php - 来自本地主机的 curl 帖子

Question

我正在尝试使用 curl 模拟来自 FireFox 的 LiveHTTP Replay 的 http 帖子。我相信远程站点有某种验证来检查请求的来源。如果请求来自他们自己的域，那么很好。当我尝试运行 php curl 脚本时，我可以从 Live HTTP 标头中看到我正在发出 GET 请求而不是 POST。除此之外，主机，预计为 www.aliexpress.com 已自动更改为 localhost。

如果我使用 Live HTTP Replay，它工作正常。所以我复制了标题数据并尝试用 curl 实现但无济于事。例如：

http://www.aliexpress.com/cross-domain/shoppingcart/index.html

POST /cross-domain/shoppingcart/index.html HTTP/1.1
Host: www.aliexpress.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:22.0) Gecko/20100101 Firefox/22.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://www.aliexpress.com/store/product/Wireless-N-Wifi-Repeater-802-11N-B-G-Network-Router-Range-Expander-300M-2dBi-Antennas-US/701252_523523529.html
Cookie: ali_apache_id=113.210.130.113.1374818286515.884332.4; ali_apache_track=mt=1|ms=|mid=my1023002521; xman_f=NkltWLLI3tebQbeQzQLiNBd2/KPKX0D81t0DghVMEl/frYuA+aVHnWGevMXWTEPqdLRqlKLbExYQkL61WPSt7Tr0LrdqOLLGM8yY5cBFOvY79qV9R5iTGSd44oPoKZruCpupEK9UBNSiOIf7Go1TN1AiM0ArpkHYTZ4rigCwLp5l2IEPYmFC8UzRnLivCFmLxbDuEewB52ulEop1Y9xtdEr88bjnwci1PldcvTxCmVDiOnm6rRfbnVfMAWaSWIkqQrnOEfwq2B4B/OER9K9IH7EHAMadb9IiOdMo3yavyt4DGWquCAq1izTtU8GE2mRmvi+PZ8WmR+PNOM3zYU4eaWM7uEevjmV2S7kTtlElmJGqxaT5RpSLcxiRxxbYJToejY36QxDf0MIIKTaaJTacVg==; aep_history=product_selloffer%5E%0Aproduct_selloffer%09709591781%091035163509%09523523529; __utma=3375712.263559759.1374818300.1375458795.1375606693.4; __utmz=3375712.1374818300.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); ali_beacon_id=113.210.130.113.1374818286515.884332.4; cna=+/14CsYcs08CAXGC0nFA22WC; xman_us_f=x_locale=en_US&no_popup_today=n&x_user=MY|dexter|wong|ifm|142465266&last_popup_time=1374818565653; u_info=qunLQLajxN+hFYWqPKiksew8tjAelFSu8cj+oG6e7nY=; intl_common_forever=wWZJ4jwSXakD7oylp5nnW9Nwmq8zgJYiqow0UyNV6PEUhc4f0KJghQ==; CoreID6=n; JSESSIONID=F86BD98D5E0CF42A7BE875F648DFA640; ali_apache_tracktmp=W_signed=Y; acs_usuc_t=acs_rt=9af4ec13bf134eb298193f9ac69395dc; acs_t=/iJST0zcbQeKUIQrTj1tDurMpZLQIdanO+zAZzyDlS+blTn+Rwd4skbiIdbQbEDO; __utmc=3375712; xman_t=rr/A0xwWzcNjpVptbDP061VCJ0dhjFwJPMn/JxOmi4eSjWlXq98nD8HBxnqOtR8ZIUClJqCqI39uwIkL6/R0WYQtBiqtFb8R0KGmzoiHDZ4R6dMhSZeEC5Am8y6iywMSG5My1MlUAhuWQI6/EPBlSYOWa8V/3IiNJnCOUd/Wm4DWQt6YHxS12kJbrUZxu2M7HeOquFa8Ga+yB/P0DT0Z9EhRum3S3uBC2+rFkh50z+91raLJiWJ0PV9NqHup3sPpAstiWlmem8QfBps0tFSx7tZn9WkllmyNJsTUYWO0cuxr0gpjWPU72Bb6fsroRovgRZ6xeqDah+WT94rnU2jrRybsL+7JDXmYPYC0GOTHjsSsloHSyGTvoD+FNyS3jGQPoP8KL7NXi+Dq+FrAqOETg3OH2oJp/h7nH5CWcsdojLHTngkABhNnB0ky/YRS8dV0s0oukEDPt+iXVEjQBBsIjAmtVX2fYx8KGRiRNiff/4rehQ4GDZzk2kdfJHItnUSk694SnpAgB6PrkNpGvu8adLjy8W6GuXk2XzujhsCSNkQ+3/uNpEbqoAimkCW+6KjJujJCPYIGevineVzSjMih7eDWpP/5TbgWtyhWKv3F5QbKZzibUq6w/YnerorvCHNPcssWgl0lswk=; __utmb=3375712.4.10.1375606693; xman_us_t=x_lid=my1023002521&sign=y&x_user=RmoP5to3fHwR+VNOC9lIAD7BpyTVa0YBflCR3S4eFIU=&need_popup=y
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 93
productId=523523529&standard=&quantity=7&country=MY&company=CPAM&cartfrom=main_store&skuAttr=

