[我在过去的17个小时中一直试图使cURL登录到pinterest.com,仅使用cURL就尝试了无数种不同的方式,但它根本无法正常工作。
我当前的代码仅进入该页面,但未发布数据,因此它无法登录只会将我带到登录页面。
此第一个代码使用的是USERPWD,它将带我进入登录页面,但未登录。
error_reporting(E_ALL);
ini_set("display_errors", 1);
$url = "https://www.pinterest.com/login/";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_AUTOREFERER, 1);
curl_setopt($ch, CURLOPT_MAXREDIRS, 5);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // allow https verification if true
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); // check common name and verify with host name
curl_setopt($ch, CURLOPT_SSLVERSION,3); //
curl_setopt($ch, CURLOPT_CAINFO, getcwd() . "pin.pem"); // allow ssl cert direct comparison
curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE); // set new cookie session
curl_setopt($ch, CURLOPT_COOKIEJAR, "cookies.txt");
curl_setopt($ch, CURLOPT_COOKIEFILE, "cookies.txt");
curl_setopt($ch, CURLOPT_USERPWD, "email:password");
curl_setopt($ch, CURLOPT_SSLVERSION,3);
// grab URL and pass it to the browser
curl_exec($ch);
// close cURL connection, save cookie file, free up system resources
curl_close($ch);
并且如果我将其从CURLOPT_USERPWD
切换为
curl_setopt($ch, CURLOPT_POSTFIELDS, 'username_or_email=$email&password=$password');
仅显示空白页。
pin.pem
是X.509证书(PEM)文件。
任何进行此工作的方向将不胜感激。
新代码,但留空白页,我得到了带有几个数组的输出,并显示以下内容:
Array ( [url] => https://www.pinterest.com/login/ [content_type] => [http_code] => 0 [header_size] => 0 [request_size] => 0 [filetime] => -1 [ssl_verify_result] => 0 [redirect_count] => 0 [total_time] => 0.036169 [namelookup_time] => 3.3E-5 [connect_time] => 0.036186 [pretransfer_time] => 0 [size_upload] => 0 [size_download] => 0 [speed_download] => 0 [speed_upload] => 0 [download_content_length] => -1 [upload_content_length] => -1 [starttransfer_time] => 0 [redirect_time] => 0 [certinfo] => Array ( ) [redirect_url] => )
error_reporting(E_ALL);
ini_set("display_errors", 1);
$email = 'email';
$password = 'password';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://www.pinterest.com/login/');
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6');
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_AUTOREFERER, 1);
curl_setopt($ch, CURLOPT_MAXREDIRS, 5);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_SSLVERSION,3); //
curl_setopt($ch, CURLOPT_CAINFO, getcwd() . 'pin.pem');
curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookies.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookies.txt');
curl_setopt($ch, CURLOPT_POSTFIELDS, 'username_or_email=$email&password=$password');
curl_setopt($ch, CURLOPT_SSLVERSION,3);
curl_exec($ch);
$output=@curl_exec($ch);
$info = @curl_getinfo($ch);
echo $output;
print_r($info);
curl_close($ch);
Pinterest登录过程不是那么简单。他们使用CSRF令牌,您必须在登录时提取并发送该CSRF令牌以及POST正文中的用户名和密码。
这是对Pinterest的实际登录请求的样子,因此您需要使用cURL进行模拟。
POST /resource/UserSessionResource/create/ HTTP/1.1
Host: www.pinterest.com
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:28.0) Gecko/20100101 Firefox/28.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-CSRFToken: 2rjgN4Qv67pN4wX91kTr4eIkgF54CzJH
X-NEW-APP: 1
X-APP-VERSION: 737af79
X-Requested-With: XMLHttpRequest
Referer: https://www.pinterest.com/login/
Content-Length: 300
Cookie: csrftoken=2rjgN4Qv67pN4wX91kTr4eIkgF54CzJH; _pinterest_sess="aPgJnrIBzvSKLUY/4H5UocshliA47GkkGtHLQwo1H4IcQv58vrdazclonByOb4fWCzb3a3nycKjQzDc6SkCB9eBKoejaLiCjkKLk/QAFRn2x1pvHFlFM+1EoD01/yFxmeQKlvULYU9+qf4D6Mkj8A=="; _track_cm=1;
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
source_url=%2Flogin%2F&data=%7B%22options%22%3A%7B%22username_or_email%22%3A%22YOU%40YOUROMAIN.COM%22%2C%22password%22%3A%22YOURPASSWORD%22%7D%2C%22context%22%3A%7B%7D%7D&module_path=App()%3ELoginPage()%3ELogin()%3EButton(class_name%3Dprimary%2C+text%3DLog+In%2C+type%3Dsubmit%2C+size%3Dlarge)
请求中的source_url
数据是POST正文(代码编码)。请注意,username_or_email
是您的登录名(我输入了YOU%40YOURDOMAIN.COM
),password
是密码。
您将要做的是向/login/
发出GET请求,以在cURL会话中建立会话和cookie。然后,使用相同的cURL句柄,可以切换到POST请求,并使用CURLOPT_POSTFIELDS
行中的数据设置source_url......
