Re: [PHP] Curl with asp pages....

2008-11-28 Thread ioannes 

Andrew Ballard wrote:

On Fri, Nov 28, 2008 at 9:59 AM,  [EMAIL PROTECTED] wrote:
  

The one thing that's always tripped me up with ASP sites is that you have to add EVERY 
input, even the type=submit with the correct value from the one and only 
submit button on the page.



Again, I think that's the ASP.NET part.
  

Not sure what the ASP code monkeys are doing with their point-and-click UI, but 
I presume it's just a boilerplate operation that needs the submit input just in 
case they add a second button some day.



I've had the same problem with Zend_Form, honestly.


  

The variable names shouldn't need URLencoding in any proper webapp, but try it 
and see.



Well, they either need to contain valid URL characters or they need to
be encoded. If you have a variable name that contains an equal sign
(crazy, but can be technically valid since names are just strings --
to me it seems little less crazy than including square brackets in a
variable name in HTML) it will have to be escaped.

  

Use Firefox LiveHTTPHeaders to see what goes back-n-forth on a real working 
exchange as well.



I agree. It's definitely a lifesaver. FWIW, there is a similar tool
for IE too, if you ever find yourself stuck for one of those lovely
cases where the site works fine in Firefox but not in IE.

Andrew

  
I agree too.  Thank you, those responses were very useful, in particular 
Firefox LiveHTTPHeaders.  This gives the full post variables on the 
submission of the form, using this I could get a correct response and 
work back, compare the syntax and very carefully substitute my own 
variables.  I found that the code I was using to get the VIEWSTATE was 
in fact correct:


   preg_match('/input type=hidden name=__VIEWSTATE 
id=__VIEWSTATE value=([^]*?) \//', $html, $matches); //- from 
php.net curl php with slight amendment

   $viewstate = $matches[1];
   $viewstate = urlencode($viewstate);


but Firefox LiveHTTPHeaders then helped enormously in putting all the 
other variables in the right place and avoid errors.  I also found out 
that the server was doing a logic check on one of the variables 
(December was returned as 11 for the javascript calendar) which became 
obvious once everything else was working. 


John

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Curl with asp pages....

2008-11-27 Thread ioannes 
What are the differences between asp and non-asp pages when you are 
curling them?  Apart from ,as referred to in php.net, you need to 
urlencode the post values...  Do you also need to urlencode the variable 
names?  And if the submit button on the page has 
javascript:WebForm_PostBackOptions, is that going to cause any 
complexity?  I have a working php curling script which works on many 
sites, but this asp page returns error from the server (Error Tracking 
Code: from server).  I have seen problems described on the internet with 
asp but apart from urlencode tip and that you need to submit the hidden 
VIEWSTATE etc variables, I have not seen any other tips.  I previously 
got just the input page, so getting the error is actually progress, 
which I got once I urlencoded the inputs, but clearly the inputs don't 
make sense to the script somehow and suspect there is some general 
differences between asp and non-asp pages for this purpose. 


John

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Variable name as a string

2008-08-28 Thread ioannes 
In writing the script, though, there are two points.  I don't always use 
checkboxes, sometimes I just want to update all the records on the 
form.  Eg I have a series of images and related text each with their ID 
in the database table, on clicking update all the form elements get 
submitted and I need to relate the relevant image, text, etc with the 
table ID.  So I can't rely on checkboxes which only get posted if 
ticked.  So again I have to iterate through all possible IDs.  Which 
normally can be done but it is longer, eg because the images on the page 
in the first place may not be the result of a simple select query.  So I 
suppose the solution there is to have a hidden field with all the IDs as 
a string, explode that and then iterate through that.  Eg


input type=hidden value=1_2_3 name=all_IDs

$IDs=explode(_,$_POST['all_IDs']);

and that gives me the table IDs to do update queries on etc.

John

ioannes wrote:
Actually, you are right, as you just put the checkbox index in the 
POST and get the value from there.  So you just need the number of 
checkboxes...sorry.


ioannes wrote:
Yes, Tedd, this does however incur the overhead of find out what i 
is, because it could be a range of IDs from the database, not 
necessarily a count of the checkboxes on the page:



for ($i = 1; $i = 4; $i++)
   {
   $a = 'a' . $i;
   $b = 'whatever' . $i;
   if($_POST[$a] == 'on')
  {
   my_array[] = $_POST[$b]
  }
   }


John





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Variable name as a string

2008-08-27 Thread ioannes 
Could someone tell me how to get the name of a variable as a string.  
This would be useful in form submission with multiple check-boxes to 
match against database records.  At the moment I use ${var.$ID[$x]} or 
someting like that to go through all the possible matches, but it would 
be quicker to explode the name of a checkbox like a string like cb_1 to 
match to record 1 etc.


