Jump to content

Using PHP cURL to authenticate Login


ankur218

Recommended Posts

Hi everyone,I am building an Academic Resource Directory for my University and I need help with the following.I want all the students and teachers to be redirected to a page, the page contains 2 login forms, one for students and the other for teachers. No one in my college would sign up so I am planning to make them login using the id and password provided by the university. My college may not give access to the DB and also doesn't have any API key, so I just want the users to put in their id and pass, my form will validate and authenticate by redirecting to my college site, checking for credentials and make them login or give error message accordingly. Now after googling a bit, I found that this can be done using PHP cURL I suppose. I don't know much of PHP and I have learnt most of the things along the way while making this site. I would like to continue doing the same.This is the place where all our college students login.http://evarsity.srmuniv.ac.in/srmswi/usermanager/youLogin.jspPlease give me some examples on how to go about with the comments next to each statement. Other alternatives are welcomed too.PS: I would like to do this without seeking my college's permission. I don't want to steal any data. Just check if the result is true and make them login.Thanks in advance!

Link to comment
Share on other sites

are you expecting to just be able to make a request against that page directly? I think what you would need is that school provider a service/API for authenticating users (which they probably do, but not publicly available), unless I am misunderstanding your intentions. but yes, cURL can make HTTP requests on the server side. I use it to make requests Facebook/Twitter/etc API's, but that's because they provider they offer this as a service to developers, and as such there is a standard interface with documentation.

Link to comment
Share on other sites

Okay, let me try making it simpler. I have a login page. I enter my university id and password. My login form checks against the university's id and password using curl and if successful I can enter the website else I am stuck at the login page itself. My college doesn't have any API key and all. Could you please help me do it using cURL?

Link to comment
Share on other sites

what have you come up so far? what help you need? if you have not already check out the http://php.net/curlhttp://php.net/curl_setopt here you can find certain setting to make a request. check this seetings specifically CURLOPT_CUSTOMREQUEST, CURLOPT_POSTFIELDS if your destination login form is based on GET you can simply use file_get_contents() or DOM or any file handling methods (but remember they will be dependent to server setting of allow url fopen. using curl to make login is consider as privacy compromise, as user need to put password through third party server to get access to your university server.

Edited by birbal
Link to comment
Share on other sites

This is my form

<form class="form-horizontal" action="curl.php" method="POST">	  <div class="control-group">	   <label class="control-label" for="inputEmail">Username</label>	   <div class="controls">	    <input type="text" id="inputEmail" placeholder="Username">	   </div>	  </div>	  <div class="control-group">	   <label class="control-label" for="inputPassword">Password</label>	   <div class="controls">	    <input type="password" id="inputPassword" placeholder="Password">	   </div>	  </div>	  <div class="control-group">	   <div class="controls">	    <label class="checkbox">		 <input type="checkbox"> Remember me	    </label>	    <button type="submit" class="btn">Sign in</button>	   </div>	  </div>	 </form>

And this is my curl.php file.

<?php$address = "http://evarsity.srmuniv.ac.in/srmswi/usermanager/youLogin.jsp"; //site URL$post = "username=txtRegNumber&pass=txtPwd"; //Parameters to be sent. Written like GET.$welcomeMessage = "Welcome..."; //This is the message that is displayed when a login is successful$options = array(  CURLOPT_USERAGENT => 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)',  CURLOPT_POST => true, //using post  CURLOPT_URL => $address,  //where to go  CURLOPT_POSTFIELDS => $post, //input params  CURLOPT_RETURNTRANSFER => true, //Returns a string value of the request  CURLOPT_SSL_VERIFYPEER => false, //Avoid SSL problems  CURLOPT_COOKIEFILE => 'cookie.txt', //Save cookies  CURLOPT_COOKIEJAR => 'cookies.txt' //Cookies located  CURLOPT_USERPWD ==> [username]:[password]);//more params may be found here: http://php.net/manual/en/function.curl-setopt.php//--$ch = curl_init(); //Initialize curl in $chcurl_setopt_array($ch, $options); //add params values to $ch$content = curl_exec($ch); //executeif (strpos($content, $welcomeMessage) !== false){ //if the welcome message displayed...  /*  Do whatever  */}curl_close($ch); //close connections?>

Tell me where am I going wrong?

Edited by ankur218
Link to comment
Share on other sites

You're not getting the values from the form, those will be in the $_POST array if the browser submitted them based on ID (usually a name is used for forms). You don't have a way to check the "remember me" checkbox either. The syntax on this line is also incorrect, I'm not sure what you're trying to do here: CURLOPT_USERPWD ==> [username]:[password]);

Link to comment
Share on other sites

Check the tutorials about using PHP to handle forms, you'll see that you need to get the form data from either $_GET or $_POST, depending on how the form was submitted. That checkbox won't get submitted because it doesn't have a name, there's no way to tell if it was checked.

Link to comment
Share on other sites

The checkbox element isn;t even closed. Is the form even showing or submitting properly? (aside from the things about it that need to be fixed)

Link to comment
Share on other sites

Personally, I still don't see the bigger picture of what you are trying to accomplish. So someone has a username/password for the university portal. Are you just trying to use the university portal as a way to validate the user on your site?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...