Spiderman
Wed Oct 8th, 2008, 05:23 PM
I'm trying to write a program that ties into the forum software to send a private message. The program will be called by an admin while they're logged in to the forum, so I have all the security & cookie info. Because it's a POST request, things are a little more complicated. I'm pretty sure I'm stuck trying to get the cookies set properly for the "new session". Documentation isn't the best, so I'm not even sure if I'm doing it right. :dunno:
I've tried php with fsockopen... (I'm sending $_COOKIE as the parameter value for $cookies):
...
$parts=parse_url($url);
$fp = fsockopen($parts['host'],
isset($parts['port'])?$parts['port']:80,
$errno, $errstr, 30);
if (!$fp) {
return false;
} else {
$out = "POST ".$parts['path']." HTTP/1.1\r\n";
$out.= "Host: ".$parts['host']."\r\n";
$out.= "Content-Type: application/x-www-form-urlencoded\r\n";
$out.= "Content-Length: ".strlen($parts['query'])."\r\n";
foreach( $cookies as $name => $value )
{
if ($name == "cscvbsessionhash"
|| $name == "cscvblastvisit"
|| $name == "cscvblastactivity")
{
$out .= 'Cookie: ' . $name . '=' . $value . "\r\n";
}
}
$out.= "Connection: Close\r\n\r\n";
if (isset($parts['query'])) $out.= $parts['query'];
// for debugging
echo "<p>";
echo "out = " . $out;
echo "<p>";
fwrite($fp, $out);
// for debugging
while (!feof($fp)) {
echo fgets($fp, 128);
}
fclose($fp);
return true;
}
and cURL:
...
$ch = curl_init('http://www.cosportbikeclub.org/forums/private.php');
curl_setopt ($ch, CURLOPT_POST, 1);
foreach( $_COOKIE as $name => $value )
{
if ($name == "cscvbsessionhash"
|| $name == "cscvblastvisit"
|| $name == "cscvblastactivity")
{
// I even added domain & path, but to no avail
curl_setopt ($ch, CURLOPT_COOKIE, $name . "=" . $value . "domain=.www.cosportbikeclub.org; path=/");
}
}
curl_setopt
(
$ch, CURLOPT_POSTFIELDS,
urlencode
(
"&do=insertpm"
. <other parameters go here>
)
);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_exec ($ch);
curl_close ($ch);
and even tho I was logged in to the forum when I clicked the link to call the page with the above code (both sets of code end with the same result), the (debugging) page I end up on indicates that I'm not logged in (User Name & Password box appear on top-right, along with Log In button), and there's an error message:
Sorry. The administrator has banned your IP address. To contact the administrator click here (http://www.cosportbikeclub.org/forums/sendmessage.php)
:shock:
I'm not really banned tho, or even entirely logged out - if I click on Today's Posts, the next page shows me as being logged in (Username, last visit date, & notifications take the place of the User Name & Password box & Log In button).
I've already wasted 2 days getting to this point, and another day trying to get past it. Any help would be greatly appreciated.
TIA 8)
I've tried php with fsockopen... (I'm sending $_COOKIE as the parameter value for $cookies):
...
$parts=parse_url($url);
$fp = fsockopen($parts['host'],
isset($parts['port'])?$parts['port']:80,
$errno, $errstr, 30);
if (!$fp) {
return false;
} else {
$out = "POST ".$parts['path']." HTTP/1.1\r\n";
$out.= "Host: ".$parts['host']."\r\n";
$out.= "Content-Type: application/x-www-form-urlencoded\r\n";
$out.= "Content-Length: ".strlen($parts['query'])."\r\n";
foreach( $cookies as $name => $value )
{
if ($name == "cscvbsessionhash"
|| $name == "cscvblastvisit"
|| $name == "cscvblastactivity")
{
$out .= 'Cookie: ' . $name . '=' . $value . "\r\n";
}
}
$out.= "Connection: Close\r\n\r\n";
if (isset($parts['query'])) $out.= $parts['query'];
// for debugging
echo "<p>";
echo "out = " . $out;
echo "<p>";
fwrite($fp, $out);
// for debugging
while (!feof($fp)) {
echo fgets($fp, 128);
}
fclose($fp);
return true;
}
and cURL:
...
$ch = curl_init('http://www.cosportbikeclub.org/forums/private.php');
curl_setopt ($ch, CURLOPT_POST, 1);
foreach( $_COOKIE as $name => $value )
{
if ($name == "cscvbsessionhash"
|| $name == "cscvblastvisit"
|| $name == "cscvblastactivity")
{
// I even added domain & path, but to no avail
curl_setopt ($ch, CURLOPT_COOKIE, $name . "=" . $value . "domain=.www.cosportbikeclub.org; path=/");
}
}
curl_setopt
(
$ch, CURLOPT_POSTFIELDS,
urlencode
(
"&do=insertpm"
. <other parameters go here>
)
);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_exec ($ch);
curl_close ($ch);
and even tho I was logged in to the forum when I clicked the link to call the page with the above code (both sets of code end with the same result), the (debugging) page I end up on indicates that I'm not logged in (User Name & Password box appear on top-right, along with Log In button), and there's an error message:
Sorry. The administrator has banned your IP address. To contact the administrator click here (http://www.cosportbikeclub.org/forums/sendmessage.php)
:shock:
I'm not really banned tho, or even entirely logged out - if I click on Today's Posts, the next page shows me as being logged in (Username, last visit date, & notifications take the place of the User Name & Password box & Log In button).
I've already wasted 2 days getting to this point, and another day trying to get past it. Any help would be greatly appreciated.
TIA 8)