Instantly share code, notes, and snippets.

@seeschloss /post.php
Last active Sep 25, 2018

Embed
What would you like to do?
<?php
$users = json_decode(file_get_contents(__DIR__."/users.cfg"), true);
if (isset($_REQUEST['user']) and isset($_REQUEST['token'])) {
$user = $_REQUEST['user'];
$token = $_REQUEST['token'];
if (!isset($users[$user])) {
http_response_code(404);
die();
} else if ($users[$user]['token'] != $token) {
http_response_code(401);
die();
} else {
$username = $users[$user]['username'];
$password = $users[$user]['password'];
$cookie_file = __DIR__."/cookie.".$user;
}
} else {
http_response_code(400);
die();
}
$user_agent = $_SERVER['HTTP_USER_AGENT'] ?? "DLFP login proxy";
$post_url = "https://linuxfr.org/board";
$message = "";
if (isset($_REQUEST['board'])) {
$message = $_REQUEST['board']['message'];
} else if (isset($_REQUEST['message'])) {
$message = $_REQUEST['message'];
}
if (time() - filemtime($cookie_file) > 3600 * 24 * 10) {
if ($remember_account_token = login($username, $password, $user_agent)) {
file_put_contents($cookie_file, $remember_account_token);
}
}
if ($message) {
post($message, $post_url, $user_agent, file_get_contents($cookie_file));
}
function post($message, $post_url, $user_agent, $remember_account_token) {
$c = curl_init();
curl_setopt($c, CURLOPT_USERAGENT, $user_agent);
curl_setopt($c, CURLOPT_URL, $post_url);
curl_setopt($c, CURLOPT_POST, 1);
curl_setopt($c, CURLOPT_POSTFIELDS, "board[message]=".urlencode($message));
curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($c, CURLOPT_CONNECTTIMEOUT, 2);
curl_setopt($c, CURLOPT_TIMEOUT, 15);
curl_setopt($c, CURLOPT_COOKIE, "remember_account_token=".$remember_account_token);
curl_setopt($c, CURLOPT_VERBOSE, 1);
curl_exec($c);
}
function login($username, $password, $user_agent) {
$token_url = "https://linuxfr.org";
$cookie_jar = tempnam("/tmp", "cookies_");
$c = curl_init();
curl_setopt($c, CURLOPT_USERAGENT, $user_agent);
curl_setopt($c, CURLOPT_URL, $token_url);
curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($c, CURLOPT_CONNECTTIMEOUT, 2);
curl_setopt($c, CURLOPT_TIMEOUT, 15);
curl_setopt($c, CURLOPT_VERBOSE, 0);
curl_setopt($c, CURLOPT_RETURNTRANSFER, true);
curl_setopt($c, CURLOPT_COOKIEJAR, $cookie_jar);
$html = curl_exec($c);
$dom = new DOMDocument('1.0', 'UTF-8');
@$dom->loadHTML($html);
$form = $dom->getElementById('new_account_sidebar');
$input = $form->getElementsByTagName('input');
foreach ($input as $i) {
if ($i->getAttribute('name') == 'authenticity_token') {
$authenticity_token = $i->getAttribute('value');
};
}
$login_url = "https://linuxfr.org/compte/connexion";
$c = curl_init();
curl_setopt($c, CURLOPT_USERAGENT, $user_agent);
curl_setopt($c, CURLOPT_URL, $login_url);
curl_setopt($c, CURLOPT_HTTPHEADER, ['Content-Type: application/x-www-form-urlencoded']);
curl_setopt($c, CURLOPT_POSTFIELDS, "utf8=%E2%9C%93&authenticity_token=".urlencode($authenticity_token)."&account%5Blogin%5D=".urlencode($username)."&account%5Bpassword%5D=".urlencode($password)."&account%5Bremember_me%5D=0&account%5Bremember_me%5D=1&commit=Se+connecter");
curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($c, CURLOPT_CONNECTTIMEOUT, 2);
curl_setopt($c, CURLOPT_TIMEOUT, 15);
curl_setopt($c, CURLOPT_VERBOSE, 0);
curl_setopt($c, CURLOPT_COOKIEFILE, $cookie_jar);
curl_setopt($c, CURLOPT_COOKIEJAR, $cookie_jar);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($c, CURLOPT_HEADER, 1);
curl_setopt($c, CURLOPT_POST, 1);
$headers_data = explode("\n", curl_exec($c));
$headers = [];
$headers['status'] = $headers_data[0];
array_shift($headers_data);
$remember_account_token = "";
foreach ($headers_data as $line) {
$line = trim($line);
if ($line == "") {
break;
}
list($key, $value) = explode(":", $line, 2);
if (trim($key) == "Set-Cookie") {
$value = trim($value);
if (strpos($value, "remember_account_token=") === 0) {
list(,$remember_account_token) = explode("=", $value, 2);
list($remember_account_token) = explode(";", $remember_account_token, 2);
}
}
}
return $remember_account_token;
}
{
"deeplop": {
"token": "aa81cbe516a1f",
"username": "deeplop",
"password": "prout"
},
"domi": {
"token": "chauvounet",
"username": "Single",
"password": "degarni"
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment