The Arcive of Official vBulletin Modifications Site.

tmirek · #1 11-23-2010, 09:20 AM

I tried to login curl using this code

PHP Code:


			
$urlroot = 'http://robert.deveon/forum/login.php';
        $vbulletin1 = array(
            'vb_login_username' => 'mirek2',
            'vb_login_password'=> '123qwe',
            's' => '',
            'securitytoken' => 'guest',
            'do'=> 'login',
            'cookieuser' => '1',
            'vb_login_md5password' => md5('123qwe'),
            'vb_login_md5password_utf' => md5('123qwe')
        );

$this->do_vbulletin_login($urlroot, $vbulletin1);

where

PHP Code:


			
function do_vbulletin_login($url, $post) {
        $curl=curl_init();
        curl_setopt($curl, CURLOPT_URL, $url);
        curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
        curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12');
        curl_setopt($curl, CURLOPT_COOKIEFILE, dirname(__FILE__) . '/cookies.txt');
        curl_setopt($curl, CURLOPT_COOKIEJAR, dirname(__FILE__) . '/cookies.txt');
        curl_setopt($curl, CURLOPT_TIMEOUT, 30);
        curl_setopt($curl, CURLOPT_HEADER, 0);
        //if(strlen($post)>0){
            curl_setopt($curl, CURLOPT_POST, 1);
            curl_setopt($curl, CURLOPT_POSTFIELDS, $post);
        //}
        
        $strona=curl_exec($curl);
        echo $strona;
        curl_close($curl);
        die();
    }

mirek2 is a login and 123qwe a password. I get a message "wrong login and/or password".
What do I do wrong?

--------------- Added [DATE]1290511593[/DATE] at [TIME]1290511593[/TIME] ---------------

and this is a standard form

PHP Code:


			
<form action="login.php?do=login" method="post" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, 0)">
            <input type="hidden" name="do" value="login" />
            <input type="hidden" name="url" value="/forum/newreply.php?do=newreply&amp;noquote=1&amp;p=3" />

            <input type="hidden" name="vb_login_md5password" />
            <input type="hidden" name="vb_login_md5password_utf" />
            

            <input type="hidden" name="s" value="" />
            <input type="hidden" name="securitytoken" value="guest" />

            <!-- permission error message - user not logged in -->


            <div class="smallfont">Nie jeste&#347; zalogowany lub nie masz dostępu do tej strony. Prawdopodobne powody to:</div>

            <ol>
                <li class="smallfont">Nie jeste&#347; zalogowany.</li>
                <li class="smallfont">Nie masz wystarczaj&#261;cych uprawnień aby otworzyć stronę.</li>

                <li class="smallfont">Twoje konto czeka na aktywacj&#281; lub zostało wyłączone przez administratora forum.</li>
            </ol>

            <fieldset class="fieldset">
                <legend>Zaloguj si&#281;</legend>
                <table cellpadding="0" cellspacing="3" border="0" align="center">

                <tr>
                    <td>Nazwa u&#380;ytkownika:<br /><input type="text" class="bginput" name="vb_login_username" size="50" accesskey="u" tabindex="1" /></td>
                </tr>
                <tr>
                    <td>Has&#322;o:<br /><input type="password" class="bginput" name="vb_login_password" size="50" tabindex="1" /></td>
                </tr>
                <tr>

                    <td>
                        <span style="float:right"><a href="login.php?do=lostpw">Zapomnia&#322;eś hasła?</a></span>
                        <label for="cb_cookieuser"><input type="checkbox" name="cookieuser" value="1" id="cb_cookieuser" tabindex="1" />Zapami&#281;taj mnie</label>
                    </td>
                </tr>

                <tr>
                    <td align="right">
                        <input type="submit" class="button" value="Zaloguj się" accesskey="s" tabindex="1" />
                        <input type="reset" class="button" value="Wyczyść" accesskey="r" tabindex="1" />
                    </td>
                </tr>
                </table>
            </fieldset>

            <div class="smallfont">Aby przegl&#261;dać to forum musisz się najpierw <a href="register.php?do=signup">ZAREJESTROWAĆ</a>.</div>
            </form>

tmatrix · #2 12-19-2011, 10:35 PM

Tmirek, I know it has been quite awhile. Did you ever get this figured out?

kkinsey · #3 01-12-2012, 01:49 PM

What vBulletin version are you running?

I don't think md5('passwordstring') works anymore. Last time I looked at the code the password was double-encrypted along with the user's salt ... I could be way off base here.

I've got a similar issue on our biggest site.

kh99 · #4 01-12-2012, 01:58 PM

Quote:

Originally Posted by kkinsey

Last time I looked at the code the password was double-encrypted along with the user's salt ...

It's true that that's how the password is stored in tha database, but in the OP's code it's being run through md5 once before being sent to the login script, which is OK. But one thing I do notice about that code is that it sends the password both in plain text and md5, which would work but doesn't make much sense. I believe the javascript md5hash() function called by the standard code (also posted above) clear the plain text variable after setting vb_login_md5password.

(BTW, I have no idea why it wasn't working - I don't know the details of using curl).

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.04433 seconds Memory Usage 2,238KB Queries Executed 13 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (1)ad_showthread_firstpost (1)ad_showthread_firstpost_sig (1)ad_showthread_firstpost_start (3)bbcode_php (1)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)navbar (3)navbar_link (120)option (4)post_thanks_box (4)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (4)post_thanks_postbit_info (4)postbit (4)postbit_onlinestatus (4)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!