1

Our college system is using TCS (Total Campus Solution), Which is an online platform to track attendance and score of students by logging in with their username and passwords.

I want to create a PHP script that logging to their account if username+password is known and extract contents from HTML out.

This is because The vendor of the TCS is not providing any API's to access their database.

Here is the website: http://117.232.108.164/OnlineTCS/Login.aspx

Username: b14080

Password: b14080 (*I'm giving it here because the website hosts nothing sensitive and is read-only)

Here is my sample PHP cURL script:

<?php
$login_url = 'http://117.232.108.164/OnlineTCS/Login.aspx';

//These are the post data username and password
$post_data = 'ddlInstitution_ddl=KMEA Engineering College&ddlAcademicYear_ddl=2017-2018&txtUserName_txt=b14080&txtPassword_txt=b14080';

//Create a curl object
$ch = curl_init();

//Set the useragent
$agent = 'Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31';
curl_setopt($ch, CURLOPT_USERAGENT, $agent);

//Set the URL
curl_setopt($ch, CURLOPT_URL, $login_url );

//This is a POST query
curl_setopt($ch, CURLOPT_POST, 1 );

//Set the post data
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);

//We want the content after the query
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

//Follow Location redirects
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);

/*
Set the cookie storing files
Cookie files are necessary since we are logging and session data needs to be saved
*/

curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');

//Execute the action to login
$postResult = curl_exec($ch);

echo $postResult;
?>

And $postResult is displaying only the HTML of the login page. Why and How to make this up

Improve this question

1 Answer 1

Reset to default
2

You have the keys to the post data incorrect.
You are missing some post fields

I broke the request into two separate request rather than use CURLOPT_FOLLOWLOCATION,true

I get the cookies from the first request (with 302 redirect)
Then pass the cookies to the redirect URL.

I return the HTML as plain text because the page is generated with JavaScript. For HTML change the header from text/plain to header('Content-Type: text/html; charset=utf-8');



This code is tested and works (debug code is commented out):

<?php  
    header('Content-Type: text/plain; charset=utf-8');



