0

我正在尝试使用 CURL 和 PHP 登录 Vimeo.com,Vimeo login

为了提供 CURL 使用的数据(cookie 和字段数据),我使用浏览器扩展从网页中读取字段数据并获取 cookie。然后我将该数据传递到我的服务器并尝试使用 curl 登录。

我非常肯定浏览器扩展部分可以正常工作(获取正确的数据),因为我可以验证它传递的内容与它应该传递的内容,并且它正确匹配。

此外,我也在其他网站上使用过它,登录没有问题,但在 vimeo 上,exec 返回false.

有什么想法吗?

function curlpage(){
    $ch = curl_init();
    $url = $this->input->post('url');
    $data = $this->input->post('data');
    $cookie = $this->input->post('cookie');
    $method = $this->input->post('method');
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_POSTFIELDS,$data);
    if(strtolower($method)=="put"){
        curl_setopt($ch, CURLOPT_PUT, 1);
    }
    else{
        curl_setopt($ch, CURLOPT_PUT, 0);
    }
    if(strtolower($method)=="get"){
        curl_setopt($ch, CURLOPT_HTTPGET, 1);
    }
    else{
        curl_setopt($ch, CURLOPT_HTTPGET, 0);
    }
    if(strtolower($method)=="post"){
        curl_setopt($ch, CURLOPT_POST, 1);
    }
    else{
        curl_setopt($ch, CURLOPT_POST, 0);
    }
    curl_setopt($ch, CURLOPT_FAILONERROR, true);
    curl_setopt($ch, CURLOPT_UNRESTRICTED_AUTH, true);
    curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($ch, CURLOPT_CAINFO, getcwd().'/certificates/BuiltinObjectToken-EquifaxSecureCA.crt');
    curl_setopt($ch, CURLOPT_HEADER, 1);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
    curl_setopt($ch, CURLOPT_COOKIE, $cookie);
    curl_setopt($ch, CURLOPT_VERBOSE, 1);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20100101 Firefox/17.0");
    curl_setopt($ch, CURLOPT_REFERER, $url);
    $error = curl_error($ch);
    $url=curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
    if(!preg_match('/^http(s)?:\/\//', $url)){
        $url = 'http://' . $url;
    }
    $host = parse_url($url, PHP_URL_HOST);
    $page = curl_exec($ch);
    curl_close($ch);
    return array('page'=>$page, 'url'=>$host, 'error'=>$error);
}

这是我发送到服务器上上述函数的数据示例(使用伪造的电子邮件、密码和更改的 cookie):

data=action%253Dlogin%2526service%253Dvimeo%2526email%253Dhou%2540fah.com%2526password%253Dudwt%2526token%253D6b2fc081bcdf02b1f58a390d6a3f8b83
cookie=__utma%3D18392654.1284111214.1456668252.1456678435.1456181183.3%3B__utmb%3D18302654.2.10.1454681883%3B__utmc%3D18232154%3B__utmz%3D17202654.1456675435.2.2.utmcsr%3Dgoogle%7Cutmccn%3D(organic)%7Cutmcmd%3Dorganic%7Cutmctr%3D (未提供 %2520)%3B
方法=POST
url=http%3A%2F%2Fvimeo.com%2Flog_in
4

2 回答 2

1 
$ret = customSendDataByCurl("https://vimeo.com/log_in");
preg_match("/xsrft: \'(.*)\',/i",$ret,$token);
$token = $token[1];
echo "$token <hr>";

$cookie = '(copy from your browser using tamper data)... xsrft='.$token;

$headers = array(
    "Referer: https://vimeo.com/log_in",
    "User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:26.0) Gecko/20100101 Firefox/26.0",
    "Accept: application/json",
    "Accept-Language: en-US,en;q=0.5",
    "X-Requested-With: XMLHttpRequest",
    "X-Request: JSON",
    "Content-Type: application/x-www-form-urlencoded; charset=utf-8",
);
$ret = customSendDataByCurl("https://vimeo.com/log_in?action=warm", "POSTDATA=email=(email url encoded)&token=".$token, $headers, $cookie);


$fields = array(
    "action" => "login",
    "service" => "vimeo",
    "email" => "(email)",
    "password" => "(pass)",
    "token" => $token,
);
$headers = array(
    "Referer: https://vimeo.com/log_in",
    "User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:26.0) Gecko/20100101 Firefox/26.0",
    "Content-Type: application/x-www-form-urlencoded; charset=utf-8",
);
$ret = customSendDataByCurl("https://vimeo.com/log_in", http_build_query($fields), $headers, $cookie);
$ret = customSendDataByCurl("https://vimeo.com/stats/video/84142281/totals/export:csv", http_build_query($fields), $headers, $cookie);
var_export($ret);

function customSendDataByCurl($agateway, $apostfields=null, $headers=array(), $cookie="") {
    if(is_array($apostfields)) $apostfields = http_build_query($apostfields);

    $cookiesFile = 'cookies.txt';

    $ch = curl_init($agateway);
    curl_setopt($ch, CURLOPT_HEADER, 1);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE); 
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
    curl_setopt( $ch, CURLOPT_COOKIESESSION, true );
    if ($headers) curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
    curl_setopt( $ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.3; WOW64; rv:26.0) Gecko/20100101 Firefox/26.0' );
    curl_setopt($ch,CURLOPT_COOKIEJAR,$cookiesFile);
    curl_setopt($ch,CURLOPT_COOKIEFILE,$cookiesFile);
    curl_setopt($ch, CURLOPT_COOKIE, $cookie);
    if(!empty($apostfields)) curl_setopt($ch, CURLOPT_POSTFIELDS, $apostfields);

    $response = curl_exec($ch);

    if(!$response) $response="CURL #".curl_errno($ch).": ".curl_error($ch);
    return $response;
}
于 2014-01-17T23:07:35.077 回答
0

Vimeo,我实际上发现这是一个奇怪的网站案例。他们不会预先设置所有 cookie,而是设置提交表单时登录所需的某些 cookie。所以我的问题之一是我没有提交所有正确的 cookie 信息。

我的第二个问题是我在发送数据时没有正确编码数据。

总而言之,我现在已经开始工作了!

于 2013-01-06T11:29:51.283 回答