Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Test de connexion à une instance de CollectiveAccess (Providence)
#!/usr/bin/php
<?php
error_reporting(E_ALL);
//The username or email address of the account.
define('USERNAME', $argv[1]);
print "\n".
"Test de connexion CollectiveAccess\n".
"----------------------------------\n".
"2018, idéesculture\n\n".
date('Y-m-d H:i')." - Ce test porte sur : ".$argv[3]."\n";
//The password of the account.
define('PASSWORD', $argv[2]);
define('__CA_URL_ROOT__', $argv[3]);
//Set a user agent. This basically tells the server that we are using Chrome ;)
define('USER_AGENT', 'Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.2309.372 Safari/537.36');
//Where our cookie information will be stored (needed for authentication).
define('COOKIE_FILE', 'cookie.txt');
//URL of the login form.
define('LOGIN_FORM_URL', __CA_URL_ROOT__.'/index.php/system/Auth/DoLogin');
//Login action URL. Sometimes, this is the same URL as the login form.
define('LOGIN_ACTION_URL', __CA_URL_ROOT__.'/index.php/system/Auth/DoLogin');
//An associative array that represents the required form fields.
//You will need to change the keys / index names to match the name of the form
//fields.
$postValues = array(
'username' => USERNAME,
'password' => PASSWORD,
'timestamp' => time(),
'_formName' => "login"
);
//Initiate cURL.
$curl = curl_init();
//We don't want any HTTPS / SSL errors.
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
//Set the URL that we want to send our POST request to. In this
//case, it's the action URL of the login form.
curl_setopt($curl, CURLOPT_URL, LOGIN_ACTION_URL);
//Tell cURL that we want to carry out a POST request.
curl_setopt($curl, CURLOPT_POST, true);
//Set our post fields / date (from the array above).
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postValues));
//We don't want any HTTPS errors.
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
//Where our cookie details are saved. This is typically required
//for authentication, as the session ID is usually saved in the cookie file.
curl_setopt($curl, CURLOPT_COOKIEJAR, COOKIE_FILE);
//Sets the user agent. Some websites will attempt to block bot user agents.
//Hence the reason I gave it a Chrome user agent.
curl_setopt($curl, CURLOPT_USERAGENT, USER_AGENT);
//Tells cURL to return the output once the request has been executed.
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
//Allows us to set the referer header. In this particular case, we are
//fooling the server into thinking that we were referred by the login form.
curl_setopt($curl, CURLOPT_REFERER, LOGIN_FORM_URL);
//Do we want to follow any redirects?
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false);
//Execute the login request.
$result = curl_exec($curl);
//Check for errors!
if(curl_errno($curl)){
throw new Exception(curl_error($curl));
}
//We should be logged in by now. Let's attempt to access a password protected page
curl_setopt($curl, CURLOPT_URL, __CA_URL_ROOT__.'/index.php/Dashboard/Index');
//Use the same cookie file.
curl_setopt($curl, CURLOPT_COOKIEJAR, COOKIE_FILE);
//Use the same user agent, just in case it is used by the server for session validation.
curl_setopt($curl, CURLOPT_USERAGENT, USER_AGENT);
//We don't want any HTTPS / SSL errors.
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
//Execute the GET request and print out the result.
$ok=0;
$result=curl_exec($curl);
if(strpos($result, "<div class=\"dashboard\">")) {
print "Authentifié. Accès au Tableau de bord confirmé.\n";
$ok++;
}
print "Execution d'une recherche pour vérifier...\n";
$postValues = array(
'search' => 'test',
'form_timestamp' => time(),
'_formName' => "caQuickSearchForm"
);
//Use the same cookie file.
curl_setopt($curl, CURLOPT_COOKIEJAR, COOKIE_FILE);
//Use the same user agent, just in case it is used by the server for session validation.
curl_setopt($curl, CURLOPT_USERAGENT, USER_AGENT);
//We don't want any HTTPS / SSL errors.
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_URL, __CA_URL_ROOT__.'/index.php/find/QuickSearch/Index');
//Tell cURL that we want to carry out a POST request.
curl_setopt($curl, CURLOPT_POST, true);
//Set our post fields / date (from the array above).
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postValues));
//Execute the GET request and print out the result.
$result=curl_exec($curl);
if(strpos($result, "meilleurs résultats")) {
print "Recherche fonctionnelle (accès à la liste des résultats).\n";
$ok++;
}
print "Déconnexion...\n";
//We don't want any HTTPS / SSL errors.
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_URL, __CA_URL_ROOT__.'/index.php/system/auth/logout');
$result=curl_exec($curl);
if(strpos($result, "Vous êtes déconnecté")) {
print "Déconnexion ok.\n";
$ok++;
}
if($ok == 3) {
file_put_contents("test_connexion_CA_".date('Ymd').".log",date('Y-m-d H:i ')."\t".__CA_URL_ROOT__."... OK\n", FILE_APPEND);
} else {
file_put_contents("test_connexion_CA_".date('Ymd').".log",date('Y-m-d H:i ')."\t".__CA_URL_ROOT__."... KO\n", FILE_APPEND);
}
@gautiermichelin

This comment has been minimized.

Copy link
Owner Author

commented May 7, 2018

chmod +x
./test_login.php test2 PASSWORD https://yourserver/path-to-providence 
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.