Php curl login to remote forum


I am developing a custom script and i want my script to login to a custom forum eg webhostingtalk and post in a selected forum but as far as the logining in goes it doesnt login as my username and password entered this is my script

$agent = "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)";
$ch = curl_init(); 
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookiepath);
curl_setopt($ch, CURLOPT_URL,$loginURL);
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch,CURLOPT_POSTFIELDS,'vb_login_usern ame='.$usrname.'&vb_login_password='.$password);
curl_close ($ch);
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookiepath);
curl_setopt($ch, CURLOPT_URL,$reffer);
$result = curl_exec ($ch);
print $result;	
curl_close ($ch);

It doesnt want to do the login form me and login as my selected user

How can i fix this?


i installed the addon and logged in and this is what its returning

POST /login.php?do=login HTTP/1.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: Gecko/2010031422 Firefox/3.0.19 ( .NET CLR 3.5.30729)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: bblastvisit=1281037103; bblastactivity=0; __utma=151190719.2035685004.1281037106.1282385939.1282910069.3; __utmz=151190719.1282385939.2.2.utmcsr=google|utmccn=(organic)|utmcmd=organic|; __utmv=151190719.Guest%2FNot%20Logged%20In; __unam=8535df6-12a43c2fdae-7e3fc7c3-5; UserInteraction7=KonaFlashBase; bbsessionhash=a277e6d4178a2f8f8ad73dd3351fd8a6; dfp_proxy=no; __utmb=151190719.3.10.1282910069; __utmc=151190719; __utmx=151190719.00008952892475969592:3:2; __utmxx=151190719.00008952892475969592:3009815:2592000
Content-Type: application/x-www-form-urlencoded
Content-Length: 210
HTTP/1.1 200 OK
Date: Fri, 27 Aug 2010 11:55:01 GMT
Server: Apache
Cache-Control: private
Pragma: private
X-UA-Compatible: IE=7
Vary: Accept-Encoding
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 bc2
Content-Length: 2151
Connection: close
Content-Encoding: gzip
Set-Cookie: bblastvisit=1281037103; expires=Sat, 27-Aug-2011 11:55:02 GMT; path=/;
Set-Cookie: bblastactivity=0; expires=Sat, 27-Aug-2011 11:55:02 GMT; path=/;
Set-Cookie: bbsessionhash=cc6ddc245cc16b43ac9e90e9cd69cb72; path=/;; HttpOnly

can anyone help me debug the above code??


In Firefox use an add-in called LiveHTTPHeaders, install it, then browse to the site in question, log in with your user name and password and then look very carefully at the headers that are being returned. Especially:

how many internal redirects are being done with your original request?
are cookies being assessed as well as user/pass?
anything else unusual

In effect your cURL call has to mimic to some degree those headers. To which degree you cannot know because you do not know how critical each piece of information is to the success of the login - till you add/drop them one at a time.

ps I’d create a new user first and look at how that is handled compared to your old (cookie-powered? login)

Well, maybe its not obvious from the LiveHtttpHeaders docs, but what you do is re-run the header - my FF is playing up so I cannot recreate the problem myself - you re-run the header, this should return the page as expected, then remove a line and repeat and so on till you find out the exact minimum the server expects - then use CURL to recreate that header for you.

It can be hard if you are not lucky.

Just how critical are those cookies, if you can login and use the site without cookies as a person who is browsing (turn them off) then chances are you can leave the cookies off, see? Thats the kind of dividing and conquering you have to do to “debug” as you call it.