https authentication

Hi,

I have to remplish and send a form https authenticated (SSL 3.0, RC4 128 bit RSA 1024 bit).
I tried with a script like this below with bad results, can you help me please?

Thank you very much.

Paolo


//******************************************************************************************
<?php
$user_agent = "php" . phpversion();

$login_url = "https://www.mysite.com/login";
$login_data = "username=user&password=pass
$form_url = "https://www.mysite.com/form";

$ch = curl_init($login_url);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_VERBOSE, 1); // debugging info, can be commented out
curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
curl_setopt($ch, CURLOPT_COOKIEJAR, "curl_cookies");
curl_setopt($ch, CURLOPT_COOKIEFILE, "curl_cookies"); // file where
the cookies will be stored
curl_setopt($ch, CURLOPT_POSTFIELDS, $login_data); // set the username/password

echo '<h3>logging in...</h3>';
$body = curl_exec($ch); // login
echo $body;
echo '<hr />';

/*
///////////////////////////////////////////////////////////////////////////
//  Now we're logged in and can post to the form
///////////////////////////////////////////////////////////////////////////
*/
curl_setopt($ch, CURLOPT_URL, $form_url);
curl_setopt($ch, CURLOPT_POSTFIELDS, $form_data); // post data to the form

echo '<h3>Posting Form Data...</h3>';
$body = curl_exec($ch); // get form results
echo $body;
echo '<hr />';

curl_close($ch);


?>
LVL 2
firepolAsked:
Who is Participating?
 
aksteveConnect With a Mentor Commented:
Need to add:
curl_setopt($ch, CURLOPT_POST,1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,  2);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
0
 
firepolAuthor Commented:
hi there, thanks for your reply,

I added the php lines to my script but it appears that the curl have some problem, if I check the curl_errno it says that the curl have some problem to connect, something like unsupported protocol. What do I wrong?

Additionally, it appears that the following line:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);

makes the HTTPS usage insecure.

see: http://news.gmane.org/gmane.comp.web.curl.php under
the post RE:Speed up curl w/ PHP on processing to iPay from Daniel Stenberg

thank you very much.
0
 
firepolAuthor Commented:
Here the code that I'm actually trying and that gives me problems (I forgot to report it)...

I added the php lines to my script but it appears that the curl have some problem, if I check the curl_errno (see at the end of the script) it says that the curl have some problem to connect, something like unsupported protocol. What do I wrong?

<?php

//echo curl_version();

$user_agent = "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)";

$login_url = "https://www.my_site.com/login";
$login_data = "username=my_user_name&password=my_pass";
$form_url = "https://www.my_site.com/form";
$form_data ="input1=walla&input2=test";

$ch = curl_init($login_url);

curl_setopt($ch, CURLOPT_SSLVERSION, 3);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,  2);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); //this make https not secure

curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_VERBOSE, 1); // debugging info, can be commented out
curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
curl_setopt($ch, CURLOPT_COOKIEJAR, "curl_cookies");
curl_setopt($ch, CURLOPT_COOKIEFILE, "curl_cookies"); // file where
the cookies will be stored
curl_setopt($ch, CURLOPT_POSTFIELDS, $login_data); // set the username/password


echo '<h3>logging in...</h3>';
$body = curl_exec($ch); // login
echo $body;
echo '<hr />';

/*
///////////////////////////////////////////////////////////////////////////
//  Now we're logged in and can post to the form
///////////////////////////////////////////////////////////////////////////
*/
curl_setopt($ch, CURLOPT_POST,1);
curl_setopt($ch, CURLOPT_URL, $form_url);
curl_setopt($ch, CURLOPT_POSTFIELDS, $form_data); // post data to the form


echo '<h3>Posting Form Data...</h3>';
$body = curl_exec($ch); // get form results
echo $body;
echo '<hr />';


echo "error curl_errno ($ch) <br>"; //it return error id1

curl_close($ch);


?>
0
 
firepolAuthor Commented:
Sorry guys, I guess i wasn't clear enough...

I'm trying to make a personal (private) page with a very small and easy interface to send sms using a web service which is accessible only via https.

I want to give access to the interface to my family and close friends, so that I don't need to give them my password and it's much easier for them to use it: from my page they simply insert the phone number, the text and send. I'm trying to make a script so that the submitted data are sent via https to the real form of the web service (with "authentication" I meant: encrypted login and password included in the submitted data via https). That's why I'm trying to use the curl library, which is supposed to do things like this, isn't it?

I tried with a php class called snoopy but with bad results ;(.

Somebody has an idea?

Thanks for letting me know...
0
All Courses

From novice to tech pro — start learning today.