Python script to implement the Xiami check-in function, python Xiami

Python script to implement the Xiami check-in function, python Xiami

This article describes how to use a Python script to sign in to Xiami. We will share this with you for your reference. The details are as follows:

Overview

This script completes the automatic logon and sign-in function.

The urllib, urllib2, and cookielib modules are generally used. Actually, it is implemented to post data to the specified url using python.

How can I know what data the browser post to the server when logging on to and signing in the browser? You can see it in the powerful chrome: F12-> Network. Some servers will jump to the client browser or immediately refresh the page after logon, and the data post to the server will not be flushed, we need to use WireShark, a powerful packet capture software, for analysis. For example, chrome:

Then you can write it. Construct the Request Headers and the Data to Post (Form Data in Chrome). The ID and Pwd are transmitted in plaintext.

Code

The following code is used:

#-*-Coding: cp936-*-''' Created on 2012-11-15 @ author: liushuai ''' import urllib, urllib2, cookielib, sysclass LoginXiami: login_header = {'user-agent': 'mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.4 (KHTML, like Gecko) chrome/22.0.1229.79 Safari/100'} signin_header = {'user-agent': 'mozilla/537.4 (Windows NT 5.0) AppleWebKit/6.1 (KHTML, like Gecko) chrome/22.0.1229.79 Safari/537.4 ', 'x-Requeste D-With ': 'xmlhttprequest', 'content-length': 0, 'origin': 'http: // www.xiami.com ', 'Referer': 'http: // www.xiami.com/'} email = ''password ='' cookie = None cookieFile = '. /cookie. dat 'def _ init _ (self, email, pwd): self. email = email self. password = pwd self. cookie = cookielib. LWPCookieJar () opener = urllib2.build _ opener (urllib2.HTTPCookieProcessor (self. cookie) urllib2.install _ opener (opener) def lo Gin (self): postdata = {'email ': self. email, 'Password': self. password, 'done': 'http: // www.xiami.com ', 'submit': '% E7 % 99% BB + % E5 % BD % 95'} postdata = urllib. urlencode (postdata) print 'logining... 'req = urllib2.Request (url = 'HTTP: // www.xiami.com/member/login', data = postdata, headers = self. login_header) result = urllib2.urlopen (req ). read () self. cookie. save (self. cookieFile) result = str (result ). decode ('utf-8 '). Encode ('gbk') if 'email or incorrect Password 'in result: print 'login failed due to Email or Password error... 'sys. exit () else: print 'login successfully! 'Def signIn (self): postdata ={} postdata = urllib. urlencode (postdata) print 'signing... 'req = urllib2.Request (url = 'HTTP: // www.xiami.com/task/signin', data = postdata, headers = self. signin_header) result = urllib2.urlopen (req ). read () result = str (result ). decode ('utf-8 '). encode ('gbk') self. cookie. save (self. cookieFile) try: result = int (result) failed t ValueError: print 'signing failed... 'sys. exit () e Xcept: print 'signing failed due to unknown reasons... 'sys. exit () print 'signing successfully! 'Print self. email, 'have signe', result, 'days continuously... 'If _ name _ = '_ main _': user = LoginXiami ('your logon mailbox ', 'Your password') user. login () user. signIn ()

Run the script to log on and sign in.

Postscript

Some Discuz! The Forum is said to prevent users from posting data to the server through external web pages. The server generates a value named formhash after each successful login by each user, return the hidden fields of the form to the client (the server also saves them ).

When the client posts data to the server, this value will be used as a data item of the form to post the data together "unconsciously" (because it is a hidden field of the form, after the server receives the post request from the client, it can compare it with the formhash value of the server to see whether the data is post through a browser page.

But if it is to prevent this, is this practice really useful? I tried it. I only needed to use a simple regular expression analysis to analyze the html returned after successful logon, find the formhash value, and use the above method and theoretical post to complete the sign-in function.

In any case, you can use the script to "Pretend" to complete the login and sign-in process with a browser.
Appendix: Because the website may be revised or upgraded, the data posted to the server may change, and the Code must be adjusted accordingly. Therefore, the code is only for research and learning reference.