problem logging in with cURL

[tmatrix]

Hello,

I'm currently attempting to build a bridge of sorts between vB 4and Drupal 6. I am using cURL to do all the heavy lifting. I am having some good fortunes with this, and not so much.

I am doing all of my testing outside of the Drupal environment, but still in the directory structure, as to limit problem areas from the start. My thinking if I can get it to work outside of Drupal, then any issues will be Drupal related when I put the code into Drupal.

My main two issues are redirect (corresponding link), and token related.

Here is the code that I am using to do the login:

Code:

<?php 
include_once('../mypath/todb.inc.php');

error_reporting(E_ALL);

function get_salty($user,$password)
{
	$user_query = "SELECT * FROM user WHERE username = '$user'";
	$user_result = mysql_query($user_query);
	if(mysql_num_rows($user_result) >= 1)
	{
		while($user_row = mysql_fetch_array($user_result))
		{
			$salt = $user_row['salt'];
			$email = $user_row['email'];
			$vbpassword = $user_row['password'];
			$user_id = $user_row['userid'];
			$displaygroup = $user_row['displaygroupid'];
			$joindate = $user_row['joindate'];
		}
		$hashed_pwd = md5(md5($password) . $salt);
		
		return $hashed_pwd;
	}
}

function vBLogin($user, $pass, $url) 
{ 
       $md5Pass = md5($pass); 
       $data = "do=login&url=%2Findex.php&vb_login_md5password=$md5Pass&vb_login_username=$user&cookieuser=1";
       
       $vbcookie = "../vbcooks/".$user.".developyour.net.txt";
       
       $url = str_replace( "&amp;", "&", urldecode(trim($url)) );

       $ch = curl_init();

    curl_setopt ($ch, CURLOPT_URL, $url); 
    curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"); 
    curl_setopt ($ch, CURLOPT_TIMEOUT, '10');
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, '10'); 
    curl_setopt($ch, CURLOPT_POST, 1); 
    curl_setopt($ch,CURLOPT_POSTFIELDS,$data); 
    curl_setopt($ch, CURLOPT_COOKIEJAR, $vbcookie); 
    curl_setopt($ch, CURLOPT_COOKIEFILE, $vbcookie); 
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); 
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
    curl_setopt($ch, CURLOPT_ENCODING, "");
    curl_setopt($ch, CURLOPT_REFERER, "http://developyour.net/ThoughtMatrix/forums4/");
     
    $store = curl_exec ($ch); 
	$response = curl_getinfo($ch);
        curl_close($ch); 
	$dumpfile = "../my_code/dumpfile.html";
	$dumphandle = fopen($dumpfile, 'w') or die("no  open da file");
	fwrite($dumphandle, $store);
	fclose($dumphandle);
        
		return $response;
} 

function vBNext($url, $user) 
{ 
	$vbcookie = "../vbcooks/".$user.".developyour.net.txt";
       $ch = curl_init(); 

    curl_setopt ($ch, CURLOPT_URL, $url); 
    curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"); 
    curl_setopt ($ch, CURLOPT_TIMEOUT, '10');
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, '10'); 
    curl_setopt($ch, CURLOPT_POST, 1); 
    //curl_setopt($ch,CURLOPT_POSTFIELDS,$data); 
    curl_setopt($ch, CURLOPT_COOKIEJAR, $vbcookie); 
    curl_setopt($ch, CURLOPT_COOKIEFILE, $vbcookie); 
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); 
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
    curl_setopt($ch, CURLOPT_ENCODING, "");
    curl_setopt($ch, CURLOPT_REFERER, "http://developyour.net/ThoughtMatrix/forums4/login.php");
     
    $resultingpage = curl_exec ($ch); 
	$resultingresponse = curl_getinfo($ch);
        curl_close($ch); 
    
    return $resultingpage;
}

echo "<pre>";
print_r($_POST);
echo "</pre>";

if(isset($_POST['Submit']) && $_POST['Submit'] == "Submit")
{
	$username = $_POST['username'];
	$password = $_POST['password'];
	$passwd = trim($_POST['password']);
	
