入门客AI创业平台(我带你入门,你带我飞行)
博文笔记

HTTP协议分析系列(六)------php+socket+cookie请求

创建时间:2015-01-05 投稿人: 浏览次数:1528

以www.verycd.com为例

在火狐浏览器登录wuming88888888账号为发送方

在chrome浏览器登录wuming1990账号为接收方

分析发送方的表单

分析提交页源代码POST的数据

<?php 
require("./http.class.php");
$http=new Http("http://home.verycd.com/cp.php?ac=pm&op=send&touid=0&pmid=0");
$msg=array(
	"formhash"=>"10fe754a",
	"message"=>"你好",
	"pmsubmit"=>true,
	"pmsubmit_btn"=>"发送",
	"refer"=>"http://home.verycd.com/space.php?do=pm&filter=privatepm",
	"username"=>"wuming1990"
);
file_put_contents("./res.html",$http->post($msg));

?>

打开res.html,分析源代码

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 05 Dec 2014 06:57:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Set-Cookie: sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: member_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: member_name=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: pass_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: rememberme=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: mgroupId=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: coppa=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: uchome_auth=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: uchome_loginuser=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Location: http://www.verycd.com/account/profile/
Set-Cookie: uchome__refer=cp.php%253Fac%253Dprofile; path=/; domain=.verycd.com

33fc

调试查看自己发送的是什么内容?

这时候我们可以分析出错误出现在第一行
打印该对象
Http Object
(
    [errno:protected] => 0
    [errstr:protected] => 
    [response:protected] => 
    [url:protected] => Array
        (
            [scheme] => http
            [host] => home.verycd.com
            [path] => /cp.php
            [query] => ac=pm&op=send&touid=0&pmid=0
            [port] => 80
        )

    [version:protected] => HTTP/1.1
    [fh:protected] => Resource id #3
    [line:protected] => Array
        (
            [0] => POST /cp.php HTTP/1.1
        )

    [header:protected] => Array
        (
            [0] => Host:home.verycd.com
            [1] => Content-type:application/x-www-form-urlencoded
            [2] => Content-length:185
        )

    [body:protected] => Array
        (
            [0] => formhash=10fe754a&message=%E4%BD%A0%E5%A5%BD&pmsubmit=1&pmsubmit_btn=%E5%8F%91%E9%80%81&refer=http%3A%2F%2Fhome.verycd.com%2Fspace.php%3Fdo%3Dpm%26filter%3Dprivatepm&username=wuming1990
        )

)

修改我们的http类

<pre name="code" class="php"> //http请求类的接口
interface Proto{
	//连接url
	function conn($url);
	//发送get查询
	function get();
	//发送post查询
	function post();
	//关闭连接
	function close();
}
class Http implements Proto{
	const CRLF="
";
	protected $errno=-1;
	protected $errstr="";
	protected $response="";
	protected $url=null;
	protected $version="HTTP/1.1";
	protected $fh=null;
	protected $line=array();
	protected $header=array();
	protected $body=array();
	
	public function __construct($url){
		$this->conn($url);
		$this->setHeader("Host:".$this->url["host"]);
	}
	//此方法负责写请求行
	protected function setLine($method){
		$this->line[0]=$method." ".$this->url["path"]."?".$this->url["query"]." ".$this->version;
	}
	//此方法负责写头信息
	public function setHeader($headerline){
		$this->header[]=$headerline;
	}
	//此方法负责写主体信息
	protected function setBody($body){
		
		$this->body[]=http_build_query($body);;
	}
	//连接url
	function conn($url){
		$this->url=parse_url($url);
		//判断端口
		if(!isset($this->url["port"])){
			$this->url["port"]=80;
		}
		$this->fh=fsockopen($this->url["host"],$this->url["port"],$this->errno,$this->errstr,3);
	}
	//构造get请求的数据
	function get(){
		$this->setLine("GET");
		$this->request();
		return $this->response;
	}
	//构造post请求的数据
	function post($body=array()){
		//构造主体信息
		$this->setLine("POST");
		
		//设置content-type
		$this->setHeader("Content-type:application/x-www-form-urlencoded");
		//设置主体信息,比GET不一样的地方
		$this->setBody($body);
		//计算content-length
		$this->setHeader("Content-length:".strlen($this->body[0]));
		$this->request();
		return $this->response;
	}
	//真正请求
	function request(){
		//把请求行,头信息,实体信息  放在一个数组里,便于拼接
		$req=array_merge($this->line,$this->header,array(""),$this->body,array(""));
		$req=implode(self::CRLF,$req);
// 		print_r($this);
// 		echo $req;
// 		exit;
		fwrite($this->fh,$req);
		
		while(!feof($this->fh)){
			$this->response.=fread($this->fh,1024);
		}
		
		$this->close();//关闭连接
		return $this->response;
	}
	//关闭连接
	function close(){
		fclose($this->fh);
	}
}




生成如下POST /cp.php?ac=pm&op=send&touid=0&pmid=0 HTTP/1.1Host:home.verycd.comContent-type:application/x-www-form-urlencodedContent-length:185formhash=10fe754a&message=%E4%BD%A0%E5%A5%BD&pmsubmit=1&pmsubmit_btn=%E5%8F%91%E9%80%81&refer=http%3A%2F%2Fhome.verycd.com%2Fspace.php%3Fdo%3Dpm%26filter%3Dprivatepm&username=wuming1990 



HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 Dec 2014 07:11:39 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Set-Cookie: sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: member_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: member_name=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: pass_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: rememberme=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: mgroupId=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: coppa=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: uchome_auth=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: uchome_loginuser=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: uchome__refer=cp.php%253Fac%253Dpm; path=/; domain=.verycd.com

表示已成功,但是不完全,我们接着看res.html中的内容
在网页中有如下内容:表明需要先登录以后才能操作








服务器怎么知道咱们没登陆的?


http一个很重要的特点:无状态,两次请求之间没有关系。


服务器如何记住一个客户?


