=91E63CBCE0E309D5ACE2F609453E0D63?state=user&type=0&category=menu.browse&startpage=portal.vm
This is the process in my web browser so far. Now I wrote a php/curl script, which first connects, collects the first cookie and extracts the jsessionid value because it is a part of the form action url.
Second my script should login and store the new cookie but I get an error. I can't tell you more about the error.
Here is my php:
<?php
$username = "foo";
$password = "blubb";
# Define the target and referer web pages
$target = "https://foo.bar/rds?state=user&type=0";
$ref = "https://foo.bar/rds?state=user&type=0";
$useragent = "User-Agent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20100101 Firefox/13.0";
// GET JSESSION ID COOKIE START ////////// ////////// ////////// ////////// ////////// ////////// ////////// //////////
$ch = curl_init();
curl_setopt($ch, CURLOPT_COOKIEJAR, "cookies.txt"); // Cookie management.
curl_setopt($ch, CURLOPT_COOKIEFILE, "cookies.txt");
curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE);
curl_setopt($ch, CURLOPT_HEADER, TRUE);
curl_setopt($ch, CURLOPT_NOBODY, FALSE); // remove body
curl_setopt($ch, CURLOPT_TIMEOUT, 20); // Timeout sek
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt($ch, CURLOPT_URL, $target); // Target site
curl_setopt($ch, CURLOPT_REFERER, $ref); // Referer value
curl_setopt($ch, CURLOPT_VERBOSE, TRUE); // Minimize logs
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); // No certificate
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE); // Follow redirects
curl_setopt($ch, CURLOPT_MAXREDIRS, 5); // Limit redirections to four
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); // Return in string
# Create return array
$header = curl_exec($ch);
# Close PHP/CURL handle
curl_close($ch);
unset($ch);
$cookie = findSessionID($header);
function findSessionID($html){
//extract session id value
$begin = 'JSESSIONID=';
$starnr = strpos($html,$begin);
$starnr += strlen($begin);
$laenge = 32;
$id= substr($html,$starnr,$laenge);
return $id;
}
// GET JSESSION ID COOKIE END ////////// ////////// ////////// ////////// ////////// ////////// ////////// //////////
sleep(2);
// LOGIN START ////////// ////////// ////////// ////////// ////////// ////////// ////////// //////////
$formurl ="https://foo.bar/qisserver/rds?;jsessionid=".$cookie."&state=user&type=1&category=auth.login&startpage=portal.vm";
$query_string = "username=".$username."&submit=%A0Ok%A0&password=".$password;
echo"<br> Rufe URL: ". $formurl ." auf <br> mit Querystring: ". $query_string ."<br>";
$ch = curl_init();
curl_setopt ($ch, CURLOPT_POSTFIELDS, $query_string);
curl_setopt ($ch, CURLOPT_POST, TRUE);
curl_setopt ($ch, CURLOPT_HTTPGET, FALSE);
curl_setopt($ch, CURLOPT_COOKIEJAR, "cookies.txt");
curl_setopt($ch, CURLOPT_COOKIEFILE, "cookies.txt");
curl_setopt($ch, CURLOPT_COOKIESESSION, FALSE);
curl_setopt($ch, CURLOPT_TIMEOUT, 20);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt($ch, CURLOPT_URL, $formurl);
curl_setopt($ch, CURLOPT_REFERER, $ref);
curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($ch, CURLOPT_MAXREDIRS, 5);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_HEADER, TRUE); // Include head as needed
curl_setopt($ch, CURLOPT_NOBODY, FALSE);
# Create return array
$html = curl_exec($ch);
curl_close($ch);
echo $html;
// LOGIN END ////////// ////////// ////////// ////////// ////////// ////////// ////////// //////////
?>
Thank you very much