1

Our college system is using TCS (Total Campus Solution), Which is an online platform to track attendance and score of students by logging in with their username and passwords.

I want to create a PHP script that logging to their account if username+password is known and extract contents from HTML out.

This is because The vendor of the TCS is not providing any API's to access their database.

Here is the website: http://117.232.108.164/OnlineTCS/Login.aspx

Username: b14080

Password: b14080 (*I'm giving it here because the website hosts nothing sensitive and is read-only)

Here is my sample PHP cURL script:

<?php
$login_url = 'http://117.232.108.164/OnlineTCS/Login.aspx';

//These are the post data username and password
$post_data = 'ddlInstitution_ddl=KMEA Engineering College&ddlAcademicYear_ddl=2017-2018&txtUserName_txt=b14080&txtPassword_txt=b14080';

//Create a curl object
$ch = curl_init();

//Set the useragent
$agent = 'Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31';
curl_setopt($ch, CURLOPT_USERAGENT, $agent);

//Set the URL
curl_setopt($ch, CURLOPT_URL, $login_url );

//This is a POST query
curl_setopt($ch, CURLOPT_POST, 1 );

//Set the post data
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);

//We want the content after the query
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

//Follow Location redirects
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);

/*
Set the cookie storing files
Cookie files are necessary since we are logging and session data needs to be saved
*/

curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');

//Execute the action to login
$postResult = curl_exec($ch);

echo $postResult;
?>

And $postResult is displaying only the HTML of the login page. Why and How to make this up

Improve this question

1 Answer 1

Reset to default
2

You have the keys to the post data incorrect.
You are missing some post fields

I broke the request into two separate request rather than use CURLOPT_FOLLOWLOCATION,true

I get the cookies from the first request (with 302 redirect)
Then pass the cookies to the redirect URL.

I return the HTML as plain text because the page is generated with JavaScript. For HTML change the header from text/plain to header('Content-Type: text/html; charset=utf-8');



This code is tested and works (debug code is commented out):

<?php  
    header('Content-Type: text/plain; charset=utf-8');



