|
|
 vMyth - 2007-07-02 02:17:21
I'm trying to create a script for user to login into Paypal. I try :
$url="https://paypal.com/cgi-bin/webscr?dispatch=5885d80a13c0db1f941d8253416939c6899ae213b0cf474deda34198fd755846";
$error=$http->GetRequestArguments($url,$arguments);
$arguments["RequestMethod"]="POST"; $arguments["Header"]["Content-Type"]="application/x-www-form-urlencoded";
$arguments["PostValues"]=array (
"close_external_flow"=>"false",
"cmd"=>"_login-submit",
"login_cmd"=>"",
"login_params"=>"",
"login_cancel_cmd"=>"",
"login_email"=>"aa@aa.aa",
"login_password"=>"aaa",
"submit"=>"Log+In",
"form_charset"=>"UTF-8",
"iconix_installed"=>"0"
);
but this won't work, Paypal response "Page Not Found". But If I use an HTTP editor and try :
POST https://paypal.com/cgi-bin/webscr?dispatch=5885d80a13c0db1f941d8253416939c6899ae213b0cf474deda34198fd755846 HTTP/1.1
Content-Type: application/x-www-form-urlencoded
close_external_flow=false&cmd=_login-submit&login_cmd=&login_params=&login_cancel_cmd=&login_email=aa&login_password=aa&submit=Log+In&form_charset=UTF-8&iconix_installed=0
And the result is OK. So I modify the PHP code to :
$url="https://paypal.com/cgi-bin/webscr?dispatch=5885d80a13c0db1f941d8253416939c6899ae213b0cf474deda34198fd755846";
$error=$http->GetRequestArguments($url,$arguments);
$arguments["RequestMethod"]="GET"; $arguments["Header"]["Content-Type"]="application/x-www-form-urlencoded";
$arguments["Header"][""]="close_external_flow=false&cmd=_login-submit&login_cmd=&login_params=&login_cancel_cmd=&login_email=aa&login_password=aa&submit=Log+In&form_charset=UTF-8&iconix_installed=0";
And the result is the homepage of Paypal. This look like the :
close_external_flow=false&cmd=_login-submit&login_cmd=&login_params=&login_cancel_cmd=&login_email=aa&login_password=aa&submit=Log+In&form_charset=UTF-8&iconix_installed=0
hasn't been sent to the server. Can you give me a suggestion please ?
 Manuel Lemos - 2007-07-04 17:00:47 - In reply to message 1 from vMyth
It seems you are using the wrong domain. Paypal certificate is set for www.paypal.com but you are using just paypal.com .
 vMyth - 2007-07-04 23:37:08 - In reply to message 2 from Manuel Lemos
$url="https://www.paypal.com/cgi-bin/webscr?dispatch=5885d80a13c0db1f941d8253416939c6899ae213b0cf474deda34198fd755846";
$error=$http->GetRequestArguments($url,$arguments);
$arguments["RequestMethod"]="POST";
$arguments["Header"]["Content-Type"]="application/x-www-form-urlencoded";
$arguments["PostValues"]=array (
"close_external_flow"=>"false",
"cmd"=>"_login-submit",
"login_cmd"=>"",
"login_params"=>"",
"login_cancel_cmd"=>"",
"login_email"=>"aa@aa.aa",
"login_password"=>"aaa",
"submit"=>"Log+In",
"form_charset"=>"UTF-8",
"iconix_installed"=>"0"
);
I have tried the domain www.paypal.com but the result still a "Page Not Found". Will you take a look at it for me please ?
 Manuel Lemos - 2007-07-05 00:13:43 - In reply to message 3 from vMyth
Humm... looking at Paypal login forms, it seems that dispatch parameter is a variable identifier. It is probably a session identifier.
If you start a session with one "browser" and try to follow it in another "browser", it will probably not work for Paypal security protection.
I suggest that you use the HTTP class to access the login form you want to use, parse the login form page to fetch the form submission URL and then emulate the form submission POST request that you want to do.
BTW, the Content-Type header is not necessary because the HTTP client class already generates it when you submit a form with post values.
 vMyth - 2007-07-05 01:59:18 - In reply to message 4 from Manuel Lemos
I get the submission URL but it doesn't seem work at all. Anyway, thanks for your help, I'm looking for another solution.
 Manuel Lemos - 2007-07-18 06:51:41 - In reply to message 5 from vMyth
Paypal has an official Web services API. You may want to try it instead of hacking their login forms.
|