    $post = array('txtUserName$txt'=>'b14080',
    'txtPassword$txt'=>'b14080',
    'btnLogin.x'=>"47",
    'btnLogin.y'=>"16",
    'ddlInstitution$ddl'=>"1",
    '__VIEWSTATE'=>"/wEPDwUKMTM4NDc5NjkwOA9kFgQCAQ9kFggCAw8WAh4JaW5uZXJodG1sBTE8dWwgc3R5bGU9J2xpc3Qtc3R5bGUtdHlwZTogbm9uZTsnPjxsaT48L2xpPjwvdWw+ZAIHD2QWCgIBD2QWBAIBDxAPFgIeC18hRGF0YUJvdW5kZ2QQFQEYS01FQSBFbmdpbmVlcmluZyBDb2xsZWdlFQEBMRQrAwFnFgFmZAIDDw8WDh4RQ29udHJvbFRvVmFsaWRhdGUFA2RkbB4MRXJyb3JNZXNzYWdlBRdJbnN0aXR1dGlvbiBpcyBSZXF1aXJlZB4SRW5hYmxlQ2xpZW50U2NyaXB0Zx4PU2V0Rm9jdXNPbkVycm9yZx4MSW5pdGlhbFZhbHVlBQItMR4PVmFsaWRhdGlvbkdyb3VwBQRTYXZlHgdWaXNpYmxlZ2RkAgMPZBYEAgEPEA8WAh8BZ2QQFQgJMjAxNy0yMDE4CTIwMTYtMjAxNwkyMDE1LTIwMTYJMjAxNC0yMDE1CTIwMTMtMjAxNAkyMDEyLTIwMTMJMjAxMS0yMDEyCTIwMTAtMjAxMRUIAjExAjEwATkBOAE0ATMBNQE2FCsDCGdnZ2dnZ2dnFgFmZAIDDw8WDh8CBQNkZGwfAwUQWWVhciBpcyBSZXF1aXJlZB8EZx8FZx8GBQItMR8HBQRTYXZlHwhnZGQCBQ9kFgZmDw9kFgIeBWNsYXNzBQ1SZXF1aXJlZEZpZWxkZAICDw8WDh8CBQN0eHQfAwUVVXNlciBOYW1lIGlzIFJlcXVpcmVkHwRnHwVnHgRUZXh0ZR8HBQRTYXZlHwhnZGQCBA8PFgIfCmVkZAIHD2QWBmYPD2QWAh8JBQ1SZXF1aXJlZEZpZWxkZAICDw8WDh8CBQN0eHQfAwUUUGFzc3dvcmQgaXMgUmVxdWlyZWQfBGcfBWcfCmUfBwUEU2F2ZR8IZ2RkAgQPDxYCHwplZGQCCw8PFgIfCGgWAh4HT25DbGljawVEamF2YXNjcmlwdDpsb2NhdGlvbi5ocmVmPSdUZWFjaGVyRXZhbHVhdGlvbkxvZ2luLmFzcHgnO3JldHVybiBmYWxzZTtkAgkPFCsAAhQrAAMPFgIeF0VuYWJsZUFqYXhTa2luUmVuZGVyaW5naGRkZGRkAgsPFgIfCGhkAgIPFgIfCGhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYCBQhidG5Mb2dpbgURUmFkV2luZG93TWFuYWdlcjGdhT6X6If1jy9RfnfHobAg2K4rSIeelkBCJSy3rq2wpw==",
    '__EVENTVALIDATION'=>"/wEdABQgdITQYl0qSK+FUmoppd6yyBxeNODIYGb6hAb21KeJ7kXTFXzD8TPDckb0BpfOFEp8Q9GPFDMhnrO3EjMK7WDTfhXHcTNPmygrTq8U9nAZtWQdVtgFq+rE5JnIhzW6znHLgPIn5luRNqETic6Gh3lCzr/wuij3wzWkzglRmmW3l5eBKc1N3yXvWoV9t2A0ySUKrC+DRHeW4g3m+f2DrbA3AvnW9Ev6X0f6wNxHrCudiSSDXC6OOeSFHGK58wOzO+HMoHg3/YyHTBQ6cquFZ2oJblFY4hVirLH9o7SsXfoOK5utqpARm6HgYh9wA9bYTxNCuiJCR6m/KNe29Xd5W0RD9Pi9q20fDF3kt6+0eIryN4mI/M6bhYv0cQCm2IXbuc7UW0vN9k39fUY9+DzXmYv3op4oRunf14dz2Zt2+QKDELhHwE4yeHGuxfNtQ50+95KNfuiPvtdexWTG2c3kPRh1");    
    $request = array();
    $request[] = 'Host: 117.232.108.164';
    $request[] = 'Connection: keep-alive';
    $request[] = 'Pragma: no-cache';
    $request[] = 'Cache-Control: no-cache';
    $request[] = 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8';
    $request[] = 'User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.101 Safari/537.36';
    $request[] = 'DNT: 1';
    $request[] = 'Referer: http://117.232.108.164/OnlineTCS/Login.aspx';
    $request[] = 'Accept-Encoding: gzip, deflate';
    $request[] = 'Accept-Language: en-US,en;q=0.8';


    $url = 'http://117.232.108.164/OnlineTCS/Login.aspx';
    $ch = curl_init($url);

    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);

    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $request);
    curl_setopt($ch, CURLOPT_ENCODING,"");
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
    curl_setopt($ch, CURLOPT_TIMEOUT,10);
    curl_setopt($ch, CURLOPT_FAILONERROR,true);
    curl_setopt($ch, CURLOPT_ENCODING,"");

    curl_setopt($ch, CURLOPT_VERBOSE, true);
    curl_setopt($ch, CURLINFO_HEADER_OUT, true);
    curl_setopt($ch, CURLOPT_HEADER, true);


