How to login in with Curl and SSL and cookies

by

Here is a working example I created from your code. This uses a function getFormFields that I wrote for a similar question (first reference at the bottom of this post) which logs into the Android market.

I think there may have been a couple of things in your script that were preventing the login from working. First, you should urlencode the URL parameters such as email and password in the post string (cURL will not do this for you). Second, I think the x value used as part of the login URL may be required.

Here is a solution that logs in successfully. Note, I re-used the original cURL handle. This is not necessary, but if you specify keep-alive, it will actually re-use the same connection, and it also saves you from having to specify the same options over and over.

Once you have the cookies, you can create a new cURL object and specify the COOKIEFILE and COOKIEJAR and you will be logged in without performing the first steps.

<?php

// options
$EMAIL            = '[email protected]';
$PASSWORD         = 'yourpassword';
$cookie_file_path = "/tmp/cookies.txt";
$LOGINURL         = "https://cart2.barnesandnoble.com/mobileacct/op.asp?stage=signIn"; 
$agent            = "Nokia-Communicator-WWW-Browser/2.0 (Geos 3.0 Nokia-9000i)";


// begin script
$ch = curl_init(); 

// extra headers
$headers[] = "Accept: */*";
$headers[] = "Connection: Keep-Alive";

// basic curl options for all requests
curl_setopt($ch, CURLOPT_HTTPHEADER,  $headers);
curl_setopt($ch, CURLOPT_HEADER,  0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);         
curl_setopt($ch, CURLOPT_USERAGENT, $agent); 
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); 
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path); 
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path); 

// set first URL
curl_setopt($ch, CURLOPT_URL, $LOGINURL);

// execute session to get cookies and required form inputs
$content = curl_exec($ch); 

// grab the hidden inputs from the form required to login
$fields = getFormFields($content);
$fields['emailAddress'] = $EMAIL;
$fields['acctPassword'] = $PASSWORD;

// get x value that is used in the login url
$x = '';
if (preg_match('/op\.asp\?x=(\d+)/i', $content, $match)) {
    $x = $match[1];
}

//$LOGINURL   = "https://cart2.barnesandnoble.com/mobileacct/op.asp?stage=signIn";
  $LOGINURL   = "https://cart2.barnesandnoble.com/mobileacct/op.asp?x=$x";

// set postfields using what we extracted from the form
$POSTFIELDS = http_build_query($fields); 

// change URL to login URL
curl_setopt($ch, CURLOPT_URL, $LOGINURL); 

// set post options
curl_setopt($ch, CURLOPT_POST, 1); 
curl_setopt($ch, CURLOPT_POSTFIELDS, $POSTFIELDS); 

// perform login
$result = curl_exec($ch);  

print $result; 


function getFormFields($data)
{
    if (preg_match('/(<form action="op.*?<\/form>)/is', $data, $matches)) {
        $inputs = getInputs($matches[1]);

        return $inputs;
    } else {
        die('didnt find login form');
    }
}

function getInputs($form)
{
    $inputs = array();

    $elements = preg_match_all('/(<input[^>]+>)/is', $form, $matches);

    if ($elements > 0) {
        for($i = 0; $i < $elements; $i++) {
            $el = preg_replace('/\s{2,}/', ' ', $matches[1][$i]);

            if (preg_match('/name=(?:["\'])?([^"\'\s]*)/i', $el, $name)) {
                $name  = $name[1];
                $value="";

                if (preg_match('/value=(?:["\'])?([^"\'\s]*)/i', $el, $value)) {
                    $value = $value[1];
                }

                $inputs[$name] = $value;
            }
        }
    }

    return $inputs;
}

This worked for me, hope that helps get you going.

Here are some other cURL answer I have that may help learn:

More Related Contents:

  1. PHP – SSL certificate error: unable to get local issuer certificate
  2. HTTPS and SSL3_GET_SERVER_CERTIFICATE:certificate verify failed, CA is OK
  3. how to get the cookies from a php curl into a variable
  4. cURL error 60: SSL certificate: unable to get local issuer certificate
  5. PHP Curl And Cookies
  6. Paypal Access – SSL certificate: unable to get local issuer certificate
  7. A problem occurred somewhere in the SSL/TLS handshake
  8. How to get SSL certificate info with CURL in PHP?
  9. PHP Curl – Cookies problem
  10. PHP CURL CURLOPT_SSL_VERIFYPEER ignored
  11. How can I send cookies using PHP curl in addition to CURLOPT_COOKIEFILE?
  12. Is it possible to set the cookie content with CURL?
  13. Login to Google with PHP and Curl, Cookie turned off?
  14. Laravel 5 Socialite – cURL error 77: error setting certificate verify locations
  15. Twilio PHP – SSL certificate: self signed certificate in certificate chain
  16. cURL requires CURLOPT_SSL_VERIFYPEER=FALSE
  17. SSL error can not change to TLS
  18. file_get_contents(): SSL operation failed with code 1, Failed to enable crypto
  19. How to read if a checkbox is checked in PHP?
  20. How to enable cURL in PHP / XAMPP
  21. CURL PHP send image
  22. How to set cookies for uuid
  23. How can I scrape website content in PHP from a website that requires a cookie login?
  24. CURL and HTTPS, “Cannot resolve host”
  25. CakePHP remember me with Auth
  26. How to install php-curl in Ubuntu 16.04
  27. GET vs. POST Best Practices
  28. PHP $_POST not working? [duplicate]
  29. Unable to make php curl request with port number
  30. PHP cURL, POST JSON

Leave a Comment