PHP:使用 cURL 模拟 XHR

2022-01-15 00:00:00 curl xmlhttprequest php

今天我正在尝试为某些论坛登录做一个 cron 作业以检查在线统计信息.login.php 脚本接受带有表单提交值的 ajax 请求:用户、密码、服务器和哈希 ID(在隐藏字段中).我已经可以将值提交到登录脚本,还可以使用 cookie jar 保留会话,但是当我尝试传递所需的参数(来自 sendlogin.php)时,它似乎拒绝了不带有正确请求标头的请求.所以我需要知道如何使用 cURL 进行模拟:

Today I'm trying to make a cron job for some forum login to check for online stats. The login.php script accepts an ajax request with the form submitted values: user, password, server, and a hash id (in a hidden field). I can already submit the values to the login script and also preserve the session using a cookie jar but when I try to pass the required parameters (coming from sendlogin.php), it seems to reject requests that do not come with the proper request headers. So I need to know how I could simulate this using cURL:

GET login.php?user=foo&password=bar&server=1&id=7131c359e534e3790eaefa495d621b2a HTTP/1.1

Host: someloginserver.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
X-Requested-With: XMLHttpRequest
Referer: http://someloginserver.com/sendlogin.php
Cookie: __cfduid=de2fe207593d1135fc2426fb06e3270741303115848; hellobar_current=1300711502; hellobar_1300711502_variation=11462; PHPSESSID=cc621c6f57c43130d51d3147e319d8c2

希望你能帮助我.

推荐答案

在PHP api to curl你可以使用:

In the PHP api to curl you can use:

curl_setopt($curl, CURLOPT_HTTPHEADER, array(
    "Host" => "someloginserver.com",
    "User-Agent" => "Mozilla/5.0 (Windows NT 6.1; rv:2.0.1) Gecko/20100101 Firefox/4.0.1",
    "Accept" => "application/json, text/javascript, */*; q=0.01",
    "Accept-Language" => "en-us,en;q=0.5",
    "Accept-Encoding" => "gzip, deflate",
    "Accept-Charset" => "ISO-8859-1,utf-8;q=0.7,*;q=0.7",
    "Keep-Alive" => "115",
    "Connection" => "keep-alive",
    "X-Requested-With" => "XMLHttpRequest",
    "Referer" => "http://someloginserver.com/sendlogin.php"
));

但您的实际问题可能是我在上面排除的 Cookie:.使用 COOKIEJAR 设置您的 cURL 请求.发出一个虚假请求以获取当前会话值,然后才发送您的实际 XHR 请求.

But your actual problem might be the Cookie:, which I've excluded above. Setup your cURL request with a COOKIEJAR. Make one faux request to get a current session value, and only afterwards send your actual XHR request.

相关文章