使用PHP和cURL的Pinterest登录不起作用

问题描述 投票:2回答:2

[我在过去的17个小时中一直试图使cURL登录到pinterest.com,仅使用cURL就尝试了无数种不同的方式,但它根本无法正常工作。

我当前的代码仅进入该页面,但未发布数据,因此它无法登录只会将我带到登录页面。

此第一个代码使用的是USERPWD,它将带我进入登录页面,但未登录。

error_reporting(E_ALL); 
ini_set("display_errors", 1); 

$url = "https://www.pinterest.com/login/";

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_AUTOREFERER, 1);
curl_setopt($ch, CURLOPT_MAXREDIRS, 5);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); 
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // allow https verification if true
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); // check common name and verify with host name
curl_setopt($ch, CURLOPT_SSLVERSION,3); // 
curl_setopt($ch, CURLOPT_CAINFO, getcwd() . "pin.pem"); // allow ssl cert direct comparison
curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE); // set new cookie session
curl_setopt($ch, CURLOPT_COOKIEJAR, "cookies.txt");
curl_setopt($ch, CURLOPT_COOKIEFILE, "cookies.txt");
curl_setopt($ch, CURLOPT_USERPWD, "email:password");

curl_setopt($ch, CURLOPT_SSLVERSION,3);

// grab URL and pass it to the browser
curl_exec($ch);

// close cURL connection, save cookie file, free up system resources
curl_close($ch);

并且如果我将其从CURLOPT_USERPWD切换为

curl_setopt($ch, CURLOPT_POSTFIELDS, 'username_or_email=$email&password=$password');

仅显示空白页。

pin.pem是X.509证书(PEM)文件。

任何进行此工作的方向将不胜感激。

编辑

新代码,但留空白页,我得到了带有几个数组的输出,并显示以下内容:

Array ( [url] => https://www.pinterest.com/login/ [content_type] => [http_code] => 0 [header_size] => 0 [request_size] => 0 [filetime] => -1 [ssl_verify_result] => 0 [redirect_count] => 0 [total_time] => 0.036169 [namelookup_time] => 3.3E-5 [connect_time] => 0.036186 [pretransfer_time] => 0 [size_upload] => 0 [size_download] => 0 [speed_download] => 0 [speed_upload] => 0 [download_content_length] => -1 [upload_content_length] => -1 [starttransfer_time] => 0 [redirect_time] => 0 [certinfo] => Array ( ) [redirect_url] => ) 

error_reporting(E_ALL); 
ini_set("display_errors", 1); 

$email = 'email';
$password = 'password';

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, 'https://www.pinterest.com/login/');
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6');
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_AUTOREFERER, 1);
curl_setopt($ch, CURLOPT_MAXREDIRS, 5);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); 
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_SSLVERSION,3); // 
curl_setopt($ch, CURLOPT_CAINFO, getcwd() . 'pin.pem');
curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE); 
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookies.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookies.txt');
curl_setopt($ch, CURLOPT_POSTFIELDS, 'username_or_email=$email&password=$password');
curl_setopt($ch, CURLOPT_SSLVERSION,3);

curl_exec($ch);

$output=@curl_exec($ch);
$info = @curl_getinfo($ch);

echo $output;
print_r($info);

curl_close($ch);
php curl login pinterest
2个回答
6
投票

Pinterest登录过程不是那么简单。他们使用CSRF令牌,您必须在登录时提取并发送该CSRF令牌以及POST正文中的用户名和密码。

这是对Pinterest的实际登录请求的样子,因此您需要使用cURL进行模拟。

POST /resource/UserSessionResource/create/ HTTP/1.1
Host: www.pinterest.com
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:28.0) Gecko/20100101 Firefox/28.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-CSRFToken: 2rjgN4Qv67pN4wX91kTr4eIkgF54CzJH
X-NEW-APP: 1
X-APP-VERSION: 737af79
X-Requested-With: XMLHttpRequest
Referer: https://www.pinterest.com/login/
Content-Length: 300
Cookie: csrftoken=2rjgN4Qv67pN4wX91kTr4eIkgF54CzJH; _pinterest_sess="aPgJnrIBzvSKLUY/4H5UocshliA47GkkGtHLQwo1H4IcQv58vrdazclonByOb4fWCzb3a3nycKjQzDc6SkCB9eBKoejaLiCjkKLk/QAFRn2x1pvHFlFM+1EoD01/yFxmeQKlvULYU9+qf4D6Mkj8A=="; _track_cm=1;
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

source_url=%2Flogin%2F&data=%7B%22options%22%3A%7B%22username_or_email%22%3A%22YOU%40YOUROMAIN.COM%22%2C%22password%22%3A%22YOURPASSWORD%22%7D%2C%22context%22%3A%7B%7D%7D&module_path=App()%3ELoginPage()%3ELogin()%3EButton(class_name%3Dprimary%2C+text%3DLog+In%2C+type%3Dsubmit%2C+size%3Dlarge)

请求中的source_url数据是POST正文(代码编码)。请注意,username_or_email是您的登录名(我输入了YOU%40YOURDOMAIN.COM),password是密码。

您将要做的是向/login/发出GET请求,以在cURL会话中建立会话和cookie。然后,使用相同的cURL句柄,可以切换到POST请求,并使用CURLOPT_POSTFIELDS行中的数据设置source_url......