There is some reason I do not use the value of the check box, but I can't 
remember it now!


John



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Variable name as a string

2008-08-27 Thread ioannes 
Yes, Tedd, this does however incur the overhead of find out what i is, 
because it could be a range of IDs from the database, not necessarily a 
count of the checkboxes on the page:



for ($i = 1; $i = 4; $i++)
   {
   $a = 'a' . $i;
   $b = 'whatever' . $i;
   if($_POST[$a] == 'on')
  {
   my_array[] = $_POST[$b]
  }
   }


John

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Re: Variable name as a string

2008-08-27 Thread ioannes 
Actually, you are right, as you just put the checkbox index in the POST 
and get the value from there.  So you just need the number of 
checkboxes...sorry.


ioannes wrote:
Yes, Tedd, this does however incur the overhead of find out what i is, 
because it could be a range of IDs from the database, not necessarily 
a count of the checkboxes on the page:



for ($i = 1; $i = 4; $i++)
   {
   $a = 'a' . $i;
   $b = 'whatever' . $i;
   if($_POST[$a] == 'on')
  {
   my_array[] = $_POST[$b]
  }
   }


John



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Restore Leading Zeros in Zip Codes

2008-08-24 Thread ioannes 

George Bernard Shaw, an Irishman.

tedd wrote:

At 11:13 PM +0100 8/22/08, Ashley Sheridan wrote:


Not to mention, but of the two major English speaking countries, both 
America and England have different address standards. All too often 
an American site seems to think that a postcode is the same thing as 
a zip code, and then rejects it in a form for being in the wrong format!


Yeah, but that's to be expected.

You Brits get everything wrong -- you drive on the wrong side of the 
street, you eat with your fork in the wrong hand, and your postal 
codes are all messed up.  :-)


As Churchill once said We are two peoples separated by a common 
language.


Cheers,

tedd




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] preg_match_all nested html text

2008-08-20 Thread ioannes 
I am trying to get the text between nested html tags within arrays 
produced by preg_match_all.  The simple situation would be:


trtdtest/td/tr

I want to return 'test'.

Assuming $post_results has some string derived from a html page source 
with lots of nested tags.


Replacing new line (seems to be a good idea to do this):
$post_results = ereg_replace([\n\r],  , $post_results);

I tried this:
$pattern = /[^]*(.+)\/[^]*/i;

Explanation (as far as I understand, please feel free to correct):
/.../ start end
 - opening html tag
[^] end tag
* any number of same

 end tag - don't understand why needed in addition to above

(.+) group: any number of any characters
 opening tag
\/ literal forward slash
[^] end with tag end
* any number of same

 end tag - don't know why needed again
i - modifier, can't remember what it means, something like case 
insensitive, yes, that would be it


  
//Main expression for first try, substituting tags:

preg_match_all($pattern,$post_results,$outputs);

//this only replaces the outer tag eg tr, not the td, so:
while(stristr($outputs[0][1],)) {
   preg_match_all($pattern,$outputs[0][1],$outputs,PREG_PATTERN_ORDER);
}


Is there a neat expression to get the inner text withing nested html tags?

Thanks,

John

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Referencing files in cron jobs versus format when running from URL

2008-08-02 Thread ioannes 

I have a file that works from the URL like:

www.mysite.com/cronjob.php

and this file includes references to uploaded files like this:

/home/mysite/public_html/dir/subdir/filename.xml

and this is used in functions like filemtime().  The uploaded files are 
found on the server using the above path in the code of the php file.


However, when I cron the php file from the server using:

/ramdisk/bin/php4 -q /home/mysite/public_html/cronjob.php

(using the server cPanel Cron Manager Linux command type set up page), 
the php file does not find the uploaded files, presumably because the 
above format of /home/mysite/public_html/dir/subdir/filename.xml needs 
to be a different path.  This must be familiar to many, can you help in 
suggesting change in path required?


