I'm trying to build a script to read my account balance using the script
below:

<?php
    function htmlparse($status) {
        $status = str_replace("location","",$status); // Döda
redirect-scripts
      $status = str_replace("<title>","<title>Ripped: ",$status); //
Snygga till title-texten lite
      $status =
str_replace("href=\"css","href=\"https://internetbank.fsb.se/SecurityServer/css",$status);
// Ge oss STIIL
      $status =
str_replace("src=\"images","src=\"https://internetbank.fsb.se/SecurityServer/images",$status);
      $status =
str_replace("href=\"jsp","href=\"https://internetbank.fsb.se/SecurityServer/jsp",$status);
        return $status;
    }
   
    $c=curl_init();
    $url = "https://internetbank.fsb.se/bviPrivat/privat?ns=1";
    curl_setopt($c,CURLOPT_URL,$url);
    curl_setopt($c,CURLOPT_CONNECTTIMEOUT,2);
    curl_setopt($c,CURLOPT_RETURNTRANSFER,1);
    curl_setopt($c,CURLOPT_USERAGENT,"Mozilla/5.0 (Windows; U; Windows
NT 5.1; sv-SE; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3");
    curl_setopt($c,CURLOPT_SSL_VERIFYPEER,false);
    curl_setopt($c,CURLOPT_SSL_VERIFYHOST,false);
    curl_setopt($c,CURLOPT_COOKIEJAR,"cookies.txt");
    curl_setopt($c,CURLOPT_FOLLOWLOCATION,1);
    curl_setopt($c,CURLOPT_VERBOSE,true);
    $trash = curl_exec($c);
    if (!$trash)
        $errors[] = "First run: " . curl_error($c);
    curl_close($c);

    $d=curl_init();
    $url =
"https://internetbank.fsb.se/SecurityServer/SecurityServer?requestId=1&ProduktNamn=PIN6&TDEApplName=TDEApplPersonligKodIdentifiering&_flow_id_=IDENTIFIERINGSMETOD_PIN_CLIENT";
    // These are _ALL_ form field names and values from the first page form.
    $postData['kundnr'] = $kundnr;
    $postData['privat'] = "Fortsätt";
    $postData['avbryt_knapp'] = "Avbryt";
    $postData['_new_flow_'] = "false";
    $postData['locale'] = "sv_SE";
    curl_setopt($d,CURLOPT_POSTFIELDS,$postData);
    curl_setopt($d,CURLOPT_URL,$url);
    
curl_setopt($d,CURLOPT_REFERER,"https://internetbank.fsb.se/SecurityServer/SecurityServer");
    curl_setopt($d,CURLOPT_CONNECTTIMEOUT,2);
    curl_setopt($d,CURLOPT_RETURNTRANSFER,1);
    curl_setopt($d,CURLOPT_USERAGENT,"Mozilla/5.0 (Windows; U; Windows
NT 5.1; sv-SE; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3");
    curl_setopt($d,CURLOPT_SSL_VERIFYPEER,false);
    curl_setopt($d,CURLOPT_SSL_VERIFYHOST,false);
    curl_setopt($d,CURLOPT_COOKIEFILE,"cookies.txt");
    curl_setopt($d,CURLOPT_FOLLOWLOCATION,1);
    $status = curl_exec($d);
    if (!$status) {
        $errors[] = "Second run: " . curl_error($d);
    }
  if ($errors) {
        foreach ($errors as $error) {
            echo "$error<br>\n";
        }
    }
   
    echo htmlparse($status);
?>

I've set for-my-eyes-only variables like $kundnr outside of this
script... :)

The first run works fine, but second stage gives an internal server error.
I've tried different referer addresses, like the url from the first run
and the url my browser holds when I surf to the first stage, but nothing
makes any difference.

What am I doing wrong? Is there any way to analyze the authentication
methods of a page, and match them with curl?

Mikael
_______________________________________________
http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-and-php
Received on 2006-06-05