   $data = curl_exec($ch);

    if (curl_errno($ch)){
        $data .= 'Retreive Base Page Error: ' . curl_error($ch);
    }
    else {
      $info = rawurldecode(var_export(curl_getinfo($ch),true));



      $skip = intval(curl_getinfo($ch, CURLINFO_HEADER_SIZE)); 
      $responseHeader= substr($data,0,$skip);

    // The folowing line is for debug
//    echo "$info\n$responseHeader\n$data\n\n";



       // Get the cookies:
      $e = 0;
      while(true){
        $s = strpos($responseHeader,'Set-Cookie: ',$e);
        if (!$s){break;}
        $s += 12;
        $e = strpos($responseHeader,';',$s);
        $cookie = substr($responseHeader,$s,$e-$s) ;
        $s = strpos($cookie,'=');
        $key = substr($cookie,0,$s);
        $value = substr($cookie,$s);
        $cookies[$key] = $value;
      }

    // Create cookie for subsequent Requests:

     $cookie = '';
     $show = '';
     $head = '';
     $delim = '';
     foreach ($cookies as $k => $v){
       $cookie .= "$delim$k$v";
       $delim = '; ';
     }
}


    $request = array();
    $request[] = 'Host: 117.232.108.164';
    $request[] = 'Connection: keep-alive';
    $request[] = 'Pragma: no-cache';
    $request[] = 'Cache-Control: no-cache';
    $request[] = 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8';
    $request[] = 'User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.101 Safari/537.36';
    $request[] = 'DNT: 1';
    $request[] = 'Referer: http://117.232.108.164/OnlineTCS/Login.aspx';
    $request[] = 'Accept-Encoding: gzip, deflate';
    $request[] = 'Accept-Language: en-US,en;q=0.8';


    $url = 'http://117.232.108.164/OnlineTCS/StudentLogin/StudentLoginForm.aspx';
    $ch = curl_init($url);

    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);

    curl_setopt($ch, CURLOPT_POST, false);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $request);
    curl_setopt($ch, CURLOPT_ENCODING,"");
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
    curl_setopt($ch, CURLOPT_TIMEOUT,10);
    curl_setopt($ch, CURLOPT_FAILONERROR,true);
    curl_setopt($ch, CURLOPT_ENCODING,"");

    curl_setopt($ch, CURLOPT_VERBOSE, true);
    curl_setopt($ch, CURLINFO_HEADER_OUT, false);
    curl_setopt($ch, CURLOPT_HEADER, true);
    curl_setopt($ch, CURLOPT_COOKIESESSION , true );
    curl_setopt($ch, CURLOPT_COOKIE, $cookie );

   $data = curl_exec($ch);
   $skip = intval(curl_getinfo($ch, CURLINFO_HEADER_SIZE)); 
   echo substr($data,$skip);  //do not transmit header


/*   Debug Code
    if (curl_errno($ch)){
        $data .= 'Retreive Base Page Error: ' . curl_error($ch);
    }
    else {
      $info = rawurldecode(var_export(curl_getinfo($ch),true));

     // Get the cookies:

      $skip = intval(curl_getinfo($ch, CURLINFO_HEADER_SIZE)); 
      $responseHeader= substr($data,0,$skip);

      echo "$info\n$responseHeader\n$data\n\n";

      $e = 0;
      while(true){
        $s = strpos($responseHeader,'Set-Cookie: ',$e);
        if (!$s){break;}
        $s += 12;
        $e = strpos($responseHeader,';',$s);
        $cookie = substr($responseHeader,$s,$e-$s) ;
        $s = strpos($cookie,'=');
        $key = substr($cookie,0,$s);
        $value = substr($cookie,$s);
        $cookies[$key] = $value;
      }

*/
}
 ?>
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Great help dude. Hats off. You saved a year for me. #Upvoted

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.