John

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] CURL de-bugging: So why am I not getting the results page on the target site?

2008-07-10 Thread ioannes 
I would like someone to help me on this outside the group discussion.  
Is there anyone out there that would look at a curl problem with me?


Thanks,

John

ioannes wrote:
My current theory on this is that the initial input page creates a 
per-session cookie.  Is CURL able to send this when the page is 
submitted and if so how do I find out the name and value of the cookie 
as per my reading it is not stored on the computer, though I reckon it 
must be there somewhere.


The initial page is in this format:
https://www.targetsite.com/subdir/page.asp?serialno=GM201OtherCode=NextCode= 



So I have various GET parameters.

The initial input page also has POST parameters which I can see the in 
page source, and so send via CURL.


I cannot find any javascript doing a set_cookie, including in any 
included files of which there are none anyway.  But there is some 
session going on as the serialno parameter is not in a hidden field or 
explicitly set cookie, so it must be a per-session cookie maybe with a 
different name, I reason.  How do I find out about these?


John

ioannes wrote:
My code is as below.  It comes back with 'Bad session variable name - 
CompanySerialNo' from the site.but the COOKIEJAR does not show this 
variable name and it is not sent, it just shows:


www.targetsite.comFALSE/FALSE0
ASPSESSIONIDQCSQDTABLKAONANAFJPNMFFECLFNCLBP


There is a serialno but that is sent in the GET (URL below).  
Question is: What to test now?  I am trying to get a results page 
from an input page.


What code below is trying to do is access the page, get any cookies 
set then try the page again with the relevant inputs.


?
   
$url=https://www.targetsite.com/subdir/page.asp?serialno=GM201OtherCode=NextCode=;; 



   $ch = curl_init();
   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);

   curl_setopt ($ch, CURLOPT_COOKIEJAR, cookies.txt);
   curl_setopt ($ch, CURLOPT_COOKIEFILE, cookies.txt);

   curl_setopt($ch, CURLOPT_HEADER, 0);
 curl_setopt($ch, CURLOPT_AUTOREFERER, true);

   curl_setopt($ch, CURLOPT_URL, $url);
  /*
//GET list from submitting POST form as GET
https://www.shortstay-london.com/checkavail.asp?
1 - clock=+09%3A54
2 - StartDay=6
3 - StartMonth=September+%3A+2008
4 - EndDay=13
5 - EndMonth=September+%3A+2008
13 - CheckThis=Check+This

use this list to create POST data
*/

   curl_setopt($ch, CURLOPT_POST, 1);
 $curlPost=array();

   $curlPost[clock]= 09:54;
   $curlPost[StartDay]=6;
   $curlPost[StartMonth]=September : 2008;
   $curlPost[EndDay]=13;
   $curlPost[EndMonth]=September : 2008;
   //etc
   $curlPost[CheckThis]=Check This;

   curl_setopt($ch, CURLOPT_POSTFIELDS,$curlPost);
 
   curl_setopt($ch, CURLOPT_FOLLOWLOCATION  ,1);

   curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);

   $store = curl_exec ($ch);
 curl_close ($ch);
 print($store);
  ?





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] CURL de-bugging: So why am I not getting the results page on the target site?

2008-07-08 Thread ioannes 
My current theory on this is that the initial input page creates a 
per-session cookie.  Is CURL able to send this when the page is 
submitted and if so how do I find out the name and value of the cookie 
as per my reading it is not stored on the computer, though I reckon it 
must be there somewhere.


The initial page is in this format:
https://www.targetsite.com/subdir/page.asp?serialno=GM201OtherCode=NextCode=

So I have various GET parameters.

The initial input page also has POST parameters which I can see the in 
page source, and so send via CURL.


I cannot find any javascript doing a set_cookie, including in any 
included files of which there are none anyway.  But there is some 
session going on as the serialno parameter is not in a hidden field or 
explicitly set cookie, so it must be a per-session cookie maybe with a 
different name, I reason.  How do I find out about these?


John

ioannes wrote:
My code is as below.  It comes back with 'Bad session variable name - 
CompanySerialNo' from the site.but the COOKIEJAR does not show this 
variable name and it is not sent, it just shows:


www.targetsite.comFALSE/FALSE0
ASPSESSIONIDQCSQDTABLKAONANAFJPNMFFECLFNCLBP


There is a serialno but that is sent in the GET (URL below).  Question 
is: What to test now?  I am trying to get a results page from an input 
page.