您可能还需要设置标题X-CSRFTokenX-NEW-APPX-APP-VERSIONX-Requested-With以匹配上述内容(除非您需要弄清楚如何获取正确的CSRF令牌值)。 >

不幸的是,我现在没有时间做一个可行的例子,下一段可能会有所帮助。您将需要使用浏览器来帮助您调试一些HTTP请求,以找出为获取请求的所有相关数据而可能需要进行的所有请求。

如果您签出this answer,它将显示PHP的curl登录,并带有示例的许多有用的其他答案的链接。

编辑:

这里是使用PHP和cURL登录到Pinterest的有效示例。

此代码是一个Pinterest PHP登录示例(自2014年5月11日开始运行。)。您可能会问自己,我想用API来完成我想做什么,而不是这个可能随时中断的黑手代码吗? ???

如您所见,我从标题中解析了CSRF_Token,您可能也应该对APP-VERSION执行此操作,因为它几乎可以每天更新。现在,它已经过硬编码。

<?php

error_reporting(E_ALL);
ini_set('display_errors', 1);

$username   = '[email protected]';  // your username
$password   = 'yourpassword';      // your password

// this is the http post data for logging in - username & password are substituted in later
$login_post     = array(
        'source_url' => '/login/',
        'data' => '{"options":{"username_or_email":"%s","password":"%s"},"context":{}}',
        'module_path' => 'App()>LoginPage()>Login()>Button(class_name=primary, text=Log In, type=submit, size=large',
);
$pinterest_url  = 'https://www.pinterest.com/';  // pinterest home url
$login_url      = $pinterest_url . 'login/';     // pinterest login page url
$login_post_url = $pinterest_url . 'resource/UserSessionResource/create/'; // pinterest login post url

// http headers to send with requests
$httpheaders    = array(
       'Connection: keep-alive',
       'Pragma: no-cache',
       'Cache-Control: no-cache',
       'Accept-Language: en-US,en;q=0.5',
);

// http headers to send when logging in
$login_header   = array(
        'X-NEW-APP: 1',
        'X-APP-VERSION: d2bb370',  // THIS WILL UPDATE FREQUENTLY, CHANGE IT!!!
        'X-Requested-With: XMLHttpRequest',
        'Accept: application/json, text/javascript, */*; q=0.01');

// ----------------------------------------------------------------------------
// request home page to establish cookies and a session, set curl options

$ch = curl_init($pinterest_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_AUTOREFERER, 1);
curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate');
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Iron/31.0.1700.0 Chrome/31.0.1700.0');
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_STDERR, fopen('/tmp/debug.txt', 'w+'));
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, $httpheaders);

$data = curl_exec($ch);

// ----------------------------------------------------------------------------

// parse the csrf token out of the cookies to set later when logging in
list($headers, $body) = explode("\r\n\r\n", $data, 2);

preg_match('/csrftoken=(.*?)[\b;\s]/i', $headers, $csrf_token);

// next request the login page
curl_setopt($ch, CURLOPT_URL, $login_url);
$data = curl_exec($ch);

// ----------------------------------------------------------------------------
// perform login post    

$login_header[] = 'X-CSRFToken: ' . $csrf_token[1];

$login_post['data'] = sprintf($login_post['data'], $username, $password);
$post               = http_build_query($login_post);

curl_setopt($ch, CURLOPT_URL, $login_post_url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
curl_setopt($ch, CURLOPT_HTTPHEADER, array_merge($httpheaders, $login_header));
curl_setopt($ch, CURLOPT_REFERER, $login_url);
curl_setopt($ch, CURLOPT_HEADER, 0);

$data = curl_exec($ch);

// check response and output status

if (curl_getinfo($ch, CURLINFO_HTTP_CODE) != 200) {
    echo "Error logging in.<br />";
    var_dump(curl_getinfo($ch));
} else {
    $response = json_decode($data, true);

    if ($response === null) {
        echo "Failed to decode JSON response.<br /><br />";
        var_dump($response);
    } else if ($response['resource_response']['error'] === null) {
        echo "Login successful, " . $response['resource_response']['data']['username'] . "<br /><br />";
        echo "You have {$response['resource_response']['data']['follower_count']} followers, are following {$response['resource_response']['data']['following_count']} users.  You have liked {$response['resource_response']['data']['like_count']} pins.";
    }
}

我的输出:

登录成功,drew010

您有0个关注者,正在关注0个用户。您喜欢0针。

0
投票

仅供参考,Pinterest具有登录速率限制,因此请不要在每次请求前都运行此限制。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.