。
您可能还需要设置标题X-CSRFToken
,X-NEW-APP
,X-APP-VERSION
和X-Requested-With
以匹配上述内容(除非您需要弄清楚如何获取正确的CSRF令牌值)。 >
不幸的是,我现在没有时间做一个可行的例子,下一段可能会有所帮助。您将需要使用浏览器来帮助您调试一些HTTP请求,以找出为获取请求的所有相关数据而可能需要进行的所有请求。
如果您签出this answer,它将显示PHP的curl登录,并带有示例的许多有用的其他答案的链接。
编辑:
这里是使用PHP和cURL登录到Pinterest的有效示例。
此代码是一个Pinterest PHP登录示例(自2014年5月11日开始运行。)。您可能会问自己,我想用API来完成我想做什么,而不是这个可能随时中断的黑手代码吗? ???
如您所见,我从标题中解析了CSRF_Token,您可能也应该对APP-VERSION执行此操作,因为它几乎可以每天更新。现在,它已经过硬编码。
<?php error_reporting(E_ALL); ini_set('display_errors', 1); $username = '[email protected]'; // your username $password = 'yourpassword'; // your password // this is the http post data for logging in - username & password are substituted in later $login_post = array( 'source_url' => '/login/', 'data' => '{"options":{"username_or_email":"%s","password":"%s"},"context":{}}', 'module_path' => 'App()>LoginPage()>Login()>Button(class_name=primary, text=Log In, type=submit, size=large', ); $pinterest_url = 'https://www.pinterest.com/'; // pinterest home url $login_url = $pinterest_url . 'login/'; // pinterest login page url $login_post_url = $pinterest_url . 'resource/UserSessionResource/create/'; // pinterest login post url // http headers to send with requests $httpheaders = array( 'Connection: keep-alive', 'Pragma: no-cache', 'Cache-Control: no-cache', 'Accept-Language: en-US,en;q=0.5', ); // http headers to send when logging in $login_header = array( 'X-NEW-APP: 1', 'X-APP-VERSION: d2bb370', // THIS WILL UPDATE FREQUENTLY, CHANGE IT!!! 'X-Requested-With: XMLHttpRequest', 'Accept: application/json, text/javascript, */*; q=0.01'); // ---------------------------------------------------------------------------- // request home page to establish cookies and a session, set curl options $ch = curl_init($pinterest_url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_AUTOREFERER, 1); curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate'); curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Iron/31.0.1700.0 Chrome/31.0.1700.0'); curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt'); curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt'); curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_STDERR, fopen('/tmp/debug.txt', 'w+')); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_HTTPHEADER, $httpheaders); $data = curl_exec($ch); // ---------------------------------------------------------------------------- // parse the csrf token out of the cookies to set later when logging in list($headers, $body) = explode("\r\n\r\n", $data, 2); preg_match('/csrftoken=(.*?)[\b;\s]/i', $headers, $csrf_token); // next request the login page curl_setopt($ch, CURLOPT_URL, $login_url); $data = curl_exec($ch); // ---------------------------------------------------------------------------- // perform login post $login_header[] = 'X-CSRFToken: ' . $csrf_token[1]; $login_post['data'] = sprintf($login_post['data'], $username, $password); $post = http_build_query($login_post); curl_setopt($ch, CURLOPT_URL, $login_post_url); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post); curl_setopt($ch, CURLOPT_HTTPHEADER, array_merge($httpheaders, $login_header)); curl_setopt($ch, CURLOPT_REFERER, $login_url); curl_setopt($ch, CURLOPT_HEADER, 0); $data = curl_exec($ch); // check response and output status if (curl_getinfo($ch, CURLINFO_HTTP_CODE) != 200) { echo "Error logging in.<br />"; var_dump(curl_getinfo($ch)); } else { $response = json_decode($data, true); if ($response === null) { echo "Failed to decode JSON response.<br /><br />"; var_dump($response); } else if ($response['resource_response']['error'] === null) { echo "Login successful, " . $response['resource_response']['data']['username'] . "<br /><br />"; echo "You have {$response['resource_response']['data']['follower_count']} followers, are following {$response['resource_response']['data']['following_count']} users. You have liked {$response['resource_response']['data']['like_count']} pins."; } }
我的输出:
登录成功,drew010
您有0个关注者,正在关注0个用户。您喜欢0针。
仅供参考,Pinterest具有登录速率限制,因此请不要在每次请求前都运行此限制。