What code below is trying to do is access the page, get any cookies 
set then try the page again with the relevant inputs.


?
   
$url=https://www.targetsite.com/subdir/page.asp?serialno=GM201OtherCode=NextCode=;; 



   $ch = curl_init();
   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);

   curl_setopt ($ch, CURLOPT_COOKIEJAR, cookies.txt);
   curl_setopt ($ch, CURLOPT_COOKIEFILE, cookies.txt);

   curl_setopt($ch, CURLOPT_HEADER, 0);
 curl_setopt($ch, CURLOPT_AUTOREFERER, true);

   curl_setopt($ch, CURLOPT_URL, $url);
  /*
//GET list from submitting POST form as GET
https://www.shortstay-london.com/checkavail.asp?
1 - clock=+09%3A54
2 - StartDay=6
3 - StartMonth=September+%3A+2008
4 - EndDay=13
5 - EndMonth=September+%3A+2008
13 - CheckThis=Check+This

use this list to create POST data
*/

   curl_setopt($ch, CURLOPT_POST, 1);
 $curlPost=array();

   $curlPost[clock]= 09:54;
   $curlPost[StartDay]=6;
   $curlPost[StartMonth]=September : 2008;
   $curlPost[EndDay]=13;
   $curlPost[EndMonth]=September : 2008;
   //etc
   $curlPost[CheckThis]=Check This;

   curl_setopt($ch, CURLOPT_POSTFIELDS,$curlPost);
 
   curl_setopt($ch, CURLOPT_FOLLOWLOCATION  ,1);

   curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);

   $store = curl_exec ($ch);
 curl_close ($ch);
 print($store);
  ?



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] CURL de-bugging: So why am I not getting the results page on the target site?

2008-07-08 Thread ioannes 
The way this page works is you access index.asp?SerialNo=abc123 from a 
link, that is re-directed to a frameset containing the main page, 
main.asp, just that.   main.asp does not have any input fields showing 
the SerialNo, there is a comment with it but that is all.  Fom this 
page, you input some dates and submit, and the form action is on a page 
like /checkthis.asp.  What I can't see is how /checkthis.asp knows the 
SerialNo, which it needs.  Is there some other way that asp pages 
transfer information between pages?  I looked at the cache for IE after 
each page load and it does not have SerialNo as cookies or any cookies 
from this site other than google conversion tracking. 

On main.asp the button that submits the form does not refer to the 
SerialNo either.  Nevertheless the results page creates the relevant 
data from the database.  But it does produce error messages like, The 
Object has been  Moved here, with my site plus 
?lngSessionId=234984987SerialNo=abd123WinMode=AgentCode=CustCode=.   
If I add these parameters to the target URL in the CURL script it looks 
for displaymode (the message with my url in the display line at end of 
browser window: www.mysite.com/displaymode=). 


John

ioannes wrote:
My current theory on this is that the initial input page creates a 
per-session cookie.  Is CURL able to send this when the page is 
submitted and if so how do I find out the name and value of the cookie 
as per my reading it is not stored on the computer, though I reckon it 
must be there somewhere.


The initial page is in this format:
https://www.targetsite.com/subdir/page.asp?serialno=GM201OtherCode=NextCode= 



So I have various GET parameters.

The initial input page also has POST parameters which I can see the in 
page source, and so send via CURL.


I cannot find any javascript doing a set_cookie, including in any 
included files of which there are none anyway.  But there is some 
session going on as the serialno parameter is not in a hidden field or 
explicitly set cookie, so it must be a per-session cookie maybe with a 
different name, I reason.  How do I find out about these?


John

ioannes wrote:
My code is as below.  It comes back with 'Bad session variable name - 
CompanySerialNo' from the site.but the COOKIEJAR does not show this 
variable name and it is not sent, it just shows:


www.targetsite.comFALSE/FALSE0
ASPSESSIONIDQCSQDTABLKAONANAFJPNMFFECLFNCLBP


There is a serialno but that is sent in the GET (URL below).  
Question is: What to test now?  I am trying to get a results page 
from an input page.


What code below is trying to do is access the page, get any cookies 
set then try the page again with the relevant inputs.


?
   
