Skip to content

Instantly share code, notes, and snippets.

@fjallstrom

fjallstrom/mathem.php

Last active November 29, 2016 20:24
Show Gist options
  • Star 7 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save fjallstrom/e6e26efb500bc674a710 to your computer and use it in GitHub Desktop.
Save fjallstrom/e6e26efb500bc674a710 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
mathem.php
<?php
# hello
# this is pure crap, don't even think about using it
# it doesn't filter input vars or contain ANY error handling at all
# i wrote this while putting a kid to bed in, january 2016
# i repeat: do not use this script
# i am peder@earthpeople.se, a ceo - not a real developer
# prerequisites
# you need an account at mathem
# you need an order, which you open for editing manually
# this order needs to be closed the day before delivery
# yup this can be automated but i had no need for this
header('Content-Type: text/html; charset=utf-8');
$output = '';
# config here
$email = 'your@email.here';
$password = 'y0urPa55w0rd';
# no user servicable parts below
if($_GET['action'] == 'search'){
# search
$_GET['keyword'] = trim(str_ireplace('sök', '', $_POST['text']));
if(is_int($_GET['keyword'])){
exit(0);
}
$searchreq = shell_exec("curl 'https://www.mathem.se/WebServices/ProductService.asmx/SearchAndAddResult?searchText=".urlencode($_GET['keyword'])."' -H 'Accept-Encoding: gzip, deflate, sdch' -H 'Accept-Language: en-US,en;q=0.8,id;q=0.6,sv;q=0.4,zh-CN;q=0.2,zh;q=0.2,nb;q=0.2,it;q=0.2' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36' -H 'Accept: application/json, text/javascript, */*; q=0.01' -H 'Referer: https://www.mathem.se/kassan' -H 'X-Requested-With: XMLHttpRequest' -H 'Connection: keep-alive' --compressed");
$resultobj = json_decode($searchreq);
if($resultobj){
foreach($resultobj as $product){
$output .= $product->ProductId.': '.$product->ProductName.' ('.$product->Price.' SEK)'."\n";
}
}else{
$output .= "Oops, det finns ingen produkt med det namnet.\n";
exit(0);
}
}else if($_GET['action'] == 'add'){
# add
$_GET['id'] = trim(str_ireplace('köp', '', $_POST['text']));
$json .= $_GET['id'];
if($_GET['id'] == 0){
exit(0);
}
# check if logged in
$statusreq = shell_exec('curl -s -o /dev/null -I -w "%{http_code}" https://www.mathem.se/min-sida');
if($statusreq == '302'){
shell_exec("curl -c cookie.txt 'https://www.mathem.se/Account/Login' -H 'Origin: https://www.mathem.se' -H 'Accept-Encoding: gzip, deflate' -H 'Accept-Language: en-US,en;q=0.8,id;q=0.6,sv;q=0.4,zh-CN;q=0.2,zh;q=0.2,nb;q=0.2,it;q=0.2' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36' -H 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' -H 'Accept: */*' -H 'Referer: https://www.mathem.se/' -H 'X-Requested-With: XMLHttpRequest' -H 'Connection: keep-alive' --data 'Username=".$email."&Password=".$password."&ReturnUrl=' --compressed");
sleep(rand(3,4));
}
$cartreq = shell_exec("curl -b cookie.txt 'https://www.mathem.se/Pages/products/AddToCart.aspx?AddProduct=true&ProductID=".$_GET['id']."&noOfFooditem=1' -H 'Accept-Encoding: gzip, deflate, sdch' -H 'Accept-Language: en-US,en;q=0.8,id;q=0.6,sv;q=0.4,zh-CN;q=0.2,zh;q=0.2,nb;q=0.2,it;q=0.2' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36' -H 'Accept: */*' -H 'Referer: https://www.mathem.se/kassan' -H 'X-Requested-With: XMLHttpRequest' -H 'Connection: keep-alive' --compressed");
$cartobj = json_decode($cartreq);
if($cartobj->CartTotalPrice == '0.00'){
$output .= "FAIL! Du har ingen öppen varukorg att lägga varan i.\n";
exit(0);
}else{
$output .= "Ok, varukorgens pris är nu ".$cartobj->CartTotalPrice." SEK\n";
}
}else{
exit(0);
}
echo '{ "text": "'.$output.'"}';
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment