cURL / Mailing Lists / curl-and-php / Single Mail

curl-and-php

Regarding yahoo login

From: Sudhir Bastakoti <sudhir_at_proshore.eu>
Date: Thu, 31 Mar 2011 15:55:01 +0545

Hi,
I've written a php code for logging in to yahoo mail, this was working fine previously but it stopped working suddenly as recently yahoo used some md5 hashing technique to log in users.
I re-wrote the code as needed but my page always shows the login page even after curl request to login.
Below is my complete code:
<?php
$mCookie = "origcookie.cookie";
$userAgent = "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; Tablet PC 2.0; .NET CLR 1.1.4322)";
$reffer = "http://calendar.yahoo.com/";
$mUrl = "http://calendar.yahoo.com/";
$ch = curl_init();
curl_setopt ( $ch, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt ( $ch, CURLOPT_SSL_VERIFYHOST, 0 );
curl_setopt ( $ch, CURLOPT_USERAGENT, $userAgent );
curl_setopt($ch, CURLOPT_URL, $mUrl);
curl_setopt($ch, CURLOPT_GET, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_COOKIEFILE, $mCookie);
curl_setopt($ch, CURLOPT_COOKIEJAR, $mCookie);
$mRes = curl_exec($ch);
curl_close($ch);
//get the hidden fields
preg_match_all ( "/name=\".u\" value=\"(.*?)\"/", $mRes, $uArr);
preg_match_all ( "/name=\".challenge\" value=\"(.*?)\"/", $mRes, $challArr);
preg_match_all ( "/name=\".pd\" value=\"(.*?)\"/", $mRes, $pdArr);
preg_match_all ( "/name=\"_crumb\" value=\"(.*?)\"/", $mRes, $crumbArr);

$u = $uArr[1][0];
$challenge = $challArr[1][0];
$pd = urlencode($pdArr[1][0]);
$done = urlencode("http://calendar.yahoo.com/");

$username = "yahoo_username";
$password = "yahoo_password";
$finalHash = md5(md5($password) . $challenge);
//$challenge = md5($challenge);
$loginUrl = "https://login.yahoo.com/config/login?";
$postFields = ".tries=1&.src=ym&.md5=&.hash=&.js=&.last=&promo=&.intl=us&.bypass=&.partner=&.u=".$u."&.v=0&.challenge=".$challenge."&.yplus=&.emailCode=&pkg=&stepid=&.ev=&hasMsgr=0&.chkP=&.done=".$done."&.pd=".$pd."&pad=1&aad=1&.login=".$username."&passwd=".$password."&.persistent=y&.save=";

//now post the hidden fields
$ch = curl_init();
curl_setopt ( $ch, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt ( $ch, CURLOPT_SSL_VERIFYHOST, 0 );
curl_setopt ( $ch, CURLOPT_USERAGENT, $userAgent );
curl_setopt($ch, CURLOPT_URL, $loginUrl);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postFields);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_COOKIEFILE, $mCookie);
//curl_setopt($ch, CURLOPT_COOKIEJAR, $mCookie);
$postRes = curl_exec($ch);
echo $postRes;
?>

Need help urgently.
Please suggest.

Regards,
Sudhir

__________ Information from ESET Smart Security, version of virus signature database 4897 (20100226) __________

The message was checked by ESET Smart Security.

http://www.eset.com

_______________________________________________
http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-and-php
Received on 2011-03-31

This message: [ Message body ]
Next message: Michael Gawrychowski: "Re: PHP - CURL - Custom authentication script"
Previous message: David Colter: "Re: PHP - CURL - Custom authentication script"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]