	$user_query = "SELECT * FROM user WHERE username = '$username'";
	$user_result = mysql_query($user_query);
	if(mysql_num_rows($user_result) >= 1)
	{
		while($user_row = mysql_fetch_array($user_result))
		{
			$salt = $user_row['salt'];
			$email = $user_row['email'];
			$vbpassword = $user_row['password'];
			$user_id = $user_row['userid'];
			$displaygroup = $user_row['displaygroupid'];
			$joindate = $user_row['joindate'];
		}
	$hashed_pwd = md5(md5($password) . $salt);
	}
	
	echo "hashed = ". $hashed_pwd."<br>";
	echo "vbpwd = ". $vbpassword."<br>";
	
	if ($hashed_pwd == $vbpassword) { echo "matched<br>"; } else { echo "you're fraked<br>"; }
	
	//$pwd_hashed = get_salty($username,$password);
	
	$start_url = "http://developyour.net/ThoughtMatrix/forums4/login.php?do=login";
	$vboutput = array();
	$vboutput = vBLogin($username,$password,$start_url);
	//print_r(array_keys($vboutput));
	print_r($vboutput);
	$next_url = "http://developyour.net/ThoughtMatrix/forums4/index.php";
	$vbnextout = vBNext($next_url,$username);
	echo $vbnextout;
}
?>

<html>
<body>
<form name="login" method="post">
<fieldset>
<legend>Log In</legend>
<label for="user">UserName : </label>
<input type="text" name="username" id="user">
<br>
<label for="password">Password : </label>
<input type="password" name="password" id="password">
<input type="submit" name="Submit" value="Submit">
</fieldset>
</form>
</body>
</html>

Everything seems fine with the above, the output of the vBNext function produces a page which completely acts as if the user is logged into vB, it gives the username at the top of the page etc... The vBNExt function i put in there for the simple fact that cURL does not follow redirects well, and on login into a vB site, there is a login redirect. This is why I had included a "dumpfile" of the page (html source) which forces the redirect, I wanted to verify all was good. To me it appears as it is not.

The headers of the source html have all the proper paths as set in the vB config file and/or in the admincp settings pages, /ThoughtMatrix/forums4/ is the path where vB is installed, But in the body of the html; the meta redirect, the link (class="redirect_button"), form action, and exec_refresh javascript function all point to index.php at the root of the domain, http://developyour.net/index.php, completely ignoring any of the paths. This behavior is not exhibited at all when logging into vB from the front end "normally".

Should I be concerned about this "flaw" in the source html output? If so, ideas on where to look to correct this?

There is also one more issue I am experiencing, I am thinking that it might be related to the above problem.

As I am building a bridge, I am not wanting users to directly access the vB install itself, all interaction is to be through a few pages within my scripts and finally Drupal, and the vB content will be displayed inside of these pages. To make this work, I am rewriting some of the links and paths of the HTML source that cURL returns from vB. When these links are clicked, vB gives a Missing Token error. I know it is not how the link was rewritten, I copy and paste the exact link into a browser and the resulting forum loads w/o any problem. Leads me to believe that yeah, maybe there is a cookie issue. Like maybe the incorrect redirect, or when I do the redirect back to vB with cURL i'm not sending enough data for the rest of the cookie building.

Here is the code for the rewrite of links, this code does include the above cURL login code also.

Code:

<?php 
include_once('../mypath/todb.inc.php');

error_reporting(E_ALL);

function altersource($sources, $baseurl,$user)
{
	//change base href
	$search4 = "base href=\"http://developyour.net/ThoughtMatrix/forums4/";
	$replacing = "base href=\"http://developyour.net/ThoughtMatrix/vbscripts/vb_login2.6.php";
	$sources = str_replace($search4,$replacing,$sources);

	// allow scripts to be loaded
	$search4 = "src=\"clientscript";
	$replacing = "src=\"".$baseurl."clientscript";
	$sources = str_replace($search4,$replacing,$sources);

	// change links and srcs
	$look4 = array("m", "s","f","i","l","n");
	
	foreach($look4 as $key => $value)
	{
    	 if($value != "i")
    	 {
         	 $search4 = "href=\"".$value;
         	 //$replacing = "href=\"forums4/".$value;
         	 $replacing = "href=\"?user=".$user."?link=".$value;
         	 $sources = str_replace($search4,$replacing,$sources);
    	 } else {
         	 $search4 = "src=\"".$value;
         	 $replacing = "src=\"".$baseurl.$value;
         	 $sources = str_replace($search4,$replacing,$sources);
    	 }
	}

