Hello everybody,
I found this place just a few minutes ago when searching for good place to find some PHP related help. I have some problems with CURL (completely newbie to CURL), when posting remote forms.
I have some websites powered by XOOPS CMS and I need to submit some content to my websites from remote host, so I decided to make it via CURL. The problem is, that something is really wrong and I always get "No valid security token found" message (XOOPS checks for this parameter to prevent hacking, I think). I just have no idea what's wrong, because I submit this parameter as well. For example, this is the code to submit form for one of my XOOPS sites:
$content=file_get_contents("http://www.soft-news.net/m-news+comment_new+com_itemid-4285-com_order-0-com_mode-flat.html");
preg_match('/\<input type=\"hidden\" name=\"PHPSESSID\" value=\"(.*?)\" \/\>/', $content, $session_id);
preg_match('/\<input type=\'hidden\' name=\'XOOPS_TOKEN_REQUEST\' id=\'XOOPS_TOKEN_REQUEST\' value=\'(.*?)\' \/\>/', $content, $token_request);
$post_url="http://www.soft-news.net/modules/news/comment_post.php";
$useragent="Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)";
$reg_info="PHPSESSID=".$session_id[1]."&XOOPS_TOKEN_REQUEST=".$token_request[1]."&skipValidationJS=0&com_pid=0&com_rootid=0&com_id=0&com_itemid=4285&com_order=0&com_mode=flat&com_title=AutoOff&com_text=message&doxcode=1&dobr=1&com_dopost=Post+Comment";
$ch=curl_init();
curl_setopt($ch, CURLOPT_URL, $post_url);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_FRESH_CONNECT, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $reg_info);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$post=curl_exec($ch);
$info = curl_getinfo($ch);
curl_close($ch);
echo $post;
I thought it's related to cookies, but after turning cookies OFF on my browser, I was able to post comment without problems. And I really pass correct XOOPS_TOKEN_REQUEST parameter. May be I miss something here?
Thank you,
Mindaugas
