Taking www.verycd.com as an example
Login wuming88888888 account in Firefox browser for sending party
Login to wuming1990 account as receiver in Chrome browser
Analyze the sender's form
Analyze the data from the submit page source code post
<?php
require ('./http.class.php ');
$http =new http (' http://home.verycd.com/cp.php?ac=pm&op=send&touid=0&pmid=0 ');
$msg =array (
' formhash ' => ' 10fe754a ', ' message
' => ' hello ',
' Pmsubmit ' =>true,
' pmsubmit_btn ' => ' send ',
' refer ' => ' http://home.verycd.com/space.php?do=pm&filter=privatepm ',
' username ' => ' wuming1990 '
);
File_put_contents ('./res.html ', $http->post ($msg));
>Open res.html, analyze source code
http/1.1 Moved Permanently server:nginx Date:fri, Dec 2014 06:57:05 GMT content-type:text/html Transfer-Encoding : chunked connection:close set-cookie:sid=deleted; Expires=thu, 01-jan-1970 00:00:01 GMT; path=/; Domain=.verycd.com set-cookie:member_id=deleted; Expires=thu, 01-jan-1970 00:00:01 GMT; path=/; Domain=.verycd.com set-cookie:member_name=deleted; Expires=thu, 01-jan-1970 00:00:01 GMT; path=/; Domain=.verycd.com set-cookie:pass_hash=deleted; Expires=thu, 01-jan-1970 00:00:01 GMT; path=/; Domain=.verycd.com set-cookie:rememberme=deleted; Expires=thu, 01-jan-1970 00:00:01 GMT; path=/; Domain=.verycd.com set-cookie:mgroupid=deleted; Expires=thu, 01-jan-1970 00:00:01 GMT; path=/; Domain=.verycd.com set-cookie:coppa=deleted; Expires=thu, 01-jan-1970 00:00:01 GMT; path=/; Domain=.verycd.com set-cookie:uchome_auth=deleted; Expires=thu, 01-jan-1970 00:00:01 GMT; path=/; Domain=.verycd.com set-cookie:uchome_loginuser=deleted; Expires=thu, 01-jan-1970 00:00:01 GMT; Path=/; Domain=.verycd.com location:http://www.verycd.com/account/profile/set-cookie:uchome__refer=cp.php%253fac% 253Dprofile; path=/; Domain=.verycd.com 33FC
Debug to see what you are sending.
This time we can parse out the error appears in the first line print the object Http ([errno:protected] => 0 [errstr:protected] => [response:protected ] => [url:protected] => Array ([scheme] => HTTP [host] => home.verycd.co m [path] =>/cp.php [query] => ac=pm&op=send&touid=0&pmid=0 [port] = >) [version:protected] => http/1.1 [fh:protected] => Resource ID #3 [line:protected] =&G T
Array ([0] => post/cp.php http/1.1) [header:protected] => Array ( [0] => Host:home.verycd.com [1] => content-type:application/x-www-form-urlencoded [2] => content-length:185) [body:protected] => Array ([0] => Formhash=10fe754a& ; message=%e4%bd%a0%e5%a5%bd&pmsubmit=1&pmsubmit_btn=%e5%8f%91%e9%80%81&refer=http%3a%2f% 2fhome.verycd.com%2fspace.php%3fdo%3dpm%26filter%3dprivatepm&username=wuming1990))
Modify our HTTP class <pre Name= "code" class= "PHP" >//http Request Class Interface interface proto{//connection URL function conn ($url);
Send a Get Query function get ();
Send post query function post ();
Closes the connection function close ();
Class Http implements proto{const crlf= "\ r \ n";
protected $errno =-1;
protected $errstr = ';
protected $response = ';
protected $url =null;
protected $version = ' http/1.1 ';
protected $FH =null;
Protected $line =array ();
Protected $header =array ();
Protected $body =array ();
Public function __construct ($url) {$this->conn ($url);
$this->setheader (' Host: '. $this->url[' host ')); //This method is responsible for write request line protected function Setline ($method) {$this->line[0]= $method. ' '. $this->url[' path ']. $this->url[' query ']. '
'. $this->version;
}//This method is responsible for writing header information public function SetHeader ($headerline) {$this->header[]= $headerline;
}//This method is responsible for writing the principal information protected function Setbody ($body) {$this->body[]=http_build_query ($body);; }//Connection URL function conn ($url) {$this->url=parse_url ($url);
Judge the port if (!isset ($this->url[' Port ')) {$this->url[' port ']=80;
$this->fh=fsockopen ($this->url[' host '), $this->url[' Port ', $this->errno, $this->errstr,3);
//Constructs a GET Request data function get () {$this->setline (' get ');
$this->request ();
return $this->response;
The data function post of the POST request ($body =array ()) {//constructs the body information $this->setline (' post ');
Set Content-type $this->setheader (' content-type:application/x-www-form-urlencoded ');
Set the body information, $this->setbody ($body) than the one where get is different;
Compute content-length $this->setheader (' content-length: ' strlen ($this->body[0));
$this->request ();
return $this->response; ///Real Requests function request () {//the request line, header information, entity information in an array, easy to splice $req =array_merge ($this->line, $this->header,array ("
), $this->body,array (")");
$req =implode (Self::crlf, $req);
Print_r ($this);
Echo $req;
Exit
Fwrite ($this->fh, $req); while (!feof ($this->fh)) {$this->response.=fread($this->fh,1024);
$this->close ();//close connection return $this->response;
//Turn off connection function close () {fclose ($this->fh); }
}
http/1.1 OK Server:nginx Date:fri, Dec 2014 07:11:39 GMT content-type:text/html transfer-encoding:chunked Ction:close set-cookie:sid=deleted; Expires=thu, 01-jan-1970 00:00:01 GMT; path=/; Domain=.verycd.com set-cookie:member_id=deleted; Expires=thu, 01-jan-1970 00:00:01 GMT; path=/; Domain=.verycd.com set-cookie:member_name=deleted; Expires=thu, 01-jan-1970 00:00:01 GMT; path=/; Domain=.verycd.com set-cookie:pass_hash=deleted; Expires=thu, 01-jan-1970 00:00:01 GMT; path=/; Domain=.verycd.com set-cookie:rememberme=deleted; Expires=thu, 01-jan-1970 00:00:01 GMT; path=/; Domain=.verycd.com set-cookie:mgroupid=deleted; Expires=thu, 01-jan-1970 00:00:01 GMT; path=/; Domain=.verycd.com set-cookie:coppa=deleted; Expires=thu, 01-jan-1970 00:00:01 GMT; path=/; Domain=.verycd.com set-cookie:uchome_auth=deleted; Expires=thu, 01-jan-1970 00:00:01 GMT; path=/; Domain=.verycd.com set-cookie:uchome_loginuser=deleted; Expires=thu, 01-jan-1970 00:00:01 GMT; path=/; Domain=.veRycd.com SET-COOKIE:UCHOME__REFER=CP.PHP%253FAC%253DPM; path=/; Domain=.verycd.com said it was successful, but not completely, and we went on to look at the contents of the res.html in the Web page as follows: indicate that you need to log in before you can operate
How did the server know we didn't log in?
