作者Slas (史雷斯)
看板PHP
标题[请益] cURL模拟登入
时间Wed Mar 23 17:51:06 2016
各位版友好,
小弟现在想实现的功能是用PHP来模拟登入Office 365,
让使用者能够避开输入登入资讯的页面直接进到登入後的画面,
藉以达到假Single sign-on(?的效果。
爬了一下文後似乎可以用PHP的CURL来达成我要的效果,
就找了拿来登入Facebook的范例来改看看,
以下是目前的程式码。
-----------------------------------------
<?php
$login_email = '****';
$login_pass = '****'';
$ch = curl_init();
$requestID = create_guid();
$request_headers = array('client-request-id: '. $requestID,);
curl_setopt($ch, CURLOPT_URL,
"
https://login.microsoftonline.com/login.srf?wa=wsignin1.0&rpsnv=4&ct=1458714902&rver=6.7.6640.0&wp=MCMBI&wreply=https%3a%2f%2fportal.office.com%2flanding.aspx%3ftarget%3d%252fdefault.aspx&lc=1028&id=501392&msafed=0");
curl_setopt($ch,
CURLOPT_POSTFIELDS,'login='.urlencode($login_email).'&passwd='.urlencode($login_pass));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, $request_headers);
//curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 0);// 在发起连接前等待的时间,如果设
置为0,则不等待
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);//是否抓取转址、是否抓取跳转後
的页面
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_COOKIEJAR, dirname(__FILE__). '/cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, dirname(__FILE__). '/cookie.txt');
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3");
curl_setopt($ch, CURLOPT_REFERER, "
https://portal.office.com/");
$response = curl_exec($ch);
function create_guid($namespace = '') {
static $guid = '';
$uid = uniqid("", true);
$data = $namespace;
$data .= $_SERVER['REQUEST_TIME'];
$data .= $_SERVER['HTTP_USER_AGENT'];
$data .= $_SERVER['LOCAL_ADDR'];
$data .= $_SERVER['LOCAL_PORT'];
$data .= $_SERVER['REMOTE_ADDR'];
$data .= $_SERVER['REMOTE_PORT'];
$hash = strtoupper(hash('ripemd128', $uid . $guid . md5($data)));
$guid = '{' .
substr($hash, 0, 8) .
'-' .
substr($hash, 8, 4) .
'-' .
substr($hash, 12, 4) .
'-' .
substr($hash, 16, 4) .
'-' .
substr($hash, 20, 12) .
'}';
return $guid;}
//curl_close($ch);
?>
-----------------------------------------------
执行结果:出现登入错误
先感谢各位版友!
--
※ 发信站: 批踢踢实业坊(ptt.cc), 来自: 60.248.96.211
※ 文章网址: https://webptt.com/cn.aspx?n=bbs/PHP/M.1458726669.A.6FA.html
自己摸了了一晚,知道自己缺了GUID的Hearder之後再试,
目前是可以看到登入画面显示登入错误,
但还是弄不出来 Orz
※ 编辑: Slas (60.248.96.211), 03/24/2016 14:37:39
1F:→ weiclin: 如果你是想让php去抓html再吐给user,那你走错方向了 03/24 18:38
2F:→ weiclin: 例如网页内有用到ajax,你要怎样绕过same origin policy? 03/24 18:40
3F:→ Slas: 嗯...爬了两天的文我已经知道我的方向整个错误了 03/25 16:27
4F:→ Slas: 不过还是感谢回应! 03/25 16:27