$url=https://www.targetsite.com/subdir/page.asp?serialno=GM201OtherCode=NextCode=;; 



   $ch = curl_init();
   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);

   curl_setopt ($ch, CURLOPT_COOKIEJAR, cookies.txt);
   curl_setopt ($ch, CURLOPT_COOKIEFILE, cookies.txt);

   curl_setopt($ch, CURLOPT_HEADER, 0);
 curl_setopt($ch, CURLOPT_AUTOREFERER, true);

   curl_setopt($ch, CURLOPT_URL, $url);
  /*
//GET list from submitting POST form as GET
https://www.shortstay-london.com/checkavail.asp?
1 - clock=+09%3A54
2 - StartDay=6
3 - StartMonth=September+%3A+2008
4 - EndDay=13
5 - EndMonth=September+%3A+2008
13 - CheckThis=Check+This

use this list to create POST data
*/

   curl_setopt($ch, CURLOPT_POST, 1);
 $curlPost=array();

   $curlPost[clock]= 09:54;
   $curlPost[StartDay]=6;
   $curlPost[StartMonth]=September : 2008;
   $curlPost[EndDay]=13;
   $curlPost[EndMonth]=September : 2008;
   //etc
   $curlPost[CheckThis]=Check This;

   curl_setopt($ch, CURLOPT_POSTFIELDS,$curlPost);
 
   curl_setopt($ch, CURLOPT_FOLLOWLOCATION  ,1);

   curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);

   $store = curl_exec ($ch);
 curl_close ($ch);
 print($store);
  ?





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] CURL de-bugging: So why am I not getting the results page on the target site?

2008-07-07 Thread ioannes 
My code is as below.  It comes back with 'Bad session variable name - 
CompanySerialNo' from the site.but the COOKIEJAR does not show this 
variable name and it is not sent, it just shows:


www.targetsite.comFALSE/FALSE0
ASPSESSIONIDQCSQDTABLKAONANAFJPNMFFECLFNCLBP


There is a serialno but that is sent in the (URL below).  Question is: 
What to test now?  I am trying to get a results page from an input page.


What code below is trying to do is access the page, get any cookies set 
then try the page again with the relevant inputs.


?
   
$url=https://www.targetsite.com/subdir/page.asp?serialno=GM201OtherCode=NextCode=;;


   $ch = curl_init();
   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);

   curl_setopt ($ch, CURLOPT_COOKIEJAR, cookies.txt);
   curl_setopt ($ch, CURLOPT_COOKIEFILE, cookies.txt);

   curl_setopt($ch, CURLOPT_HEADER, 0);
  
   curl_setopt($ch, CURLOPT_AUTOREFERER, true);


   curl_setopt($ch, CURLOPT_URL, $url);
  
/*

//GET list from submitting POST form as GET
https://www.shortstay-london.com/checkavail.asp?
1 - clock=+09%3A54
2 - StartDay=6
3 - StartMonth=September+%3A+2008
4 - EndDay=13
5 - EndMonth=September+%3A+2008
13 - CheckThis=Check+This

use this list to create POST data
*/

   curl_setopt($ch, CURLOPT_POST, 1);
  
   $curlPost=array();


   $curlPost[clock]= 09:54;
   $curlPost[StartDay]=6;
   $curlPost[StartMonth]=September : 2008;
   $curlPost[EndDay]=13;
   $curlPost[EndMonth]=September : 2008;
   //etc
   $curlPost[CheckThis]=Check This;

   curl_setopt($ch, CURLOPT_POSTFIELDS,$curlPost);
 
   curl_setopt($ch, CURLOPT_FOLLOWLOCATION  ,1);

   curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);

   $store = curl_exec ($ch);
  
   curl_close ($ch);
  
   print($store);
  
?


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] CURL de-bugging: So why am I not getting the results page on the target site?

2008-07-02 Thread ioannes 

Thanks Chris and Andrew,

An interesting article here on VIEWSTATE in asp: 
http://www.dotnetjohn.com/articles.aspx?articleid=71 refers to MAC 
encoding using SHA1 or MD5, alternatively Triple DES symmetric 
algorithm.  However, in either event, VIEWSTATE seems to be just what is 
sent by the server which the server expects to receive back unmodified.  
I tried the same input form as on the target server on a test page on my 
site with the action on the form to the target server and that works OK 
to get the results page on the target server.  I have also tested on my 
server that the CURL POST variables are giving sensible inputs like the 
ones that the page would produce on GET.  In the process, I also learned 
that colons in the POST variable names don't need to be changed for HTML 
encoding, spaces in the variable values do need to be, anyway the POST 
variables seem to work OK as I said.  Whatever is or is not being sent 
by the script as opposed to the input form on a test page of my site is 
the difference that I am looking for.  I will try another site see can I 
learn anything in the process.