	$look4 = "href=\"css";
	$replacing = "href=\"".$baseurl."css";
	$sources = str_replace($look4,$replacing,$sources);

	// fix actions
	$search4 = "action=\"";
	$replacing = $search4.$baseurl;
	$sources = str_replace($search4,$replacing,$sources);
	return $sources;
}

function get_salty($user,$password)
{
	$user_query = "SELECT * FROM user WHERE username = '$user'";
	$user_result = mysql_query($user_query);
	if(mysql_num_rows($user_result) >= 1)
	{
		while($user_row = mysql_fetch_array($user_result))
		{
			$salt = $user_row['salt'];
			$email = $user_row['email'];
			$vbpassword = $user_row['password'];
			$user_id = $user_row['userid'];
			$displaygroup = $user_row['displaygroupid'];
			$joindate = $user_row['joindate'];
		}
		$hashed_pwd = md5(md5($password) . $salt);
		
		return $hashed_pwd;
	}
}

function vBLogin($user, $pass, $url, $vbcookie, $javascript_loop = 0) 
{ 
       $md5Pass = md5($pass); 
       $data = "do=login&url=%2Findex.php&vb_login_md5password=$md5Pass&vb_login_username=$user&cookieuser=1";
              
       $url = str_replace( "&amp;", "&", urldecode(trim($url)) );

       $ch = curl_init();

    curl_setopt ($ch, CURLOPT_URL, $url); 
    curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"); 
    curl_setopt ($ch, CURLOPT_TIMEOUT, '10');
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, '10'); 
    curl_setopt($ch, CURLOPT_POST, 1); 
    curl_setopt($ch,CURLOPT_POSTFIELDS,$data); 
    curl_setopt($ch, CURLOPT_COOKIEJAR, $vbcookie); 
    curl_setopt($ch, CURLOPT_COOKIEFILE, $vbcookie); 
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); 
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
    curl_setopt($ch, CURLOPT_ENCODING, "");
    curl_setopt($ch, CURLOPT_REFERER, "http://developyour.net/ThoughtMatrix/forums4/");
     
    $store = curl_exec ($ch); 
	$response = curl_getinfo($ch);
        curl_close($ch); 
	$dumpfile = "../my_code/dumpfile.html";
	$dumphandle = fopen($dumpfile, 'w') or die("no  open da file");
	fwrite($dumphandle, $store);
	fclose($dumphandle);

	return $response ;
} 

function vBNext($url, $user, $vbcookie) 
{ 
       $ch = curl_init(); 

    curl_setopt ($ch, CURLOPT_URL, $url); 
    curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"); 
    curl_setopt ($ch, CURLOPT_TIMEOUT, '10');
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, '10'); 
    curl_setopt($ch, CURLOPT_POST, 1); 
    //curl_setopt($ch,CURLOPT_POSTFIELDS,$data); 
    curl_setopt($ch, CURLOPT_COOKIEJAR, $vbcookie); 
    curl_setopt($ch, CURLOPT_COOKIEFILE, $vbcookie); 
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); 
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
    curl_setopt($ch, CURLOPT_ENCODING, "");
    curl_setopt($ch, CURLOPT_REFERER, "http://developyour.net/ThoughtMatrix/forums4/login.php");
     
    $resultingpage = curl_exec ($ch); 
	$resultingresponse = curl_getinfo($ch);
        curl_close($ch); 
    
    return $resultingpage;
}

function vBview($user,$cookie, $url, $referer, $agent)
{ 
       $ch = curl_init(); 

    curl_setopt ($ch, CURLOPT_URL, $url); 
    curl_setopt ($ch, CURLOPT_USERAGENT, $agent); 
    curl_setopt ($ch, CURLOPT_TIMEOUT, '10');
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, '10'); 
    curl_setopt($ch, CURLOPT_POST, 1); 
    curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie); 
    curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie); 
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); 
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
    curl_setopt($ch, CURLOPT_ENCODING, "");
    curl_setopt($ch, CURLOPT_REFERER, $referer);
     
    $resultingpage = curl_exec ($ch); 
	$resultingresponse = curl_getinfo($ch);
        curl_close($ch); 
    
    return $resultingpage;
}


/*echo "<pre>";
print_r($_POST);
echo "</pre>";*/

$baseurl = $baseurl = "http://developyour.net/ThoughtMatrix/forums4/";
$curpath = $_SERVER['REQUEST_URI'];
if(isset($_SERVER['HTTP_REFERER']))
{
	$referer = $_SERVER['HTTP_REFERER'];
}
if(isset($_SERVER['HTTP_USER_AGENT']))
{
	$agent = $_SERVER['HTTP_USER_AGENT'];
} else {
	$agent = "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_6; en-us) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27";
}