我尝试使用以下内容实现原始标头（上图）：

<?php
// create a new cURL resource

$fields = array(
                        'productId' => 523523529,
                        'standard' => '',
                        'quantity' => 8,
                        'country' => 'MY',
                        'company' => 'CPAM',
                        'cartfrom' => 'main_store',
                        'skuAttr' => ''
                );

foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
rtrim($fields_string, '&');

echo $fields_string . "<br/>";

$ch = curl_init();

// set URL and other appropriate options
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Host: www.aliexpress.com",
                                           "Content-Type: application/x-www-form-urlencoded", 
                                           "Content-length: ". "93",
                                           "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
                                           "Accept-Language: en-US,en;q=0.5",
                                           "Accept-Encoding: gzip, deflate",
                                           "X-Requested-With: XMLHttpRequest"));                                                                        //proceeding with the login.

curl_setopt($ch, CURLOPT_URL, urlencode("http://www.aliexpress.com/cross-domain/shoppingcart/index.html"));
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");

//The encoded url below is referring to the login form for aliexpress.com
curl_setopt($ch, CURLOPT_REFERER, "http%3A%2F%2Fwww.aliexpress.com%2Fstore%2Fproduct%2FDual-sim-I9300-S3-MTK6589-quad-core-android-phone-1G-RAM-4G-ROM-4-7-inch%2F901666_1035163509.html%3FpromotionId%3D210526801");//This tells the server where were you directed from.

curl_setopt($ch,CURLOPT_POST, count($fields));
curl_setopt($ch,CURLOPT_POSTFIELDS, $fields_string);

//curl_setopt($ch, CURLOPT_COOKIESESSION, true);//indicates that this is a new session, i assume this forces the server to assign a new session?
//curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);//follows the redirection that is supplied by the server
curl_setopt($ch, CURLOPT_HEADER, true);
//curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);//THIS IS VERY IMPORTANT! This one of the most common option that is used because this simply means that
                                               //the response from the server is returned as a string rather than output directly.
curl_setopt($ch, CURLOPT_UNRESTRICTED_AUTH, true);//This means to keep sending the login information(username and password) when there is a redirection

$str = curl_exec($ch);

// close cURL resource, and free up system resources
curl_close($ch);
?>

谢谢你的帮助！

问候，德克斯特

Answer 1

尝试设置CURLOPT_POST为真

curl_setopt($ch, CURLOPT_POST, 1);

Answer 2

我认为您应该稍微修改一下代码：

• urlencode设置值时删除CURLOPT_URL
• 从中删除HostandContent-length标头CURLOPT_HTTPHEADER
• 用来http_build_query建立你的$fields_string

