如何使用PHP/cURL发布ASP.NET登录表单 - How to post ASP.NET login form using PHP/cURL?

我需要创建一个工具，使用PHP发布ASP.NET登录表单，这样我就可以从用户登录后显示的摘要页面中收集详细信息。

因为该网站使用ASP.NET，并且表单有__VIEWSTATE和__EVENTVALIDATION隐藏字段，据我所知，我必须先获取这些值，然后在POST中将它们提交到登录表单，这样才能工作。

我是PHP的新手。我创建的脚本应该执行以下操作：

1）获取登录表单并获取__VIEWSTATE和__EVENTVALIDATION

2） POST到具有适当的POST数据的登录表单。

3）获取summary.htm页面，该页面在我通过身份验证后应该可以访问。

我不清楚实际发生了什么。在登录表单后，我收到了一个cookie，但无法判断该cookie是否表明我已通过身份验证。当我尝试获取summary.htm页面时，我会被重定向回登录页面，就好像我没有通过身份验证一样。

我是PHP的新手，我希望熟悉PHP的人能够看到我明显缺少的东西。

这是代码：

<?php
require_once  ("Includes/simple_html_dom.php");
ini_set('display_errors', 'On');
error_reporting(E_ALL);
// Create curl connection
$url = 'https://www.mysite.com/account/login.htm';
$cookieFile = 'cookie.txt';
$ch = curl_init();
// We must request the login page and get the ViewState and EventValidation hidden values
// and pass those along in the post request.
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setOpt($ch, CURLOPT_REFERER, 'https://www.mysite.com/account/login.htm');
curl_setopt($ch, CURLOPT_HTTPHEADER,array('Origin: https://www.mysite.com', 'Host: www.mysite.com'));

$curl_scraped_page = curl_exec($ch);
// Grab ViewState and EventValidation data
$html = str_get_html($curl_scraped_page);
$viewState = $html->find("#__VIEWSTATE", 0);
$eventValidation = $html->find("#__EVENTVALIDATION", 0);
$previousPage = $html->find("#__PREVIOUSPAGE", 0);

//create array of data to be posted
// This matches exactly what I am seeing being posted when looking at Fiddler
$post_data['__EVENTTARGET'] = '';
$post_data['__EVENTARGUMENT'] = '';
$post_data['__VIEWSTATE'] = $viewState->value;
$post_data['__EVENTVALIDATION'] = $eventValidation->value;
$post_data['__PREVIOUSPAGE'] = $previousPage->value;
$post_data['ctl00$ctl00$cphMasterBody$cphPageTemplateContent$MyAccountLogin967$LoginFields$txtUsername'] = 'bsmith';
$post_data['ctl00$ctl00$cphMasterBody$cphPageTemplateContent$MyAccountLogin967$LoginFields$txtPassword'] = 'Weez442';
$post_data['ctl00$ctl00$cphMasterBody$cphPageTemplateContent$MyAccountLogin967$LoginFields$chkLoginPersist'] = 'on';
$post_data['ctl00$ctl00$cphMasterBody$cphPageTemplateContent$MyAccountLogin967$btnLogin'] = 'Login >';
$post_data['ctl00$ctl00$cphMasterBody$cphPageTemplateTopHeader$IncludeHeader$LoginModal$LoginFields$txtModalUsername'] = '';
$post_data['ctl00$ctl00$cphMasterBody$cphPageTemplateTopHeader$IncludeHeader$LoginModal$LoginFields$txtModalPassword'] = '';
$post_data['ctl00$ctl00$cphMasterBody$cphPageTemplateTopHeader$IncludeHeader$SearchForm$inputText'] = '';
//traverse array and prepare data for posting (key1=value1)
foreach ( $post_data as $key => $value) {
    $post_items[] = rawurlencode($key) . '=' . rawurlencode($value);
}
//create the final string to be posted using implode()
$post_string = implode ('&', $post_items);
//Set options for post
curl_setOpt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch,CURLOPT_HTTPHEADER,array('Origin: https://www.mysite.com', 'Host: www.mysite.com', 'Content-Type: application/x-www-form-urlencoded'));
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_string);
curl_setopt($ch, CURLOPT_URL, $url);   
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookieFile);
curl_setOpt($ch, CURLOPT_REFERER, 'https://www.mysite.com/account/login.htm');
// Perform our post request
$curl_scraped_page = curl_exec($ch);
echo $curl_scraped_page;
// Now get our account summary page
$urlAcctSummary = "https://www.mysite.com/my-account/summary.htm";
//Set options
curl_setOpt($ch, CURLOPT_HTTPGET, TRUE);
curl_setOpt($ch, CURLOPT_POST, FALSE);
curl_setopt($ch, CURLOPT_URL, $urlAcctSummary);   
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookieFile); 
$curl_scraped_page = curl_exec($ch);
echo $curl_scraped_page;
curl_close($ch);
?>

我想明白了。我以多种方式调整了代码，但我相信问题的根源是ASP.NET希望从第一个GET请求设置会话cookie，而我只在POST请求中指定了CURLOPT_COOKIEJAR，在最后一个GET请求中指定CURLOPT_COOKIEFILE。

一旦我在第一个GET请求中放入CURLOPT_COOKIEJAR和CURLOPT_COOKIEFILE，它就按设计工作了。

以下是我的代码在移动后的样子：

<?php
require_once  ("Includes/simple_html_dom.php");
ini_set('display_errors', 'On');
error_reporting(E_ALL);
// Create curl connection
$url = 'https://www.mysite.com/account/login.htm';
$cookieFile = 'cookie.txt';
$ch = curl_init();
// We must request the login page and get the ViewState and EventValidation hidden values
// and pass those along in the post request.
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setOpt($ch, CURLOPT_REFERER, 'https://www.mysite.com/account/login.htm');
curl_setopt($ch, CURLOPT_HTTPHEADER,array('Origin: https://www.mysite.com', 'Host: www.mysite.com'));
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookieFile);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookieFile);

$curl_scraped_page = curl_exec($ch);
// Grab ViewState and EventValidation data
$html = str_get_html($curl_scraped_page);
$viewState = $html->find("#__VIEWSTATE", 0);
$eventValidation = $html->find("#__EVENTVALIDATION", 0);
$previousPage = $html->find("#__PREVIOUSPAGE", 0);

//create array of data to be posted
// This matches exactly what I am seeing being posted when looking at Fiddler
$post_data['__EVENTTARGET'] = '';
$post_data['__EVENTARGUMENT'] = '';
$post_data['__VIEWSTATE'] = $viewState->value;
$post_data['__EVENTVALIDATION'] = $eventValidation->value;
$post_data['__PREVIOUSPAGE'] = $previousPage->value;
$post_data['ctl00$ctl00$cphMasterBody$cphPageTemplateContent$MyAccountLogin967$LoginFields$txtUsername'] = 'bsmith';
$post_data['ctl00$ctl00$cphMasterBody$cphPageTemplateContent$MyAccountLogin967$LoginFields$txtPassword'] = 'Weez442';
$post_data['ctl00$ctl00$cphMasterBody$cphPageTemplateContent$MyAccountLogin967$LoginFields$chkLoginPersist'] = 'on';
$post_data['ctl00$ctl00$cphMasterBody$cphPageTemplateContent$MyAccountLogin967$btnLogin'] = 'Login >';
$post_data['ctl00$ctl00$cphMasterBody$cphPageTemplateTopHeader$IncludeHeader$LoginModal$LoginFields$txtModalUsername'] = '';
$post_data['ctl00$ctl00$cphMasterBody$cphPageTemplateTopHeader$IncludeHeader$LoginModal$LoginFields$txtModalPassword'] = '';
$post_data['ctl00$ctl00$cphMasterBody$cphPageTemplateTopHeader$IncludeHeader$SearchForm$inputText'] = '';
//traverse array and prepare data for posting (key1=value1)
foreach ( $post_data as $key => $value) {
    $post_items[] = rawurlencode($key) . '=' . rawurlencode($value);
}
//create the final string to be posted using implode()
$post_string = implode ('&', $post_items);
//Set options for post
curl_setOpt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch,CURLOPT_HTTPHEADER,array('Origin: https://www.mysite.com', 'Host: www.mysite.com', 'Content-Type: application/x-www-form-urlencoded'));
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_string);
curl_setopt($ch, CURLOPT_URL, $url);   
curl_setOpt($ch, CURLOPT_REFERER, 'https://www.mysite.com/account/login.htm');
// Perform our post request
$curl_scraped_page = curl_exec($ch);
echo $curl_scraped_page;
// Now get our account summary page
$urlAcctSummary = "https://www.mysite.com/my-account/summary.htm";
//Set options
curl_setOpt($ch, CURLOPT_HTTPGET, TRUE);
curl_setOpt($ch, CURLOPT_POST, FALSE);
curl_setopt($ch, CURLOPT_URL, $urlAcctSummary);   
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
$curl_scraped_page = curl_exec($ch);
echo $curl_scraped_page;
curl_close($ch);
?>