1

I'm trying to get data from server via curl but after authorization I'm receiving an empty response. The site on this server uses AJAX for displaying content, so firstly I've checked headers and query params that being send while interacting with it through the browser.

General header:

Remote Address:*.*.*.*:80
Request URL:http://example.com/search/search/?0.42697851033881307
Request Method:POST
Status Code:200 OK

Form data:

QUERY:29061
QUERY_TYPE:2
QUERY_DATA:S1
PKW:X
LKW:X
FORMAT:json
LANG:ru

And here's the result of endless googling and stackoverflowing:

<?php
$curl = curl_init('http://example.com/authorization/login/');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($curl, CURLOPT_COOKIEFILE, 'cookie.txt');
curl_setopt($curl, CURLOPT_REFERER, 'http://example.com/');
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);

curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, [
    'LOGIN' => 'MY_LOGIN',
    'PASSWORD' => 'MY_PASSWORD',
    'REMEMBER' => true,
    'FORMAT' => 'json',
    'LANG' => 'ru'
]);

curl_exec($curl);
curl_close($curl);

$curl = curl_init('http://example.com/search/search/?0.42697851033881307');
curl_setopt($curl, CURLOPT_HEADER, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($curl, CURLOPT_COOKIEFILE, 'cookie.txt');
curl_setopt($curl, CURLOPT_REFERER, 'http://example.com/');
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);

$postFields = json_encode([
    'FORMAT' => 'json',
    'LANG' => 'ru',
    'QUERY' => '29061',
    'QUERY_TYPE' => '2',
    'QUERY_DATA' => 'S1',
    'PKW' => 'X',
    'LKW' => 'X'
]);
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'POST');
curl_setopt($curl, CURLOPT_POSTFIELDS, $postFields);
curl_setopt($curl, CURLOPT_HTTPHEADER, [
    'X-Requested-With: XMLHttpRequest',
]);

$response = curl_exec($curl);
curl_close($curl);
var_dump($response);

And here's the response:

string(1699) "HTTP/1.1 302 Moved Temporarily
Server: nginx/1.9.2
Date: Fri, 28 Aug 2015 14:57:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.10
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: ci_sessions=...; expires=Sat, 27-Aug-2016 14:57:21 GMT; Max-Age=31536000; path=/; httponly
Location: http://example.com/authorization/setVkorgInfo

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.9.2
Date: Fri, 28 Aug 2015 14:57:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.10
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: ci_sessions=...; expires=Sat, 27-Aug-2016 14:57:21 GMT; Max-Age=31536000; path=/; httponly
Set-Cookie: VKORG=5000; expires=Sat, 27-Aug-2016 14:57:21 GMT; Max-Age=31536000; path=/
Location: http://example.com/

HTTP/1.1 200 OK
Server: nginx/1.9.2
Date: Fri, 28 Aug 2015 14:57:21 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.10
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: ci_sessions=...; expires=Sat, 27-Aug-2016 14:57:22 GMT; Max-Age=31536000; path=/; httponly

{
    "status": true,
    "arr_messages": [],
    "data": []
}"

When I retrieve the data through the browser I see in Chrome's console an object with needed data in "data": array, but in my script it's empty. What's wrong with my request?

Here's screenshot: http://joxi.ru/XEA48NSQozPAbz

If I send wrong params I get this:

{
    "status": false,
    "arr_messages": [
        {
            "id": "123456",
            "login": "MY_LOGIN",
            "type": "E",
            "text": "Error inputs",
            "date": "2015-08-28 22:24:20"
        }
    ],
    "data": []
}

therefore if I get status: true and empty "arr_messages" then I'm sending correct request.