    $post = array('txtUserName$txt'=>'b14080',
    'txtPassword$txt'=>'b14080',
    'btnLogin.x'=>"47",
    'btnLogin.y'=>"16",
    'ddlInstitution$ddl'=>"1",
    '__VIEWSTATE'=>"/wEPDwUKMTM4NDc5NjkwOA9kFgQCAQ9kFggCAw8WAh4JaW5uZXJodG1sBTE8dWwgc3R5bGU9J2xpc3Qtc3R5bGUtdHlwZTogbm9uZTsnPjxsaT48L2xpPjwvdWw+ZAIHD2QWCgIBD2QWBAIBDxAPFgIeC18hRGF0YUJvdW5kZ2QQFQEYS01FQSBFbmdpbmVlcmluZyBDb2xsZWdlFQEBMRQrAwFnFgFmZAIDDw8WDh4RQ29udHJvbFRvVmFsaWRhdGUFA2RkbB4MRXJyb3JNZXNzYWdlBRdJbnN0aXR1dGlvbiBpcyBSZXF1aXJlZB4SRW5hYmxlQ2xpZW50U2NyaXB0Zx4PU2V0Rm9jdXNPbkVycm9yZx4MSW5pdGlhbFZhbHVlBQItMR4PVmFsaWRhdGlvbkdyb3VwBQRTYXZlHgdWaXNpYmxlZ2RkAgMPZBYEAgEPEA8WAh8BZ2QQFQgJMjAxNy0yMDE4CTIwMTYtMjAxNwkyMDE1LTIwMTYJMjAxNC0yMDE1CTIwMTMtMjAxNAkyMDEyLTIwMTMJMjAxMS0yMDEyCTIwMTAtMjAxMRUIAjExAjEwATkBOAE0ATMBNQE2FCsDCGdnZ2dnZ2dnFgFmZAIDDw8WDh8CBQNkZGwfAwUQWWVhciBpcyBSZXF1aXJlZB8EZx8FZx8GBQItMR8HBQRTYXZlHwhnZGQCBQ9kFgZmDw9kFgIeBWNsYXNzBQ1SZXF1aXJlZEZpZWxkZAICDw8WDh8CBQN0eHQfAwUVVXNlciBOYW1lIGlzIFJlcXVpcmVkHwRnHwVnHgRUZXh0ZR8HBQRTYXZlHwhnZGQCBA8PFgIfCmVkZAIHD2QWBmYPD2QWAh8JBQ1SZXF1aXJlZEZpZWxkZAICDw8WDh8CBQN0eHQfAwUUUGFzc3dvcmQgaXMgUmVxdWlyZWQfBGcfBWcfCmUfBwUEU2F2ZR8IZ2RkAgQPDxYCHwplZGQCCw8PFgIfCGgWAh4HT25DbGljawVEamF2YXNjcmlwdDpsb2NhdGlvbi5ocmVmPSdUZWFjaGVyRXZhbHVhdGlvbkxvZ2luLmFzcHgnO3JldHVybiBmYWxzZTtkAgkPFCsAAhQrAAMPFgIeF0VuYWJsZUFqYXhTa2luUmVuZGVyaW5naGRkZGRkAgsPFgIfCGhkAgIPFgIfCGhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYCBQhidG5Mb2dpbgURUmFkV2luZG93TWFuYWdlcjGdhT6X6If1jy9RfnfHobAg2K4rSIeelkBCJSy3rq2wpw==",
    '__EVENTVALIDATION'=>"/wEdABQgdITQYl0qSK+FUmoppd6yyBxeNODIYGb6hAb21KeJ7kXTFXzD8TPDckb0BpfOFEp8Q9GPFDMhnrO3EjMK7WDTfhXHcTNPmygrTq8U9nAZtWQdVtgFq+rE5JnIhzW6znHLgPIn5luRNqETic6Gh3lCzr/wuij3wzWkzglRmmW3l5eBKc1N3yXvWoV9t2A0ySUKrC+DRHeW4g3m+f2DrbA3AvnW9Ev6X0f6wNxHrCudiSSDXC6OOeSFHGK58wOzO+HMoHg3/YyHTBQ6cquFZ2oJblFY4hVirLH9o7SsXfoOK5utqpARm6HgYh9wA9bYTxNCuiJCR6m/KNe29Xd5W0RD9Pi9q20fDF3kt6+0eIryN4mI/M6bhYv0cQCm2IXbuc7UW0vN9k39fUY9+DzXmYv3op4oRunf14dz2Zt2+QKDELhHwE4yeHGuxfNtQ50+95KNfuiPvtdexWTG2c3kPRh1");    
    $request = array();
    $request[] = 'Host: 117.232.108.164';
    $request[] = 'Connection: keep-alive';
    $request[] = 'Pragma: no-cache';
    $request[] = 'Cache-Control: no-cache';
    $request[] = 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8';
    $request[] = 'User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.101 Safari/537.36';
    $request[] = 'DNT: 1';
    $request[] = 'Referer: http://117.232.108.164/OnlineTCS/Login.aspx';
    $request[] = 'Accept-Encoding: gzip, deflate';
    $request[] = 'Accept-Language: en-US,en;q=0.8';


    $url = 'http://117.232.108.164/OnlineTCS/Login.aspx';
    $ch = curl_init($url);

    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);

    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $request);
    curl_setopt($ch, CURLOPT_ENCODING,"");
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
    curl_setopt($ch, CURLOPT_TIMEOUT,10);
    curl_setopt($ch, CURLOPT_FAILONERROR,true);
    curl_setopt($ch, CURLOPT_ENCODING,"");

    curl_setopt($ch, CURLOPT_VERBOSE, true);
    curl_setopt($ch, CURLINFO_HEADER_OUT, true);
    curl_setopt($ch, CURLOPT_HEADER, true);