Oh, and decoding the string as suggested 
(print_r(base64_decode($view_state_string));) gives one value in the 
array and a mixture of English and other characters plus most of the 
page: eg d2Ö8 Version=0.0.0.0, and other 
characters that do not copy to this email etc.  As above, I don't see 
that this is interfering with CURLing the results page if it is simply 
sent back in the post.


John

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] CURL de-bugging: So why am I not getting the results page on the target site?

2008-07-01 Thread ioannes 
I didn't get any brave response on this, but given the other thread on 
'encription' I was wondering could anyone decrypt the __VIEWSTATE string 
at the end of this message.  It is part of the input page whose results 
page I am trying to retrieve back onto my server for further php work.  
I replicated the source from that input page onto a page on my server, 
and when I click the submit button it correctly goes to the target 
results page, on the other site though, however it did not work without 
the whole of the string below.  The experiment proved though that 
without the __VIEWSTATE the results page will not return.  So I am just 
wondering, as I have not been able to repeat this using curl, what the 
 is included in that string. There's a challenge for anyone with 
whatever resources it takes.


John


ioannes wrote:

For those that like CURL and calendars.
...

VIEWSTATE

curl_setopt($ch, 
CURLOPT_POSTFIELDS,__VIEWSTATE=/wEPDwUKMTMyMjM3NTUzNw9kFgZmDxYCHgRUZXh0BYcMPHRhYmxlIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCIgYm9yZGVyPSIwIj48dHI+PHRkPg0KPHVsIGlkPSJza2lwIj4NCiA8bGk+PGEgaHJlZj0iI21haW4iPlNraXAgdG8gbWFpbiBjb250ZW50PC9hPjwvbGk+DQo8L3VsPg0KPGRpdiBpZD0id3JhcHBlciIgY2xhc3M9ImNsZWFyIj4NCiA8ZGl2IGlkPSJoZWFkZXIiPg0KICAgICAgICAgICAgPGgxPg0KICAgICAgICAgICAgICAgIDxhIGhyZWY9Imh0dHA6Ly93d3cuZG9scGhpbnNxdWFyZS5jby51ay9ob3VzZS8iIHRpdGxlPSJEb2xwaGluIEhvdXNlIGhvbWUgcGFnZSI+RG9scGhpbg0KICAgICAgICAgICAgICAgICAgICBIb3VzZTwvYT48L2gxPg0KICAgICAgICAgICAgPGRpdiBpZD0ibmF2aWdhdGlvbiI+DQogICAgICAgICAgICAgICAgPHVsIGlkPSJuYXZfbWFpbiI+DQogICAgICAgICAgICAgICAgICAgIDxsaSBjbGFzcz0iYWJvdXQiPjxhIGhyZWY9Imh0dHA6Ly93d3cuZG9scGhpbnNxdWFyZS5jby51ay9ob3VzZS9hYm91dC8iIHRpdGxlPSJBYm91dCBEb2xwaGluIEhvdXNlIj4NCiAgICAgICAgICAgICAgICAgICAgICAgIEFib3V0IHVzPC9hPiA8L2xpPg0KICAgICAgICAgICAgICAgICAgICA8bGkgY2xhc3M9ImFyZWEiPjxhIGhyZWY9Imh0dHA6Ly93d3cuZG9scGhpbnNxdWFyZS5jby51ay9ob3VzZS90aGVhcmVhLyIgdGl0bGU9IlRoZSBhcmVhIj4NCiAgICAgICAgICAgICAgICAgICAgICAgIFRoZSBhcmVhPC9hPiA8L2xpPg0KICAgICAgICAgICAgICAgICAgICA8bGkgY2xhc3M9ImZhY2lsaXRpZXMiPjxhIGhyZWY9Imh0dHA6Ly93d3cuZG9scGhpbnNxdWFyZS5jby51ay9ob3VzZS9mYWNpbGl0aWVzLyINCiAgICAgICAgICAgICAgICAgICAgICAgIHRpdGxlPSJGYWNpbGl0aWVzIj5GYWNpbGl0aWVzPC9hPiA8L2xpPg0KICAgICAgICAgICAgICAgICAgICA8bGkgY2xhc3M9ImFwYXJ0bWVudHMiPjxhIGhyZWY9Imh0dHA6Ly93d3cuZG9scGhpbnNxdWFyZS5jby51ay9ob3VzZS9hcGFydG1lbnRzLyINCiAgICAgICAgICAgICAgICAgICAgICAgIHRpdGxlPSJUaGUgYXBhcnRtZW50cyI+QXBhcnRtZW50czwvYT4gPC9saT4NCiAgICAgICAgICAgICAgICAgICAgPGxpIGNsYXNzPSJib29rIj48YSBocmVmPSJodHRwczovL3Jlc2VydmF0aW9ucy5zeW54aXMuY29tL0xCRS9yZXouYXNweD9Ib3RlbD0xODQ4MyZDaGFpbj03MzcxJmxvY2FsZT1lbi1HQiINCiAgICAgICAgICAgICAgICAgICAgICAgIHRpdGxlPSJCb29rIG9ubGluZSI+Qm9vayBvbmxpbmU8L2E+PC9saT4NCiAgICAgICAgICAgICAgICAgICAgPGxpIGNsYXNzPSJjb250YWN0Ij48YSBocmVmPSJodHRwOi8vd3d3LmRvbHBoaW5zcXVhcmUuY28udWsvaG91c2UvY29udGFjdHVzLnBocCINCiAgICAgICAgICAgICAgICAgICAgICAgIHRpdGxlPSJDb250YWN0IHVzIj5Db250YWN0IHVzPC9hPjwvbGk+DQogICAgICAgICAgICAgICAgPC91bD4NCiAgICAgICAgICAgIDwvZGl2Pg0KICAgICAgICA8L2Rpdj4NCiA8ZGl2IGlkPSJtYWluIj4NCiAgPHA+DQogIGQCAQ9kFgICAQ8PFgIeB0xCRURhdGEy1jgAAQAAAP8BAAwCQUJFQnVzaW5lc3MsIFZlcnNpb249MC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1udWxsDAMAAABDQnVzaW5lc3MsIFZlcnNpb249NC42LjAuMzI4NTIsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49bnVsbAUBLFN5bnhpcy5BcHBsaWNhdGlvbi5CRS5CRUJ1c2luZXNzLkxCRS5MQkVEYXRhhA5faXNJbml0aWFsaXplZA1faG90ZWxDaGFuZ2VkFF9jdXN0b21lckluZm9DaGFuZ2VkDF9sb2dpbkZhaWxlZAtfbG9naW5FbWFpbA5faG90ZWxBdHRyRGF0YQhfaG90ZWxJRAhfY2hhaW5JRAlfaEFsaWFzSUQJX2NBbGlhc0lECV9hbHRTaGVsbAxfb3JpZ0hvdGVsSUQOX29yaWdIb3RlbE5hbWUOX2hvdGVsSXNBY3RpdmUJX2Rlc3RDb2RlCV9yZXpMZXZlbA9fcGF0aFRha2VuTGV2ZWwKX3N0ZXBGaWxlcxBfYnJlYWRDcnVtYnNGaWxlD19jb25maWdGaWxlUGF0aAdfbGFuZ0lEB19sb2NhbGUKX2hvdGVsR3VpZApfY2hhaW5HdWlkCV9kZXN0R3VpZAhfcmV6R3VpZApfaG90ZWxOYW1lCl9ob3RlbENvZGUKX2NoYWluTmFtZQlfZGVzdE5hbWUMX3JlelN0YXR1c0lECl9jb25maXJtTm8JX2NhbmNlbE5vEl9jYWxlbmRhclN0YXJ0RGF0ZQxfYXJyaXZhbERhdGUOX2RlcGFydHVyZURhdGUJX25pZ2h0UXR5CV9hZHVsdFF0eQlfY2hpbGRRdHkKX2p1bmlvclF0eQpfaW5mYW50UXR5Cl9zZW5pb3JRdHkIX3Jvb21RdHkRX3BhY2thZ2VEYXRhQXJyYXkSX3BhY2thZ2VUb3RhbFByaWNlCl9wcm9tb0NvZGULX2lhdGFOdW1iZXIQX3ZhbGlkSWF0YU51bWJlcghfYWdlbnRJRA9fdmFsaWRBZ2VudEd1aWQKX2dyb3VwQ29kZQ5fc3ViU291cmNlQ29kZQ1fYWxsb3dlZFJhdGVzDV9hbGxvd2VkUm9vbXMNX2F2ZXJhZ2VQcmljZRBfZmlyc3ROaWdodFByaWNlC190b3RhbFByaWNlEl90b3RhbFByaWNlV2l0aFRheA1fZGF0ZVJhdGVMaXN0DV9kYWlseVRheExpc3QOX2RhaWx5TWVhbExpc3QJX3JhdGVDb2RlCV9yYXRlR3VpZAlfcmF0ZU5hbWURX2lzU3VwcHJlc3NlZFJhdGUJX3Jvb21Db2RlCV9yb29tR3VpZAlfcm9vbU5hbWUOX3Jvb21Hcm91cENvZGUOX3Jvb21Hcm91cEd1aWQKX2ZpbHRlckJBUhVfaGFzQXZhaWxhYmxlUGFja2FnZXMSX2Jvb2tpbmdQb2xpY3lHdWlkEV9jYW5jZWxQb2xpY3lHdWlkD19jdXJyZW5jeVJhdGVJRA9fY3VycmVuY3lQcmVmaXgUX2hvdGVsQ3VycmVuY3lQcmVmaXgNX2N1cnJlbmN5Q29kZQlfY3VzdEd1aWQNX2N1c3RMb2NhdGlvbgpfZXh0Q3VzdENEBl90aXRsZQlfZnVsbE5hbWUKX2ZpcnN0TmFtZQ5fbWlkZGxlSW5pdGlhbAlfbGFzdE5hbWUNX2J1c2luZXNzTmFtZQ1fYnVzaW5lc3N

