perlchild has asked for the wisdom of the Perl Monks concerning the following question:

The following code, straight from the perldoc lwpcook documentation, is not working for me.

The site url and login info I cannot give out, but I can say that the site uses php and sessions to authenticate the username and password passed in by the form. It then redirects to the protected page if login successful or back to login page if not.

The problem when running the code is it should print the content of the protected page, instead, it prints out the content of the login page like the authentication has failed. However, there are no error messages in the response but it does send back 200 OK, which is strange since the protected page was not accessed.

Here is the code:

#!c:\perl\bin\perl -w
use HTTP::Request::Common qw(POST);
use LWP::UserAgent;

$ua = LWP::UserAgent->new;
push @{$ua->requests_redirectable}, 'POST';

my $req = POST 'http://www.(mypath)/login.php',
        [ username => 'masked', password => 'masked' ];

print $ua->request($req)->as_string;

exit;

[download]

I have received really good help in the past here at perlmonks and I'm sure someone here can stear me in the right direction to solve this problem. Thanks in advance.

Replies are listed 'Best First'.
Re: LWP form post example not working
by afresh1 (Hermit) on Oct 10, 2008 at 22:00 UTC
    Are you sure that http://www.(mypath)/login.php actually takes "username" and "password" as post variables? I used this as my login.php: 
    <?php
foreach($_POST as $key => $value) {
    if(is_array($value)) {
        $newvalue = implode(',',$value); //if it's an array, convert i
+t to comma separated
    } else {
        $newvalue = $value;
    }
    print "$key: $newvalue\n";
}
?>

    [download]
    and got this response: 
    HTTP/1.0 200 OK
Connection: close
Date: Fri, 10 Oct 2008 21:04:38 GMT
Server: Apache
Content-Type: text/html
Client-Date: Fri, 10 Oct 2008 21:54:51 GMT
Client-Response-Num: 1
X-Powered-By: PHP/5.2.5

username: masked
password: masked
    That leads me to believe that the script is correct, but that what login.php is expecting is different. If you are using Firefox you could try the TamperData extension to see what exactly the form is supposed to be submitting.
    --
    andrew
[reply]
[d/l]
      Yes the variables are post variables, I know since I created the form myself. There is also a hidden redirect variable that goes in the url.
[reply]

        Can you put a simpler page (like the one I posted) that just displays the POST variables it receives and test that?

        It really sounds like a problem on the PHP side. I would recommend that you look at the PHP and see how it decides which content to show, then do some diagnostics on why it is failing to work like you expect.

        --
        andrew
[reply]
Re: LWP form post example not working
by clwolfe (Scribe) on Oct 11, 2008 at 04:25 UTC
    Hmmm, yeah, this sounds like there's a miscommunication going on between your script and the server.

    You mention that it uses sessions. Does that mean it's setting a cookie? Your script, as written, will not accept cookies (or rather, forgets them as soon as it receives them).

    If I were a login page, on successful POST I might respond with a cookie-setting redirect, then the protected page would check for the cookie, and if it's missing, redirect to the login page. You'd then see exactly the behavior you see above.

    You could check for that by installing something like LiveHTTPHeaders for Firefox, or something similar - anything that lets you view the HTTP requests and responses. Then disable cookies and try to log in.

    To enable your script to accept cookies, see the cookie_jar method in LWP::UserAgent, or just do this: 

    # Instead of $ua = LWP::UserAgent->new();
$ua = LWP::UserAgent->new(cookie_jar => {});

    [download]
    Good luck! --Clinton
[reply]
[d/l]
      I have added the line you suggested and still no luck logging in to the site. Since my php code is using sessions it does set the Set-Cookie: header to a PHPSESSID but once the post is finished that cookie is no longer valid. I tried to do a get on the login page an put that cookie in a variable and then tried to set that header on the post but that did not work either since the new cookie was different. I printed them out as I got and set them to make sure of that.
[reply]
Re: LWP form post example not working
by Gangabass (Vicar) on Oct 11, 2008 at 08:37 UTC

    You need to find which form fields are sended to server from your browser (use Firefox LiveHTTPHeaders extension) and after that repeat this request.

    P. S. It may be hidden field or submit button name or some JavaScript stuff or you first must load this page and recieve cookies...

[reply]
      There is a hidden redirect field but that is in the url of the post request. There is no javascript, and I have tried to load the page and get the cookie first, but after that request the cookie is invalid so it doesn't work in the next request when trying to do the post.
[reply]

Back to Seekers of Perl Wisdom