   $data = curl_exec($ch);

    if (curl_errno($ch)){
        $data .= 'Retreive Base Page Error: ' . curl_error($ch);
    }
    else {
      $info = rawurldecode(var_export(curl_getinfo($ch),true));



      $skip = intval(curl_getinfo($ch, CURLINFO_HEADER_SIZE)); 
      $responseHeader= substr($data,0,$skip);

    // The folowing line is for debug
//    echo "$info\n$responseHeader\n$data\n\n";



       // Get the cookies:
      $e = 0;
      while(true){
        $s = strpos($responseHeader,'Set-Cookie: ',$e);
        if (!$s){break;}
        $s += 12;
        $e = strpos($responseHeader,';',$s);
        $cookie = substr($responseHeader,$s,$e-$s) ;
        $s = strpos($cookie,'=');
        $key = substr($cookie,0,$s);
        $value = substr($cookie,$s);
        $cookies[$key] = $value;
      }

    // Create cookie for subsequent Requests:

     $cookie = '';
     $show = '';
     $head = '';
     $delim = '';
     foreach ($cookies as $k => $v){
       $cookie .= "$delim$k$v";
       $delim = '; ';
     }
}


    $request = array();
    $request[] = 'Host: 117.232.108.164';
    $request[] = 'Connection: keep-alive';
    $request[] = 'Pragma: no-cache';
    $request[] = 'Cache-Control: no-cache';
    $request[] = 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8';
    $request[] = 'User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.101 Safari/537.36';
    $request[] = 'DNT: 1';
    $request[] = 'Referer: http://117.232.108.164/OnlineTCS/Login.aspx';
    $request[] = 'Accept-Encoding: gzip, deflate';
    $request[] = 'Accept-Language: en-US,en;q=0.8';


    $url = 'http://117.232.108.164/OnlineTCS/StudentLogin/StudentLoginForm.aspx';
    $ch = curl_init($url);

    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);

    curl_setopt($ch, CURLOPT_POST, false);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $request);
    curl_setopt($ch, CURLOPT_ENCODING,"");
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
    curl_setopt($ch, CURLOPT_TIMEOUT,10);
    curl_setopt($ch, CURLOPT_FAILONERROR,true);
    curl_setopt($ch, CURLOPT_ENCODING,"");

    curl_setopt($ch, CURLOPT_VERBOSE, true);
    curl_setopt($ch, CURLINFO_HEADER_OUT, false);
    curl_setopt($ch, CURLOPT_HEADER, true);
    curl_setopt($ch, CURLOPT_COOKIESESSION , true );
    curl_setopt($ch, CURLOPT_COOKIE, $cookie );

   $data = curl_exec($ch);
   $skip = intval(curl_getinfo($ch, CURLINFO_HEADER_SIZE)); 
   echo substr($data,$skip);  //do not transmit header


/*   Debug Code
    if (curl_errno($ch)){
        $data .= 'Retreive Base Page Error: ' . curl_error($ch);
    }
    else {
      $info = rawurldecode(var_export(curl_getinfo($ch),true));

     // Get the cookies:

      $skip = intval(curl_getinfo($ch, CURLINFO_HEADER_SIZE)); 
      $responseHeader= substr($data,0,$skip);

      echo "$info\n$responseHeader\n$data\n\n";

      $e = 0;
      while(true){
        $s = strpos($responseHeader,'Set-Cookie: ',$e);
        if (!$s){break;}
        $s += 12;
        $e = strpos($responseHeader,';',$s);
        $cookie = substr($responseHeader,$s,$e-$s) ;
        $s = strpos($cookie,'=');
        $key = substr($cookie,0,$s);
        $value = substr($cookie,$s);
        $cookies[$key] = $value;
      }

*/
}
 ?>
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Great help dude. Hats off. You saved a year for me. #Upvoted

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.