 


建立cookie.php


<?php
header("content-type:text/html;charset=utf8"); 
setcookie("user","zhangsan");
echo "服务器给你的编号是zhangsan";
?>



建立readcookie.php


<?php
header("content-type:text/html;charset=utf8"); 
echo "服务器给你的编号是".$_COOKIE["user"];
?>



利用命令窗口提交请求




增加提交的信息


<?php 
require("./http.class.php");
$http=new Http("http://home.verycd.com/cp.php?ac=pm&op=send&touid=0&pmid=0");
$http->setHeader("cookie:Hm_lvt_c7849bb40e146a37d411700cb7696e46=1417760419; Hm_lpvt_c7849bb40e146a37d411700cb7696e46=1417760610; post_action=repost; sid=7fd8c62c8d000561d658c4e25eccb6f791a8d4b6; member_id=9933070; member_name=wuming88888888; mgroupId=93; pass_hash=263b6d67494b1888f1e7b8cc227ea4bd; rememberme=true; uchome_auth=63a2o4ZG8YsPG1Tv4%2FIYiydpKrQVqgKgxAQgp%2FI5ZxYQIVjc8ad40VEyW2peEmnKYwKQ2qserNpgSOrxwXLKpDomid%2Fq; uchome_loginuser=wuming88888888; CNZZDATA1479=cnzz_eid%3D407399210-1417756656-http%253A%252F%252Fwww.verycd.com%252F%26ntime%3D1417756656; __utma=248211998.394160120.1417760633.1417760633.1417760633.1; __utmb=248211998.8.10.1417760633; __utmc=248211998; __utmz=248211998.1417760633.1.1.utmcsr=verycd.com|utmccn=(referral)|utmcmd=referral|utmcct=/account/profile/base/; __utmt=1; uchome_sendmail=1; uchome_checkpm=1; dcm=1");
$msg=array(
	"formhash"=>"10fe754a",
	"message"=>"i am from wuming88888888",
	"pmsubmit"=>true,
	"pmsubmit_btn"=>"发送",
	"refer"=>"http://home.verycd.com/space.php?do=pm&filter=privatepm",
	"username"=>"wuming1990"
);
file_put_contents("./res.html",$http->post($msg));
echo "ok";
?>

再看wuming1990的用户是否收到信息










(PS:如果发送不成功,表明COOKIE值不对,cookie的生成与请求头信息有关,保守做法:把全部请求头信息加到post请求里面)




Accepttext/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-Encoding gzip, deflate

Accept-Language zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3

Connection keep-alive

CookieHm_lvt_c7849bb40e146a37d411700cb7696e46=1417760419; Hm_lpvt_c7849bb40e146a37d411700cb7696e46=1417760610; post_action=repost; sid=7fd8c62c8d000561d658c4e25eccb6f791a8d4b6; member_id=9933070; member_name=wuming88888888; mgroupId=93; pass_hash=263b6d67494b1888f1e7b8cc227ea4bd; rememberme=true; uchome_auth=63a2o4ZG8YsPG1Tv4%2FIYiydpKrQVqgKgxAQgp%2FI5ZxYQIVjc8ad40VEyW2peEmnKYwKQ2qserNpgSOrxwXLKpDomid%2Fq; uchome_loginuser=wuming88888888; CNZZDATA1479=cnzz_eid%3D407399210-1417756656-http%253A%252F%252Fwww.verycd.com%252F%26ntime%3D1417756656; __utma=248211998.394160120.1417760633.1417760633.1417760633.1; __utmb=248211998.8.10.1417760633; __utmc=248211998; __utmz=248211998.1417760633.1.1.utmcsr=verycd.com|utmccn=(referral)|utmcmd=referral|utmcct=/account/profile/base/; __utmt=1; uchome_sendmail=1; uchome_checkpm=1; dcm=1

Hosthome.verycd.com

Refererhttp://home.verycd.com/cp.php?ac=pm

User-Agent Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0

 




书写格式:


$http->setHeader("红色字体:黑色字体");



            
                
				
			
		
        	

            

                            

            
声明:该文观点仅代表作者本人,入门客AI创业平台信息发布平台仅提供信息存储空间服务,如有疑问请联系rumenke@qq.com。

            

                
            

                    

        

            

                                    未上传头像
                                

                

                

            


                        

                
热门文章

                                

			
				php爬取页面的方法总结			

                                

			
				HTTP协议分析系列(五)-----...

                                

			
				HTTP协议分析系列(六)-----...

                            

            
                        

                
最新文章
 
                                

			
				HTTP协议分析系列(五)-----...

                                

			
				php爬取页面的方法总结			

                                

			
				PHP获取生成一个页面的数据...

                            

                        
        

    





copyright © 2008-2019 入门客AI创业平台 版权所有 备案号:湘ICP备2023012770号