Hi,
while i'm trying to auto-login user, my script allows to login automatically. but when i go to the page, i'm not logged in. Here is my script. What can be the problem?
<?php
error_reporting(E_ALL);
session_start();
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
//require_once "includes/SimpleHttpRequest.php";
# $_Post[~] from B2B
# ~ wpName, wpPassword, key, sessionId
$wiki = 'http://cwiki/wiki/';
$redirectURL = $wiki."index.php?title=Spezial:Anmelden&action=submitlogin&type=login&returnto=Hauptseite";
$api = $wiki.'api.php?';
$retry = false;
$wpName = $_POST['wpName'];
//$wpName = 'Test_A';
$wpPassword = $_POST['wpPassword'];
//$wpPassword = 'gasdfww200';
echo("<br>name: ".$wpName);
echo("<br>pw: ".$wpPassword);
//echo(print_r($_POST,true));
$retry = $res = null;
if ( true /*checkB2BAuthentication()*/ )
{
$retry = LogIN( $wpName, $wpPassword);
echo("<br>retry = ".($retry?"true":"false"));
if ($retry)
$res = LogIN ( $wpName, $wpPassword);
if ($res !== null && $retry !== null)
echo(1);//header("Location: ".$redirectURL);
else
echo($res.".".$retry)."\n";
//header("Location: ".$wiki);
}
else{
return false;
}
function LogIN($wpName, $wpPassword)
{
global $wiki;
//$api = $wiki.'api.php?';
$api = $wiki."index.php/Spezial:Anmelden";
$retry = false;
$cokiefile = "/var/lib/php/session/pAAuth_lg";
$a = getToken($api, "login",$cokiefile);
$json_a = substr($a, strpos($a,'batchcomplete')-2);
$json_b = json_decode($json_a,true);
//echo(print_r($json_a,true));
$token = $json_b['query']['tokens']['logintoken'];
//echo("\n<br>Logintoken: ".$token."\n");
$data = array(
'action' => 'clientlogin',
'loginreturnurl' => $wiki,
'logintoken' => $token,
'username' => $wpName,
'password' => $wpPassword,
'rememberMe' => 1);
/*
$data = array(
'authAction' => 'login',
'title' => 'Spezial:Anmelden', //Holen (engl/Deusch)
'wpEditToken' => '+\\',
'wpLoginToken' => $token,
'wpName' => $wpName,
'wpPassword' => $wpPassword,
'wploginattempt' => 'Anmelden'); //Holen (engl/Deutsch)
*/
$ch = curl_init($api);
# Form data string, automatically urlencode
$postString = http_build_query($data, '', '&');
# Setting our options
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postString);
curl_setopt($ch, CURLOPT_COOKIEJAR,$cokiefile);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cokiefile);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
# Get the response
$response = curl_exec($ch);
curl_close($ch);
$myfile3 = fopen("output/Auth_RESPONSE.txt","w");
fwrite($myfile3,print_r($response,true));
fclose($myfile3);
if (strpos($response,'PASS') !== false)
{
echo("<br>".$wpName." logged in!\n");
header("Location: http://cwiki/wiki/index.php?title=Spezial:Anmelden&action=submit&type=login&returnto=Hauptseite");
return false;
}
else if (strpos($response, 'RESTART') !== false
|| strpos($response,'FAIL')!== false)
{
return AutoCreateAccount($wpName, $wpPassword);
}
else {
echo("<br>ERROR. See logs!\n");
return null;
}
}
function AutoCreateAccount( $wpName, $wpPassword)
{
global $wiki;
$api = $wiki.'api.php?';
$retry = false;
$cokiefile = "/var/lib/php/session/pAAuth_cra";
$a = getToken($api, "createaccount",$cokiefile);
$ja = json_decode(substr($a, strpos($a,'batchcomplete')-2),true);
$createtoken = $ja['query']['tokens']['createaccounttoken'];
//echo("<br>Createtoken: ".$createtoken."\n");
$data = array(
'action' => 'createaccount',
'createreturnurl' => $wiki,
'username' => $wpName,
'password' => $wpPassword,
'retype' => $wpPassword,
'createtoken' => $createtoken);
$ch = curl_init($api);
# Form data string, automatically urlencode
$postString = http_build_query($data, '', '&');
# Setting our options
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postString);
curl_setopt($ch, CURLOPT_COOKIEJAR,$cokiefile);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cokiefile);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
# Get the response
$response = curl_exec($ch);
curl_close($ch);
$myfile3 = fopen("output/Create_RESPONSE.txt","w");
fwrite($myfile3,print_r($response,true));
fclose($myfile3);
//echo("\nm".$response."\n");
if (strpos($response, 'PASS') !== false)
{
echo("created account for ".$wpName."\n");
return true;
}
else{
echo("<br>ERROR. See logs\n");
return null;
}
}
function getToken($apiURL, $type, $cokiefile)
{
$get = array(
'action' => 'query',
'meta' => 'tokens',
'type' => $type,
'format' => 'json');
$curl = curl_init($apiURL);
$curlstring = http_build_query($get);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, $curlstring);
curl_setopt($curl, CURLOPT_COOKIEJAR,$cokiefile);
curl_setopt($curl, CURLOPT_COOKIEFILE, $cokiefile);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
$result = curl_exec($curl);
curl_close($curl);
return $result;
}
function checkB2BAuthentication()
{
global $paB2BConnection,$b2bKey, $wgRequest;
if ($_POST['key'] !== $b2bKey)
{
echo("B2B Authentication failed.");
return false;
}
else
{
$paB2BConnection['Parameters'] = 'cmd=authenticate&sessionId='.$wgRequest->getVal('sessionId');
echo ("...authenticate");
echo ("<br>");
echo ($paB2BConnection[Host]);
echo ("<br>");
echo ($paB2BConnection[Port]);
echo ("<br>");
echo ($paB2BConnection[URL]);
echo ("<br>");
$myRequest = new SimpleHttpRequest($paB2BConnection);
$responseGET = $myRequest->doRequest(SimpleHttpRequest::HTTP_GET);
//echo ($responseGET[Content]);
echo ("<br>");
$auth = simplexml_load_string($responseGET[Content]);
if($auth->response->authentication == 'false')
{
echo("B2B Authentication failed.");
return false;
}
if($auth->response->authentication == 'ok')
{
return true;
}
else{
echo("unknown error.");
return false;
}
}
}