PHP login script

logic1 · 20-09-2001 11:43am #1

Hi people,

I've a prob that's driving me crazy. I have a remote site which requires a username and password to login. Once logged in you have access to a php site which uses a mysql backend (www.gang-wars.com)

What I want to do is write a php script which logs in remotely and carries out certain functions for me at regular intervals.

Basically I'm looking for any sites which have related tutorials.

I've tried all the usual php.com .net helper devshed places.

tx,

.logic.

Cr8or · 20-09-2001 1:33pm

logic m8 i duno about getting the script to do it at regular intervals i dont think thats possible but what yea could do is just write it so it gets the remote pages when some 1 logs onto your php script ( this could slow down your loading time a bit ).

i do not know of any tutorilas of this kind but i do know it could be done get yourself a good book thats about all i can say.

logic1 · 20-09-2001 1:57pm

It is possible

anyone else?

.logic.

Enygma · 20-09-2001 2:13pm

Not sure about PHP but you could defintely write a Perl script (not CGI) to do it.
I think the LWP module would do the trick.
Try taking a look for it on CPAN.

phaxx · 21-09-2001 12:37am

I've done a lot of work with http headers stuff recently, so I could easily do something to login and do certain things. What do you need it to do? Do you need to do any processing of the returned pages?

Perl would probably be best. PHP, well, I think there's some kind of command line interpreter thingie... a friend wrote a httpd with it, or so he said. I'll ask him next time he's about.

Snaga · 21-09-2001 1:37am

Logic, its definitely possible to do....but if your caught using it, and they do check for these things, then you will be kicked out of the game, ala an entire wing of RB galaxies in Planetarion who used a similar system to check every hour to see if they had incoming (it wouls send them an sms if they did).

Those guys used some form of web bot (written in perl i believe) which was cron'ed to log into the system at certain intervals through different proxy servers and then php to manage the data the bot took out.

Quite impressive coding, but its dirty cheating too

logic1 · 21-09-2001 8:22am

They don't kick you out of gang wars for it

Any pages which describe the use of http headers phaxx?

.logic.

logic1 · 21-09-2001 9:56am

OK I've done a bit of research and this seems fully possibly using the headers method you suggested phaxx.

Bascially I have to open a connection to the webserver then start the user authentication process using www-authenticate I think.

I will need to send it values for both $PHP_AUTH_USER and $PHP_AUTH_PW to be able to log in.

Putting all this stuff together is what I'm having probs with. I need to know how to sen the values for user and password in the initial header I send to the web server which should theoretically allow me to log in.

I've found lots of tutorials which show the other side of the coin e.g. how to authenticate a user but not alot which show how to be authenticated with a server!!

HELP

.logic.

logic1 · 21-09-2001 10:03am

OK I cracked the basic string heheh I ROOL...

Hey Phaxx would you like to work with me on this one??

OK I can get in to the site by basically sending this header

GET http://www.gang-wars.com/login.php HTTP/1.0 Authorization: Basic <usernamepass>

That actually logs me in. Non-encrypted clear text username and pass.

Now I need a prog that sends that line to the server and keeps the connection open for the next line.

.logic.

The Corinthian · 23-09-2001 2:48pm

Is this of any use?

[PHP]
$pwd = "<usernamepass>";
$fp = fsockopen ("http://www.gang-wars.com/login.php", 80, $errno, $errstr, 30);
if (!$fp) {
echo "$errstr ($errno)<br>\n";
} else {
fputs ($fp, "GET / HTTP/1.0 Authorization: Basic $pwd\r\n\r\n");
while (!feof($fp)) {
echo fgets ($fp,128);
}
fclose ($fp);
}
[/PHP]

logic1 · 23-09-2001 3:07pm

It certainly is. Cheers

.logic.

phaxx · 23-09-2001 9:14pm

You'd want to add other headers like real browsers do so they don't cop on.

Sure I'd like to help, but The Corinthian jumped in before me :P

logic1 · 24-09-2001 10:30am

<recognition finally dawns>

Your Lordphaxx from H_I!!

/me hits self on head.

nice site btw

.logic.

logic1 · 24-09-2001 1:22pm

Blah. Just got the script written and I think they've changed the authorization routine.....

Back to the drawing board.

.logic.

The Corinthian · 24-09-2001 1:41pm

Originally posted by logic1
Blah. Just got the script written and I think they've changed the authorization routine.....

Back to the drawing board.

.logic.

lol

Maybe they're lurking on boards

logic1 · 24-09-2001 1:50pm

Actually just found out the prob. Went reading through the RFC's for basic authentication and the funny thin is previously it was accepting clear text username and password but according to the RFC:

To receive authorization, the client sends the userid and password,
separated by a single colon (":") character, within a base64 [7]encoded
string in the credentials.

basic-credentials = "Basic" SP base64-user-pass
base64-user-pass = <base64 [4] encoding of user-pass,
except not limited to 76 char/line>
user-pass = userid ":" password
userid = *<TEXT excluding ":">
password = *TEXT

Userids might be case sensitive.

So I tried Base64 encoding the username:pass combination and bingo I'm in again.

.logic.

PHP login script

Comments