php Curl posting to PHPBB

7
votes

I used to post updates to a forum though a PHP script though my account, Recently it has stopped working, and im not 100% sure why - there are no errors returned by curl and everything seems to be ok apart from the message appearing.

The board im posting to has disable flood limit set for my user and I have permissions to post what ever type of topic is needed

the code to post im using is the following (found online a while ago - minor edits) 

$url = "http://url.co.uk/board/";

$post_fields = 'username=user&password=pass&redirect=&login=Log+in';
$lurl = $url."ucp.php";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$lurl);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch,CURLOPT_COOKIEJAR,"cookie.txt");
$result= curl_exec ($ch);
curl_close ($ch);
$sid1 = explode("sid=",$result);
$sid2 = explode('&',$sid1[1]);
$sid = rtrim(substr($sid2[0], 0, -29),'"');

$purl = url&"posting.php?mode=post&f=20&sid=$sid";
var_dump($purl);
$ch1 = curl_init();
curl_setopt($ch1, CURLOPT_URL,$purl);
curl_setopt($ch1,CURLOPT_RETURNTRANSFER,1);
curl_setopt ($ch1, CURLOPT_HEADER, false );
curl_setopt($ch1, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch1,CURLOPT_COOKIEFILE,"cookie.txt");
$result1= curl_exec ($ch1);
curl_close ($ch1);

preg_match('%name="form_token" value="(.*)"\ /\>%',$result1,$security123);
preg_match('%name="lastclick" value="(.*)"\ /\>%',$result1,$lastclick);
preg_match('%name="creation_time" value="(.*)"\ /\>%',$result1,$ctime1);
$lclick = explode('" />',$lastclick[1]);

$title = "title";
$subject = "subject to post";
$post_fields = array(
            'subject'   => $title,
         'message'   => htmlspecialchars_decode($subject),
            'icon'      => 0,
'poll_title' => "Poll Name",
'poll_option_text' => "poll 1\r\npoll 2",
'poll_max_options' => 1,
'poll_length' => 0,
'poll_vote_change' => "on",


            'disable_smilies'   => 0,
            'attach_sig'        => 1,
            'notify'           => 0,
         'topic_type'         => 2,
            'topic_time_limit'   => "",
           'creation_time'      => $ctime1[1],
         'lastclick'          => $lclick[0],
          'form_token'   => $security123[1],
              'sid'     =>  $sid,
         'post'   => 'Submit',

         );
print_r($post_fields);
$ch1 = curl_init();
curl_setopt($ch1, CURLOPT_URL,$purl);
curl_setopt($ch1, CURLOPT_POST, 1);
curl_setopt($ch1, CURLOPT_POSTFIELDS, $post_fields);
curl_setopt($ch1,CURLOPT_RETURNTRANSFER,1);
curl_setopt ($ch1, CURLOPT_HEADER, false );
curl_setopt($ch1, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch1,CURLOPT_COOKIEFILE,"cookie.txt");
$result2= curl_exec ($ch1);
if(curl_errno($ch1))
{
    echo 'Curl error: ' . curl_error($ch1);
}
curl_close ($ch1);
echo $result2;

From this $result2 has the output threads from the forum, But the message submitted hasnt been posted.

I am logged in ok in $result2 with no error messages visible.

Any suggestions ? ive checked sid, form_token, lclick and creation_time and they all seem to be the same and correct.

curl verbose output

* About to connect() to site.co.uk port 80
*   Trying 78.xxx.yyy.zzz... * connected
* Connected to site.co.uk (78.xxx.yyy.zzz) port 80
> POST /board/posting.php?mode=post&f=20 HTTP/1.1

Host: site.co.uk

Accept: */*

Cookie: phpbb3_9g61k_sid=693813912f38db33091212ee14102026; phpbb3_9g61k_k=; phpbb3_9g61k_u=57

Content-Length: 1914

Expect: 100-continue

Content-Type: multipart/form-data; boundary=----------------------------2fb596b13df0



< HTTP/1.1 100 Continue

< HTTP/1.1 302 Found

< Date: Wed, 30 Jan 2013 23:21:39 GMT

< Server: Apache/2.2.22 (CentOS)

< Location: http://site.co.uk/board/viewforum.php?f=20

< Content-Length: 0

< Content-Type: text/html; charset=UTF-8

* Connection #0 to host site.co.uk left intact
* Issue another request to this URL: 'http://site.co.uk/board/viewforum.php?f=20'
* Disables POST, goes with GET
* Re-using existing connection! (#0) with host site.co.uk
* Connected to site.co.uk (78.xxx.yyy.zzz) port 80
> GET /board/viewforum.php?f=20 HTTP/1.1

Host: site.co.uk

Accept: */*

Cookie: phpbb3_9g61k_sid=693813912f38db33091212ee14102026; phpbb3_9g61k_k=; phpbb3_9g61k_u=57



< HTTP/1.1 200 OK

< Date: Wed, 30 Jan 2013 23:21:39 GMT

< Server: Apache/2.2.22 (CentOS)

< Cache-Control: private, no-cache="set-cookie"

< Expires: 0

< Pragma: no-cache

< Transfer-Encoding: chunked

< Content-Type: text/html; charset=UTF-8

* Connection #0 to host site.co.uk left intact
* Closing connection #0
1
phpcurl
Is it your forum, or someone else's? Maybe they blocked you.ceejayoz
Not blocked, I have admin access on forum, Not file access though. Nothing showing in any of the logs and i can see my user name appear online when script is runexussum
if you are admin of this forum why not insert it direct to database instead use curl?Quy Nguyen
@QuyNguyen the database structure is very complex. is is very difficult to manually insert posts in PhpBB3.x databaseshanshenrik
Not only that. But cache invalidation happens though the codeexussum

1 Answers

5
votes

Solved it

posting.php line 49

if ($cancel || ($current_time - $lastclick < 2 && $submit))

Although flood is disabled for my user there is still a hard coded delay of 2 seconds that i have to stick to.