logging in to Joomla from external script

0
votes

I'm trying to login a user who was authenticated elsewhere to a Joomla-site and was following Brent Friar's nice program, but had to apply two modifications:

  1. added a field "return" which was contained in the form
  2. refencing com_users, not com_user

I do not know if that site has specific customizations, uses a specific login-module or if is a different version - I do not have admin-access to the site, so I cannot check. Now, my script is running, but it does not successfully login the user - it doesn't get a cookie in return which it is expecting.

Instead, the site returns

HTTP/1.1 100 Continue

HTTP/1.1 303 See other Date: Wed, 23 Jul 2014 18:18:25 GMT Server: Apache/2.2.22 X-Powered-By: PHP/5.2.17 Location: http://www.strassenbau.forum-kundenportal.de/login-erfolgreich Content-Length: 0 Connection: close Content-Type: text/html; charset=utf-8

I know a bit of Joomla, but know nothing about the depths of http-communication with it, so I have no idea what the problem is here.

Here's my code:

<?php

$uname = "*** secret";
$upswd = "*** credentials";
$url = "http://www.strassenbau.forum-kundenportal.de/login-anmeldung";
set_time_limit(0);

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url );
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE );
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE );
curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE );
curl_setopt($ch, CURLOPT_COOKIEJAR, realpath('./cookie.txt'));
curl_setopt($ch, CURLOPT_COOKIEFILE, realpath('./cookie.txt'));
curl_setopt($ch, CURLOPT_HEADER, TRUE );
$ret = curl_exec($ch);

if (!preg_match('/name="([a-zA-z0-9]{32})"/', $ret, $spoof)) {
    preg_match("/name='([a-zA-z0-9]{32})'/", $ret, $spoof);
}

preg_match('/name="return" value="(.*)"/', $ret, $return); // search for hidden field "return" and get its value

// POST fields
$postfields = array();
$postfields['username'] = urlencode($uname);
$postfields['password'] = urlencode($upswd);
$postfields['option'] = 'com_users';
$postfields['task'] = 'user.login';
$postfields['return'] = $return[1];
$postfields[$spoof[1]] = '1';
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);
$ret = curl_exec($ch);

echo "ret2: <pre>"; var_dump($ret); echo "</pre>";  // no cooking being set here!

// Get logged in cookie and pass it to the browser
preg_match('/^Set-Cookie: (.*?);/m', $ret, $m);
$cookie=explode('=',$m[1]);
setcookie($cookie[0], $cookie[1]);


?>
1
phpcurljoomla
What version of Joomla are you trying to log into? (Brent's script is for 1.5 which is very different from 2.5/3.x which use com_users as apposed to the old com_user)… Second, if it's a late 2.5.x version or a 3.x site it may have problems running on the PHP version 5.2 indicated in the response you've received. You might like to try asking on the Joomla Q&A StackExhange site also. - Craig
As I said, I don't know which version they are using there. But Brent wrote "should work on any Joomla site" and I figured it looked generic enough to work anywhere. And you are right with your remeark about com_users, since I had to adjust this, we now they are using at least 2.5 - perhaps the return-thing was also introduced in one the later version. I'll go over to Joomla Q&A... - MBaas
probably a good idea, Brent's answer was written 3 years ago when 1.5 was still fairly dominant. - Craig

1 Answers

0
votes

I ended up using the AutoLogin-extension which did the job. Not as "elegant" as I wanted it to be (because it requires installation of that plugin), but hey, it works! :-)