[PHP] CURL de-bugging: So why am I not getting the results page on the target site?

2008-06-29 Thread ioannes 

For those that like CURL and calendars.

Using CURL, I am accessing a form on a 'target' third party site (it is 
built around JavaScript DHTML DatePicker) and trying to POST various 
date and other inputs from its form and return the results page to my 
site for further processing with php.  However, I can only get the 
inputs page returned.  The third party site works fine when submitted 
from a browser.


I have tried testing various ways.

I put the source code of the target inputs page on my site.  I then 
changed the form to method=get and checked that my CURL expressions 
curl_setopt($curl_session, CURLOPT_POSTFIELDS,variable_name) were all 
in the right order and had the correct HTML substitutions for colons and 
spaces etc.  Testing whether eg the submit variable has been posted, I 
get a good result.  Here is the bit of testing code on the test page:


  
if(ISSET($_POST[SubmitButton])$_POST{SubmitButton}==SubmitButton 
Value) {

   print(brsubmitted - test.php page line 32); // I can get this
   } else {
   print(brnot submitted - test.php page line 35 );
   }

I have 17 variables being submitted.  I do notice that I only get the 
above result if the curl_setopt($curl_session, 
CURLOPT_POSTFIELDS,submit_variable_name) is written in the calling 
page as the last in these expressions, whereas in the list of GET 
variables it comes 14th.  This worries me, it does not seem to be a 
problem with other variables, perhaps because the submit variable has a 
value with a space in it (becomes +).


curl_setopt($curl_sess, 
CURLOPT_POSTFIELDS,Control%3ACheck_0%3AButton=Submit+This);


Thank you for staying with me so far.  I read that variables need to be 
in the right order for some reason.


I suspected that the page was trying to avoid spoofing by using 
sessions, but when I deleted all cookies on my computer and submit from 
the input page using a browser, I still got back a results page but not 
from the script.  So lack of sessions data was not what stops the page 
responding.


The input form page actually is coded as an aspx page.  It uses various 
javascripts and hidden fields like _EVENTTARGET, __EVENTARGUMENT, 
__LASTFOCUS, __VIEWSTATE (below).  The last is an encrypted version of 
the page to enable the Back button to work.  I suppose this could 
include something like a timestamp that stops CURL requests.


If interested, I can send you the actual URLs.

Any ideas on how to grab this result page?

John

PS

VIEWSTATE

curl_setopt($ch,