//parse URL
$questioned = explode("=",$curpath,3);
if(isset($questioned[2]))
{
	print_r($questioned);
	$thisurl = $baseurl.$questioned[2];
	$used = explode("?",$questioned[1]);
	$username = $used[0];
	$vbcookie = "/usr/home/www/developyour.net/ThoughtMatrix/vbcooks/".$username.".developyour.net.txt";
	$returnedpage = vbview($username, $vbcookie, $thisurl, $referer, $agent);
	$alteredpage = altersource ($returnedpage, $baseurl, $username);
	echo $alteredpage;
} else {
	$thisurl = $baseurl."index.php";
}

if(isset($_POST['Submit']) && $_POST['Submit'] == "Submit")
{
	$username = $_POST['username'];
	$password = $_POST['password'];
	$passwd = trim($_POST['password']);
	$vbcookie = "/path/to/developyour.net/ThoughtMatrix/vbcooks/".$username.".developyour.net.txt";
	$user_query = "SELECT * FROM user WHERE username = '$username'";
	$user_result = mysql_query($user_query);
	if(mysql_num_rows($user_result) >= 1)
	{
		while($user_row = mysql_fetch_array($user_result))
		{
			$salt = $user_row['salt'];
			$email = $user_row['email'];
			$vbpassword = $user_row['password'];
			$user_id = $user_row['userid'];
			$displaygroup = $user_row['displaygroupid'];
			$joindate = $user_row['joindate'];
		}
	$hashed_pwd = md5(md5($password) . $salt);
	}
	
	echo "hashed = ". $hashed_pwd."<br>";
	echo "vbpwd = ". $vbpassword."<br>";
	
	if ($hashed_pwd == $vbpassword) { echo "matched<br>"; } else { echo "you're fraked<br>"; }
		
	$start_url = "http://developyour.net/ThoughtMatrix/forums4/login.php?do=login";
	$vboutput = array();
	$vboutput = vBLogin($username,$password,$start_url,$vbcookie);
	//print_r(array_keys($vboutput));
	print_r($vboutput);
	$next_url = "http://developyour.net/ThoughtMatrix/forums4/index.php";
	$returnedpage = vBNext($next_url,$username,$vbcookie);
	$alteredpage = altersource($returnedpage, $baseurl, $username);
	
	//store username in URL
	// change links etc like normal...but in funcitons
	
	echo $alteredpage;
}





//if no username set cnt to login form
//if user found..........

if(!isset($_POST['Submit']) && !isset($questioned[1]))
{
	$loginform = "<html><head>\n";
	$loginform .= "<form name=\"login\" method=\"post\">\n";
	$loginform .= "<fieldset><legend>Log In</legend>\n";
	$loginform .= "<label for=\"user\">UserName : </label>\n";
	$loginform .= "<input type=\"text\" name=\"username\" id=\"user\"><br>\n";
	$loginform .= "<label for=\"password\">Password : </label>\n";
	$loginform .= "<input type=\"password\" name=\"password\" id=\"password\">\n";
	$loginform .= "<input type=\"submit\" name=\"Submit\" value=\"Submit\">\n";
	$loginform .= "</fieldset></form></body></html>\n";
	echo $loginform ;
}
?>

I appreciate and look forward to any insights, opinions, and thoughts.

Cheers
Murias

[kh99]

Quote:

Originally Posted by tmatrix

...Should I be concerned about this "flaw" in the source html output? If so, ideas on where to look to correct this?

I'm not sure I'm following this, but I know that a lot of the paths are relative - is that what you mean?

Quote:

...When these links are clicked, vB gives a Missing Token error.

Is the message "missing security token"? You might be able to solve that by including the security token as part of the url or posted data. The value seems to be included as a javascript variable in the header, so you can probably parse that out without a lot of trouble. But you say you're having trouble with links that work in vb, so I'm not sure why they'd work in the browser without that value, but not in curl (unless you're using method POST in curl? I think vb always checks for the securitytoken value if the method is POST, so maybe use GET if you're not posting data?).