0

我正在为客户制作 DLE 自动海报。我写了这段代码:

function postit($url, $postdata ="", $header = false, $follow = 0, $headers = "") {
    global $cookie;
    $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_VERBOSE, '1');
        curl_setopt($ch, CURLOPT_COOKIESESSION, 1);
        curl_setopt($ch, CURLOPT_REFERER, "http://www.downgiga.com/addnews.html");
        if($header == true) {
            curl_setopt($ch, CURLOPT_HEADER, 1); 
        }
        if($headers != "") {
            curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); 

        }
        curl_setopt($ch, CURLOPT_COOKIEFILE, getcwd() . '/' . $cookie); 
        curl_setopt($ch, CURLOPT_COOKIEJAR, getcwd() . '/' . $cookie); 
        $log = fopen(getcwd() . '/' . 'log.txt', 'w+');
        curl_setopt($ch, CURLOPT_STDERR, $log); 
        if($follow <> 0) {
            curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); 
        }
        if($postdata <> "") {
            curl_setopt($ch, CURLOPT_POST, 1); 
            curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata); 
        }
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 60);
    curl_setopt($ch, CURLOPT_TIMEOUT, 60);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect:'));
    curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-GB; rv:1.9.2) Gecko/20100115 Firefox/3.6 (.NET CLR 3.5.30729)");
    $source_code = curl_exec($ch);
    curl_close($ch);
    return $source_code;
}

$cookie = "cookies";
//login
$post['login_name'] = "joker";
$post['login_password'] = "123123";
$post['login'] = "submit";
$page = postit("http://www.downgiga.com/addnews.html", $post);
unset($post);
$secpattern = '/<input type="hidden" name="([a-z]*)" value="([a-z0-9]*)" \/><\/form>/';// some security
preg_match($secpattern, $page, $match);// some security
if($match) $post[$match[1]] = $match[2];// some security
$post['title'] = "test";
$post['catlist'] = '2';
$post['short_story'] = "short test";
$post['full_story'] = "full test";
$post['tags'] = "full,test";
$post['add'] = "Submit";
$post['mod'] = "addnews";
$post['nview'] = "Preview";
$post['allow_comm'] = true;
$post['allow_main'] = false;
$post['approve'] = true;
$post['allow_rating'] = true;
$headers = array('Content-Type: application/x-www-form-urlencoded');
echo postit("http://www.downgiga.com/addnews.html", $post, false, 0, $headers);

它给了我这个错误

ANTISPAM: User ID not valid

好吧,这里是从谷歌浏览器中提取的 curl 日志和 http-headers 成功的帖子。

卷曲日志

* About to connect() to www.downgiga.com port 80 (#0)
*   Trying 109.232.224.104... * connected
* Connected to www.downgiga.com (109.232.224.104) port 80 (#0)
> POST /addnews.html HTTP/1.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-GB; rv:1.9.2) Gecko/20100115 Firefox/3.6 (.NET CLR 3.5.30729)
Host: www.downgiga.com
Accept: */*
Referer: http://www.downgiga.com/addnews.html
Cookie: dle_password=4297f44b13955235245b2497399d7a93; dle_user_id=108; dle_newpm=0
Content-Length: 1386
Content-Type: multipart/form-data; boundary=----------------------------993bf2bec865

< HTTP/1.1 200 OK
< Date: Thu, 25 Aug 2011 23:49:10 GMT
< Server: Apache/2.2.17 (EL)
< X-Powered-By: PHP/5.2.17
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
* Added cookie PHPSESSID="42104e9342c70e8db167f417f6484a2d" for domain www.downgiga.com, path /, expire 0
< Set-Cookie: PHPSESSID=42104e9342c70e8db167f417f6484a2d; path=/
* Replaced cookie dle_newpm="0" for domain downgiga.com, path /, expire 1345852151
< Set-Cookie: dle_newpm=0; expires=Fri, 24-Aug-2012 23:49:11 GMT; path=/; domain=.downgiga.com; httponly
< Connection: close
< Transfer-Encoding: chunked
< Content-Type: text/html; charset=UTF-8
< 
* Closing connection #0

谷歌浏览器 http-headers

POST /addnews.html HTTP/1.1
Host: www.downgiga.com
Connection: keep-alive
Content-Length: 223
Cache-Control: max-age=0
Origin: http://www.downgiga.com
User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.861.0 Safari/535.2
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer: http://www.downgiga.com/addnews.html
Accept-Encoding: gzip,deflate,sdch
Accept-Language: fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4,ar;q=0.2
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=99de9359543b04cc43fb887fc64f7ff9; selected_language=English; dle_user_id=108; dle_password=4297f44b13955235245b2497399d7a93; dle_newpm=0

并发布从谷歌浏览器获取的数据

title:test2
short_story:<p>test :)</p>
full_story:<p>testing headers :)</p>
tags:test header
allow_comm:1
approve:1
allow_rating:1
add:Submit
mod:addnews
uxfpekxs:92006af0832447ad34fdaa8328ac788b

帖子数据的最后一行是关于安全性的,它每次都在变化。我也尝试从 curl 句柄中删除自定义标题,没有任何改变:(

4

2 回答 2

1

发送 POST 请求http://www.downgiga.com/admin.php?mod=addnews&action=addnews并不要忘记包含user_hash

于 2011-08-25T22:11:59.590 回答
1

尝试在 dle admin cp 中禁用垃圾邮件过滤器,因为此选项始终给出 false 无效,尤其是在任何使用服务器缓存的服务器上。

于 2013-11-09T00:16:17.763 回答