Search code examples
phphtmlxmlcurlcaldav

How to log in to a website automatically?


I have been trying to work on this project for a long time. I need to find a way to log in automatically to this website so people see the calendar information without using the credentials every time. So far, the best approach is a code in php using "curl" from this YouTube video ; the problem is that the login system doesn't use a "Post" or "Get", it uses some kind of "xml" with weird information.

This is the login link

Credentials:

Url -> http://www.cronospr.info/baikal/cal.php/calendars/test/default

User -> test

Password -> 1234

Any information will be appreciated!

code:

<?php

//Upload a blank cookie.txt to the same directory as this file with a CHMOD/Permission to 777
function login($url,$data){
$fp = fopen("cookie.txt", "w");
fclose($fp);
$login = curl_init();
curl_setopt($login, CURLOPT_COOKIEJAR, "cookie.txt");
curl_setopt($login, CURLOPT_COOKIEFILE, "cookie.txt");
curl_setopt($login, CURLOPT_TIMEOUT, 40000);
curl_setopt($login, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($login, CURLOPT_URL, $url);
curl_setopt($login, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($login, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($login, CURLOPT_POST, TRUE);
curl_setopt($login, CURLOPT_POSTFIELDS, $data);
ob_start();
return curl_exec ($login);
ob_end_clean();
curl_close ($login);
unset($login);    
}                  

function grab_page($site){
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($ch, CURLOPT_TIMEOUT, 40);
curl_setopt($ch, CURLOPT_COOKIEFILE, "cookie.txt");
curl_setopt($ch, CURLOPT_URL, $site);
ob_start();
return curl_exec ($ch);
ob_end_clean();
curl_close ($ch);
}

function post_data($site,$data){
$datapost = curl_init();
    $headers = array("Expect:");
curl_setopt($datapost, CURLOPT_URL, $site);
    curl_setopt($datapost, CURLOPT_TIMEOUT, 40000);
curl_setopt($datapost, CURLOPT_HEADER, TRUE);
    curl_setopt($datapost, CURLOPT_HTTPHEADER, $headers);
curl_setopt($datapost, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($datapost, CURLOPT_POST, TRUE);
curl_setopt($datapost, CURLOPT_POSTFIELDS, $data);
    curl_setopt($datapost, CURLOPT_COOKIEFILE, "cookie.txt");
ob_start();
return curl_exec ($datapost);
ob_end_clean();
curl_close ($datapost);
unset($datapost);    
}

?>

<?php

echo grab_page("http://test:[email protected]/baikal/cal.php/calendars/test/default");

?>

Solution

  • seems i managed to log in here, its not easy though, its using a custom request called "REPORT" (whatever that is), and sending custom request body is difficult with curl :p also i have no idea how to construct the AUTHORIZATION header, i just copied the 1 generated by chrome. also it seems impossible to log in with firefox on this site..

    <?php
    $ch=curl_init();
    curl_setopt_array($ch,array(
            CURLOPT_AUTOREFERER => true,
            CURLOPT_BINARYTRANSFER => true,
            CURLOPT_COOKIESESSION => true,
            CURLOPT_COOKIEFILE=>'',
            CURLOPT_FOLLOWLOCATION => true,
            CURLOPT_FORBID_REUSE => false,
            CURLOPT_HTTPGET => true,
            CURLOPT_RETURNTRANSFER => true,
            CURLOPT_SSL_VERIFYPEER => false,
            CURLOPT_CONNECTTIMEOUT => 10,
            CURLOPT_TIMEOUT => 11,
            CURLOPT_ENCODING => "",
            CURLOPT_USERAGENT=>'hello from PHP!',
    
    ));
    curl_setopt($ch,CURLOPT_URL,'http://www.cronospr.info/baikal/CalDav-Web-Client-master/');
    $ret=curl_exec($ch);
    var_dump($ret);
    
    $requestFileR=tmpfile();
    $data='<?xml version="1.0" encoding="utf-8" ?>
    <C:calendar-query xmlns:D="DAV:" xmlns:C="urn:ietf:params:xml:ns:caldav">
        <D:prop>
            <C:calendar-data>
                <C:expand start="20160226T003528Z" end="20160227T003528Z"/>
            </C:calendar-data>
            <D:getetag/>
        </D:prop>
        <C:filter>
            <C:comp-filter name="VCALENDAR">
                <C:comp-filter name="VEVENT">
                    <C:time-range start="20160226T003528Z" end="20160227T003528Z"/>
                </C:comp-filter>
            </C:comp-filter>
        </C:filter>
    </C:calendar-query>';
    fwrite($requestFileR,$data,strlen($data));
    curl_setopt_array($ch,array(
    CURLOPT_URL=>'http://'.'test'.':'.'1234'.'@www.cronospr.info/baikal/cal.php/calendars/test/default',
    CURLOPT_CUSTOMREQUEST=>'REPORT',//wtf is REPORT? ive got no idea
    CURLOPT_USERAGENT=>'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36',
    CURLOPT_HTTPHEADER=>array(
    
    'Authorization: Digest username="test", realm="BaikalDAV", nonce="56cf9dcef0a60", uri="/baikal/cal.php/calendars/test/default", response="66c37fa0764afa803cd87b0f894cf76a", opaque="df58bdff8cf60599c939187d0b5c54de", qop=auth, nc=00000001, cnonce="705f9130cf755172"',
    'Origin: http://www.cronospr.info',
    'Content-Type: application/xml',
    'Accept: application/xml, text/xml, */*; q=0.01',
    'X-Requested-With: XMLHttpRequest',
    'Depth: 1',
    'Referer: http://www.cronospr.info/baikal/CalDav-Web-Client-master/',
    'Accept-Language: nb,nn;q=0.8,no;q=0.6,en-US;q=0.4,en;q=0.2',
    ),
    CURLOPT_INFILE=>$requestFileR,
    CURLOPT_PUT=>true,
    CURLOPT_INFILESIZE=>strlen($data),
    CURLOPT_READFUNCTION=>function($ch,$fd,$maxlen) use(&$data){
    return $data;
    }
    ));
    $ret=curl_exec($ch);
    var_dump($ret);