Menu
I am trying to login to Google account in order to be able to use Google Ingress Intel map in my own application. I found this question (Login to Google with PHP and Curl, Cookie turned off?) and I can login to Google Account, but problem starts when I want to load Ingress Intel map (http://www.ingress.com/intel), then I get this error:
Forbidden (403)
CSRF verification failed. Request aborted.
I know about CSRF but I dunno what I am doing wrong. Maybe it is because my cookie.txt file is empty, but why?
Here is my code:
$ch = curl_init();
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 120);
curl_setopt($ch, CURLOPT_TIMEOUT, 120);
curl_setopt($ch, CURLOPT_URL,
'https://accounts.google.com/ServiceLogin?hl=en&service=alerts&continue=http://www.google.com/alerts/manage');
$data = curl_exec($ch);
$formFields = getFormFields($data);
$formFields['Email'] = $USERNAME;
$formFields['Passwd'] = $PASSWORD;
unset($formFields['PersistentCookie']);
$post_string = '';
foreach($formFields as $key => $value) {
$post_string .= $key . '=' . urlencode($value) . '&';
}
$post_string = substr($post_string, 0, -1);
curl_setopt($ch, CURLOPT_URL, 'https://accounts.google.com/ServiceLoginAuth');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_string);
$result = curl_exec($ch);
curl_setopt($ch, CURLOPT_URL, 'http://www.ingress.com/intel');
curl_setopt($ch, CURLOPT_POST, 0);
curl_setopt($ch, CURLOPT_POSTFIELDS, null);
$result = curl_exec($ch);
var_dump($result);
function getFormFields($data)
{
if (preg_match('/(<form.*?id=.?gaia_loginform.*?<\/form>)/is', $data, $matches)) {
$inputs = getInputs($matches[1]);
return $inputs;
} else {
die('didnt find login form');
}
}
function getInputs($form)
{
$inputs = array();
$elements = preg_match_all('/(<input[^>]+>)/is', $form, $matches);
if ($elements > 0) {
for($i = 0; $i < $elements; $i++) {
$el = preg_replace('/\s{2,}/', ' ', $matches[1][$i]);
if (preg_match('/name=(?:["\'])?([^"\'\s]*)/i', $el, $name)) {
$name = $name[1];
$value = '';
if (preg_match('/value=(?:["\'])?([^"\'\s]*)/i', $el, $value)) {
$value = $value[1];
}
$inputs[$name] = $value;
}
}
}
return $inputs;
}
Thanks for advice what I am doing wrong :)
485
<?php
$username = '[email protected]';
$password = 'password';
$cookies = 'cookies.txt';
function getFormFields($data) {
if(preg_match('/(<form.*?id=.?gaia_loginform.*?<\/form>)/is', $data, $matches)) {
$inputs = getInputs($matches[1]);
return $inputs;
} else {
die('didnt find login form');
}
}
function getInputs($form) {
$inputs = array();
$elements = preg_match_all('/(<input[^>]+>)/is', $form, $matches);
if($elements > 0) {
for($i = 0; $i < $elements; $i++) {
$el = preg_replace('/\s{2,}/', ' ', $matches[1][$i]);
if (preg_match('/name=(?:["\'])?([^"\'\s]*)/i', $el, $name)) {
$name = $name[1];
$value = '';
if (preg_match('/value=(?:["\'])?([^"\'\s]*)/i', $el, $value)) {
$value = $value[1];
}
$inputs[$name] = $value;
}
}
}
return $inputs;
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.56 Safari/537.17");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookies);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookies);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 120);
curl_setopt($ch, CURLOPT_TIMEOUT, 120);
curl_setopt($ch, CURLOPT_URL, 'https://accounts.google.com/ServiceLogin?service=ah&passive=true&continue=https://appengine.google.com/_ah/conflogin%3Fcontinue%3Dhttp://www.ingress.com/intel');
$data = curl_exec($ch);
$formFields = getFormFields($data);
$formFields['Email'] = $username;
$formFields['Passwd'] = $password;
unset($formFields['PersistentCookie']);
$post_string = '';
foreach($formFields as $key => $value) {
$post_string .= $key . '=' . urlencode($value) . '&';
}
$post_string = substr($post_string, 0, -1);
curl_setopt($ch, CURLOPT_URL, 'https://accounts.google.com/ServiceLoginAuth');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_string);
$result = curl_exec($ch);
curl_setopt($ch, CURLOPT_URL, 'https://www.ingress.com/intel');
curl_setopt($ch, CURLOPT_POST, 0);
curl_setopt($ch, CURLOPT_POSTFIELDS, null);
$result = curl_exec($ch);
echo $result;
curl_close($ch);
@unlink($cookies);
?>
<input type='hidden' name='csrfmiddlewaretoken' value='biVbClptWbMjkpXiJiVUVkt3T1wx9OwF' />
You have to use this, it's in the search form ;)
It seems you need this header in your request:
X-CSRFToken:biVbClptWbMjkpXiJiVUVkt3T1wx9OwF
I myself am trying using Goutte along with the Symfony DOMCrawler and Console components, all tied together with Composer:
<?php
namespace Ingress;
use Goutte\Client;
use Doctrine\Common\Cache\ArrayCache;
use Guzzle\Cache\DoctrineCacheAdapter;
use Guzzle\Plugin\Cache\CachePlugin;
use Guzzle\Plugin\Cookie\CookiePlugin;
use Guzzle\Plugin\Cookie\CookieJar\ArrayCookieJar;
use Guzzle\Plugin\Backoff\BackoffPlugin;
class Crawl
{
const USER = 'googleuser';
const PASSWORD = 'passwd';
const URL_START = 'http://www.ingress.com/intel';
const URL_LOGIN = 'https://accounts.google.com/ServiceLogin?service=ah&passive=true&continue=https://appengine.google.com/_ah/conflogin%3Fcontinue%3Dhttp://www.ingress.com/intel';
const USER_AGENT = 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.97 Safari/537.11';
public $client;
public function __construct()
{
$history = new \Symfony\Component\BrowserKit\History();
$cookieJar = new \Symfony\Component\BrowserKit\CookieJar();
$config = array('HTTP_USER_AGENT' => self::USER_AGENT);
$this->client = new Client($config, $history, $cookieJar);
$guzzleClient = $this->client->getClient();
$backoffPlugin = BackoffPlugin::getExponentialBackoff();
$guzzleClient->addSubscriber($backoffPlugin);
$cachePlugin = new CachePlugin(array('adapter' => new DoctrineCacheAdapter(new ArrayCache())));
$guzzleClient->addSubscriber($cachePlugin);
$cookiePlugin = new CookiePlugin(new ArrayCookieJar());
$guzzleClient->addSubscriber($cookiePlugin);
$guzzleClient->setConfig(array(
'ssl.certificate_authority' => false,
'curl.options' => array(
CURLOPT_CONNECTTIMEOUT => 120,
CURLOPT_TIMEOUT => 120
)
));
}
public function login()
{
$crawler = $this->client->request('GET', self::URL_LOGIN);
$form = $crawler->selectButton('Sign in')->form(array(
'Email' => self::USER,
'Passwd' => self::PASSWORD
));
$form['PersistentCookie']->tick();
$crawler = $this->client->submit($form);
}
}
https://github.com/florinutz/ingress-php
28
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