出于调试目的，我将响应设置为CURLOPT_RETURNTRANSFERvartrue转储。

我的工作代码

$fields = array(
                        'productId' => 523523529,
                        'standard' => '',
                        'quantity' => 8,
                        'country' => 'MY',
                        'company' => 'CPAM',
                        'cartfrom' => 'main_store',
                        'skuAttr' => ''
                );

$fields_string = http_build_query($fields);

echo $fields_string . "<br/>";

$ch = curl_init();

// set URL and other appropriate options
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded", 
                                           "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
                                           "Accept-Language: en-US,en;q=0.5",
                                           "Accept-Encoding: gzip, deflate",
                                           "X-Requested-With: XMLHttpRequest"));                                                                        //proceeding with the login.

curl_setopt($ch, CURLOPT_URL, "http://www.aliexpress.com/cross-domain/shoppingcart/index.html");
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");

//The encoded url below is referring to the login form for aliexpress.com
curl_setopt($ch, CURLOPT_REFERER, "http://www.aliexpress.com/store/product/Dual-sim-I9300-S3-MTK6589-quad-core-android-phone-1G-RAM-4G-ROM-4-7-inch/901666_1035163509.html?promotionId=210526801");//This tells the server where were you directed from.

curl_setopt($ch,CURLOPT_POST, count($fields));
curl_setopt($ch,CURLOPT_POSTFIELDS, $fields_string);

curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);//THIS IS VERY IMPORTANT! This one of the most common option that is used because this simply means that
                                               //the response from the server is returned as a string rather than output directly.
curl_setopt($ch, CURLOPT_UNRESTRICTED_AUTH, true);//This means to keep sending the login information(username and password) when there is a redirection

$str = curl_exec($ch);

var_dump($str);
var_dump(curl_error($ch));

// close cURL resource, and free up system resources
curl_close($ch);

和回应

HTTP/1.1 200 OK
Date: Sun, 04 Aug 2013 11:51:31 GMT
Server: Apache
P3P: CP="CAO PSA OUR"
Content-Language: en-US
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-XSS-protection: 1;mode=block
Content-Length: 56
Content-Type: plain/text;charset=utf-8
Set-Cookie: ali_apache_id=1.54.42.221.1375617091161.869918.6; path=/; domain=.aliexpress.com; expires=Wed, 30-Nov-2084 01:01:01 GMT
Set-Cookie: JSESSIONID=6EB1295945C27F8A2F788587D4C0E0A7; Path=/
Set-Cookie: ali_apache_track=; Domain=.aliexpress.com; Expires=Fri, 22-Aug-2081 15:05:38 GMT; Path=/
Set-Cookie: ali_apache_tracktmp=; Domain=.aliexpress.com; Path=/
Set-Cookie: acs_usuc_t=acs_rt=8fdfad47f53b46d489d0a905a5a9fb7c; Domain=.aliexpress.com; Path=/
Set-Cookie: xman_t=ZwO1ZDjGpaou2015+mejeWnS90vHjsN3YIDxbrXYOz/mbbJeIZM3q7Pw6ZGTygK2; Domain=.aliexpress.com; Path=/; HttpOnly
Set-Cookie: acs_t=2nqPb5i+QB7aDai5FXRM12xDJghxP4qjmcwPjwaXQ4SI6eV7eGpxjRGNjukEXuEW; Domain=.aliexpress.com; Path=/; HttpOnly
Set-Cookie: xman_f=MC/MUpjkYCKP+PRcAK43k9eQrTR+PE1rldMoChEUHVVlAUcYwh10BKJ0lxWlsPe4p+pYIPC/Vy4wIHJK8fiy4koUaF68CAolRC6UH7q0nmU5HcqWzgyjnA==; Domain=.aliexpress.com; Expires=Fri, 22-Aug-2081 15:05:38 GMT; Path=/; HttpOnly