Search code examples
phpjsonapiforum

Starting a private conversation to a person on a forums using the forumrunner api?

I have been having trouble trying to send a user on a forum a message using the forum runner api externally.

I have been able to login successfully with this code: 

function login($username, $password){
    $postdata = "cmd=login&username=".$username."&password=".$password;

    $opts = array('http' =>
        array(
            'method'  => 'POST',
            'header'  => 'Content-type: application/x-www-form-urlencoded',
            'content' => $postdata
        )
    );

    $context  = stream_context_create($opts);

    $result = file_get_contents('http://forums.<<<website>>>.org/forumrunner/request.php', false, $context);
    $resultantArray = json_decode($result, true);

    if($resultantArray['success'] == true){
        $this->loginresult=$resultantArray;
        return true;
    } else {
        $this->loginresult=false;
        return false;
    }
}

Result:

array(5) { ["success"]=> bool(true) ["data"]=> array(6) { ["username"]=> string(8) "<<<Username>>>" ["authenticated"]=> bool(true) ["v"]=> string(5) "1.1.1" ["p"]=> string(5) "xen10" ["requires_authentication"]=> bool(false) ["reg"]=> bool(true) } ["ads"]=> int(0) ["pm_notices"]=> int(0) ["sub_notices"]=> int(0) } string(4395) "

So that works, and sends back a login success message, but this code to start a new conversation is not working (failing auth):

function sendPM($recipients, $title, $message) {
    $postdata = "cmd=start_conversation&recipients=".$recipients."&title=".$title."&message=".$message."&d=1";

    $opts = array('http' =>
        array(
            'method'  => 'POST',
            'header'  => 'Content-type: application/x-www-form-urlencoded',
            'content' => $postdata
        )
    );

    $context  = stream_context_create($opts);

    $result = file_get_contents('http://forums.<<<website>>>.org/forumrunner/request.php', false, $context);
    $resultantArray = json_decode($result, true);
    if($resultantArray['success'] == true){
        $this->pmresult=$resultantArray;
        return true;
    } else {
        $this->pmresult=$result;
        return false;
    }

}

And the error (the important part):

{"success":false,"message":"You do not have permission to view this page or perform this action."}

I believe I need to pass some sort of security token along with it, but I do not know where to get it.

Solution

  • You're using PHP as a web client (like Firefox or Chrome), but it is not a browser. It does not support cookies by default.

    Let's assume you're using a browser now. Usually after you login to a website, the site will pass some kind of token to you (e.g. session id, username). The token(s) will be stored in your browser's cookie. And every time you do something on the site, your browser will give that token to the site. That's how the site will know your login information every time (after login).

    Now, your program has to do the same, but PHP don't do it for you automatically. You need to either:

    1. write your own code to read, store, and write cookie in your request / respond header.

    2. search the web and find related libraries, if there is any.

    I suggest you read some related discussion, such as:

    https://forums.digitalpoint.com/threads/how-to-make-a-php-robot-that-can-log-in.2410778/