I want to log in with cURL on the page and get data from it. I noticed that during authorization, more precisely, when going to the site, a new _csrf-backend value is generated each time, and when you enter your login / password and click Login , this most generated _csrf-backend is transmitted by POST .
In the form it looks like this:
<input type="hidden" name="_csrf-backend" value="m_C6kJjl6jmbREgSHpCAwIs8JkfekqhTtN7Lt1a-ftOqwdj2_4O6Ya4AL3dSovWC_nJ8IJfDmxHlkqXYD_Mc5Q=="> I also noticed that he is in the header of the site
<meta name="csrf-param" content="_csrf-backend"><meta name="csrf-token" content="m_C6kJjl6jmbREgSHpCAwIs8JkfekqhTtN7Lt1a-ftOqwdj2_4O6Ya4AL3dSovWC_nJ8IJfDmxHlkqXYD_Mc5Q=="> How do I get it before cURL will be authorized on the site (well, and substitute for authorization).
Here is my function:
function login($url, $login, $pass){ $ch = curl_init(); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_REFERER, $url); curl_setopt($ch, CURLOPT_VERBOSE, 0); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_POSTFIELDS,"LoginForm[email]=".$login."&LoginForm[password]=".$pass."&_csrf-backend=".$csrf."&login-button="); curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (Windows; U; Windows NT 5.0; En; rv:1.8.0.2) Gecko/20070306 Firefox/1.0.0.4"); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt'); $result=curl_exec($ch); curl_close($ch); return $result; } I would be grateful for the help.
