6

我正在尝试使用 php + curl 登录 twitter,但我认为我的请求有问题,因为我得到了以下响应:

技术上有问题。

感谢您的关注——我们将修复它并尽快让一切恢复正常。

我正在使用的 php 代码是:

<?php
            $ch = curl_init($sTarget);
            curl_setopt($ch, CURLOPT_HEADER, false);
            curl_setopt($ch, CURLOPT_POST, true);
            curl_setopt($ch, CURLOPT_POSTFIELDS, $sPost);
            curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
            curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
            curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
            curl_setopt($ch, CURLOPT_COOKIESESSION, true);
            curl_setopt($ch, CURLOPT_COOKIEJAR, $_CKS);
            curl_setopt($ch, CURLOPT_COOKIEFILE, $_CKS);
            curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
            curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-type: multipart/form-data"));
            curl_setopt($ch, CURLOPT_REFERER, "https://twitter.com");

?>

$sPost 看起来像这样:

session[username_or_email]=user&session[password]=password&remember_me=1&scribe_log=&redirect_after_login=&authenticity_token=6e706165609354bd7a92a99cf94e09140ea86c6f

该代码首先获取登录表单字段,以便发布变量确实具有正确的值(身份验证令牌)。我只是尝试了一切,是的,我知道有一个 api,但为了学习,我宁愿找出如何手动操作。

提前致谢。

4

2 回答 2

9

CURLOPT_COOKIESESSION 用于指示新会话。这不是您想要的,因为您需要在第二篇文章中发送会话 cookie。

我得到了 twitter 登录以使用此代码:

<?php

# First call gets hidden form field authenticity_token
# and session cookie
$ch = curl_init();
$sTarget = "https://twitter.com/";
curl_setopt($ch, CURLOPT_URL, $sTarget);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($ch, CURLOPT_COOKIEFILE, "/tmp/cookie.txt");
curl_setopt($ch, CURLOPT_REFERER, "https://twitter.com/");
$html = curl_exec($ch);

# parse authenticity_token out of html response
preg_match('/<input type="hidden" value="([a-zA-Z0-9]*)" name="authenticity_token"\/>/', $html, $match);
$authenticity_token = $match[1];

$username = "your@email.com";
$password = "password";

# set post data
$sPost = "session[username_or_email]=$username&session[password]=$password&return_to_ssl=true&scribe_log=&redirect_after_login=%2F&authenticity_token=$authenticity_token";

# second call is a post and performs login
$sTarget = "https://twitter.com/sessions";
curl_setopt($ch, CURLOPT_URL, $sTarget);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $sPost);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, false);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-type: application/x-www-form-urlencoded"));

# display server response
curl_exec($ch);
curl_close($ch);

?>

PS:很抱歉第一次没有正确阅读您的帖子。

于 2013-05-09T08:29:23.757 回答
2

I noticed two things:

1) Try to URL encode your POST data

such as: session%5Busername_or_email%5D=user&session%5Bpassword%5D=password...

instead of: session[username_or_email]=user&session[password]=password...

2) twitter has a hidden field named authenticity_token in the login form. It is bound to the session. Thus you cannot use a static authenticity_token, you have to read the login form first and use the authenticity_token field from there.

Hope that helps.

于 2013-05-08T14:48:34.780 回答