UPD: Here's AJAX function that gets content:

var getApiAjax=function(url, req, callback, errorcallback, async)
{
    if(typeof(errorcallback)=="undefined")
    {
        errorcalback=function(){return false;}
    }
    if(typeof(async)=="undefined")
    {
        async=true;
    }

    req.FORMAT = "json";
    req.LANG = "ru";
    var xhr=$.ajax(
    {
        url: url+"?"+Math.random(),
        type: "POST",
        data: req,
        async: async,
        dataType: "json",
        success: function(resp)
        {
            var showMes = true;
            if( spinnerModal.isShowSpinner() ){
                spinnerModal.hidePleaseWait(); 
                showMes = false;   
            } 

            if( typeof resp.arr_messages != "undefined" && resp.arr_messages.length ) {
                if (resp.status) {
                    showMessage( resp.arr_messages, callback, resp );
                } else {
                    showMessage( resp.arr_messages, errorcallback, resp );
                }

                if(showMes) informModal.showMessage();
            } else { 
                if (resp.status) {
                    callback( resp );
                } else {
                    errorcallback( resp )
                }
            }                             
        },
        error: function(msg)
        {   
            var arr_messages = new Array();

            if( spinnerModal.isShowSpinner() ) spinnerModal.hidePleaseWait();

            if( typeof msg == "string" )
            {
                arr_messages.push( { 'text' : msg, 'type' : 'E' } );
                showMessage( arr_messages, errorcallback, msg, true );
            }
            else 
            {
                errorcallback();               
            }
        }
    });
    return xhr;
};

I can call this function from the browser's console and get exactly what I want

getApiAjax("/search/search/",{
            'QUERY'         : "29061",
            'QUERY_TYPE'    : "2",
            'QUERY_DATA'    : "S1",
            'PKW'           : "X",
            'LKW'           : "X"
        })

Screenshot: http://joxi.ru/WL211LSbgN42Xq

So I can't figure out what's wrong with curl request :(

Improve this question
2
  • Try to send the $postFields normally - as an array. Not as a JSON. If it's a genuine HTML Form, then the data isn't sent as a JSON but rather as a html query. Commented Aug 28, 2015 at 18:41
  • I tried it before and tried again just now with no luck :( Commented Aug 28, 2015 at 18:43

1 Answer 1

Reset to default
0

Wow it turned out so unexpectedly simple :) I don't know why, but this site doesn't check cookies for search queries. When one opens this site he can see only login form, nothing else, so if the visitor is a human he has to authorize to get access to this site, and after that visitor able to use site's services including search. So I decided that authorization is required for my script. After sleepless night I thought "what will happen if I do request without authorization" (I actually wanted to see some error message to work with), so I threw away the first part of my script:

$curl = curl_init('http://example.com/authorization/login/');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($curl, CURLOPT_COOKIEFILE, 'cookie.txt');
curl_setopt($curl, CURLOPT_REFERER, 'http://example.com/');
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);

curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, [
    'LOGIN' => 'MY_LOGIN',
    'PASSWORD' => 'MY_PASSWORD',
    'REMEMBER' => true,
    'FORMAT' => 'json',
    'LANG' => 'ru'
]);

curl_exec($curl);
curl_close($curl);

and launched it in my browser. What I saw next shocked me )))

string(2856) "HTTP/1.1 100 Continue

HTTP/1.1 200 OK
Server: nginx/1.9.2
Date: Sat, 29 Aug 2015 05:38:54 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.10
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: ci_sessions=.....; expires=Sun, 28-Aug-2016 05:38:55 GMT; Max-Age=31536000; path=/; httponly

{
    "status": true,
    "arr_messages": [],
    "data": {
        "ARTIDINFO": {
            "203653": {
                "ARTID": "203653",
                "PIN": "29061",
                "BRAND": "...",
                "NAME": "...",
                "IMG": "0",
                "NAMEP": []
            },
            "301175": {
                "ARTID": "301175",
                "PIN": "29061",
                "BRAND": "...",
                "NAME": "...",
                "IMG": "1",
                "NAMEP": []
            },
            "1696433": {
                "ARTID": "1696433",
                "PIN": "29061",
                "BRAND": "...",
                "NAME": "...",
                "IMG": "1",
                "NAMEP": []
            }.....

Now I don't understand why the server sends me the data without authorization and doesn't when I passed authorization O_o

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.