HTTP is a very important feature: stateless, there is no relationship between requests two times.
How the server remembers a customer.
Establish cookie.php
<?php
Header (' Content-type:text/html;charset=utf8 ');
Setcookie (' user ', ' Zhangsan ');
Echo ' Server gives you the number is Zhangsan ';
? >Establish readcookie.php
<?php
Header (' Content-type:text/html;charset=utf8 ');
Echo ' Server gives you the number is '. $_cookie[' user '];
? >To submit a request using a command window
Increase the information submitted
<?php require ('./http.class.php ');
$http =new http (' http://home.verycd.com/cp.php?ac=pm&op=send&touid=0&pmid=0 '); $http->setheader (' cookie:hm_lvt_c7849bb40e146a37d411700cb7696e46=1417760419; hm_lpvt_c7849bb40e146a37d411700cb7696e46=1417760610; Post_action=repost; Sid=7fd8c62c8d000561d658c4e25eccb6f791a8d4b6; member_id=9933070; member_name=wuming88888888; mgroupid=93; PASS_HASH=263B6D67494B1888F1E7B8CC227EA4BD; Rememberme=true; Uchome_auth=63a2o4zg8yspg1tv4%2fiyiydpkrqvqgkgxaqgp%2fi5zxyqivjc8ad40veyw2peemnkywkq2qsernpgsorxwxlkpdomid%2fq ; uchome_loginuser=wuming88888888; cnzzdata1479=cnzz_eid%3d407399210-1417756656-http%253a%252f%252fwww.verycd.com%252f%26ntime%3d1417756656; __utma=248211998.394160120.1417760633.1417760633.1417760633.1; __utmb=248211998.8.10.1417760633; __utmc=248211998; __utmz=248211998.1417760633.1.1.utmcsr=verycd.com|utmccn= (Referral) |utmcmd=referral|utmcct=/account/profile/ base/; __utmt=1; uchome_sendmail=1; Uchome_checkpm=1;
Dcm=1 '); $msg =array ('Formhash ' => ' 10fe754a ', ' message ' => ' I am from wuming88888888 ', ' pmsubmit ' =>true, ' pmsubmit_btn ' => ' send ', ' re
Fer ' => ' http://home.verycd.com/space.php?do=pm&filter=privatepm ', ' username ' => ' wuming1990 ');
File_put_contents ('./res.html ', $http->post ($msg)); echo ' OK ';?>
And see if the wuming1990 users receive the information
(PS: If the sending is unsuccessful, indicating that the cookie value is not correct, the generation of the cookie is related to the request header information, Conservative practice: Add all the request headers to the POST request)
accepttext/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-encoding gzip, deflate Accept-language zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3 Connection keep-alive cookiehm_lvt_ c7849bb40e146a37d411700cb7696e46=1417760419; hm_lpvt_c7849bb40e146a37d411700cb7696e46=1417760610; Post_action=repost; Sid=7fd8c62c8d000561d658c4e25eccb6f791a8d4b6; member_id=9933070; member_name=wuming88888888; mgroupid=93; PASS_HASH=263B6D67494B1888F1E7B8CC227EA4BD; Rememberme=true; Uchome_auth=63a2o4zg8yspg1tv4%2fiyiydpkrqvqgkgxaqgp%2fi5zxyqivjc8ad40veyw2peemnkywkq2qsernpgsorxwxlkpdomid%2fq ; uchome_loginuser=wuming88888888; cnzzdata1479=cnzz_eid%3d407399210-1417756656-http%253a%252f%252fwww.verycd.com%252f%26ntime%3d1417756656; __utma=248211998.394160120.1417760633.1417760633.1417760633.1; __utmb=248211998.8.10.1417760633; __utmc=248211998; __utmz=248211998.1417760633.1.1.utmcsr=verycd.com|utmccn= (Referral) |utmcmd=referral|utmcct=/account/profile/ base/; __utmt=1; uchome_sendmail=1; uchome_checkpm= 1; Dcm=1 Hosthome.verycd.com refererhttp://home.verycd.com/cp.php?ac=pm user-agent mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) gecko/20100101 firefox/33.0
Writing format:
$http->setheader (' Red font: Black font ');
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
