以www.verycd.com为例
在火狐浏览器登录wuming88888888账号为发送方
在chrome浏览器登录wuming1990账号为接收方
分析发送方的表单
分析提交页源代码POST的数据
<?php
require('./http.class.php');
$http=new Http('http://home.verycd.com/cp.php?ac=pm&op=send&touid=0&pmid=0');
$msg=array(
'formhash'=>'10fe754a',
'message'=>'你好',
'pmsubmit'=>true,
'pmsubmit_btn'=>'发送',
'refer'=>'http://home.verycd.com/space.php?do=pm&filter=privatepm',
'username'=>'wuming1990'
);
file_put_contents('./res.html',$http->post($msg));
?>
打开res.html,分析源代码
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 05 Dec 2014 06:57:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Set-Cookie: sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: member_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: member_name=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: pass_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: rememberme=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: mgroupId=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: coppa=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: uchome_auth=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: uchome_loginuser=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Location: http://www.verycd.com/account/profile/
Set-Cookie: uchome__refer=cp.php%253Fac%253Dprofile; path=/; domain=.verycd.com
33fc
调试查看自己发送的是什么内容?
这时候我们可以分析出错误出现在第一行
打印该对象
Http Object
(
[errno:protected] => 0
[errstr:protected] =>
[response:protected] =>
[url:protected] => Array
(
[scheme] => http
[host] => home.verycd.com
[path] => /cp.php
[query] => ac=pm&op=send&touid=0&pmid=0
[port] => 80
)
[version:protected] => HTTP/1.1
[fh:protected] => Resource id #3
[line:protected] => Array
(
[0] => POST /cp.php HTTP/1.1
)
[header:protected] => Array
(
[0] => Host:home.verycd.com
[1] => Content-type:application/x-www-form-urlencoded
[2] => Content-length:185
)
[body:protected] => Array
(
[0] => formhash=10fe754a&message=%E4%BD%A0%E5%A5%BD&pmsubmit=1&pmsubmit_btn=%E5%8F%91%E9%80%81&refer=http%3A%2F%2Fhome.verycd.com%2Fspace.php%3Fdo%3Dpm%26filter%3Dprivatepm&username=wuming1990
)
)
修改我们的http类
<pre name="code" class="php"> //http请求类的接口
interface Proto{
//连接url
function conn($url);
//发送get查询
function get();
//发送post查询
function post();
//关闭连接
function close();
}
class Http implements Proto{
const CRLF="\r\n";
protected $errno=-1;
protected $errstr='';
protected $response='';
protected $url=null;
protected $version='HTTP/1.1';
protected $fh=null;
protected $line=array();
protected $header=array();
protected $body=array();
public function __construct($url){
$this->conn($url);
$this->setHeader('Host:'.$this->url['host']);
}
//此方法负责写请求行
protected function setLine($method){
$this->line[0]=$method.' '.$this->url['path'].'?'.$this->url['query'].' '.$this->version;
}
//此方法负责写头信息
public function setHeader($headerline){
$this->header[]=$headerline;
}
//此方法负责写主体信息
protected function setBody($body){
$this->body[]=http_build_query($body);;
}
//连接url
function conn($url){
$this->url=parse_url($url);
//判断端口
if(!isset($this->url['port'])){
$this->url['port']=80;
}
$this->fh=fsockopen($this->url['host'],$this->url['port'],$this->errno,$this->errstr,3);
}
//构造get请求的数据
function get(){
$this->setLine('GET');
$this->request();
return $this->response;
}
//构造post请求的数据
function post($body=array()){
//构造主体信息
$this->setLine('POST');
//设置content-type
$this->setHeader('Content-type:application/x-www-form-urlencoded');
//设置主体信息,比GET不一样的地方
$this->setBody($body);
//计算content-length
$this->setHeader('Content-length:'.strlen($this->body[0]));
$this->request();
return $this->response;
}
//真正请求
function request(){
//把请求行,头信息,实体信息 放在一个数组里,便于拼接
$req=array_merge($this->line,$this->header,array(''),$this->body,array(''));
$req=implode(self::CRLF,$req);
// print_r($this);
// echo $req;
// exit;
fwrite($this->fh,$req);
while(!feof($this->fh)){
$this->response.=fread($this->fh,1024);
}
$this->close();//关闭连接
return $this->response;
}
//关闭连接
function close(){
fclose($this->fh);
}
}
生成如下POST /cp.php?ac=pm&op=send&touid=0&pmid=0 HTTP/1.1Host:home.verycd.comContent-type:application/x-www-form-urlencodedContent-length:185formhash=10fe754a&message=%E4%BD%A0%E5%A5%BD&pmsubmit=1&pmsubmit_btn=%E5%8F%91%E9%80%81&refer=http%3A%2F%2Fhome.verycd.com%2Fspace.php%3Fdo%3Dpm%26filter%3Dprivatepm&username=wuming1990
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 Dec 2014 07:11:39 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Set-Cookie: sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: member_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: member_name=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: pass_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: rememberme=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: mgroupId=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: coppa=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: uchome_auth=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: uchome_loginuser=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com
Set-Cookie: uchome__refer=cp.php%253Fac%253Dpm; path=/; domain=.verycd.com
表示已成功,但是不完全,我们接着看res.html中的内容
在网页中有如下内容:表明需要先登录以后才能操作
服务器怎么知道咱们没登陆的?
http一个很重要的特点:无状态,两次请求之间没有关系。
服务器如何记住一个客户?
建立cookie.php
<?php
header('content-type:text/html;charset=utf8');
setcookie('user','zhangsan');
echo '服务器给你的编号是zhangsan';
?>
建立readcookie.php
<?php
header('content-type:text/html;charset=utf8');
echo '服务器给你的编号是'.$_COOKIE['user'];
?>
利用命令窗口提交请求
增加提交的信息
<?php
require('./http.class.php');
$http=new Http('http://home.verycd.com/cp.php?ac=pm&op=send&touid=0&pmid=0');
$http->setHeader('cookie:Hm_lvt_c7849bb40e146a37d411700cb7696e46=1417760419; Hm_lpvt_c7849bb40e146a37d411700cb7696e46=1417760610; post_action=repost; sid=7fd8c62c8d000561d658c4e25eccb6f791a8d4b6; member_id=9933070; member_name=wuming88888888; mgroupId=93; pass_hash=263b6d67494b1888f1e7b8cc227ea4bd; rememberme=true; uchome_auth=63a2o4ZG8YsPG1Tv4%2FIYiydpKrQVqgKgxAQgp%2FI5ZxYQIVjc8ad40VEyW2peEmnKYwKQ2qserNpgSOrxwXLKpDomid%2Fq; uchome_loginuser=wuming88888888; CNZZDATA1479=cnzz_eid%3D407399210-1417756656-http%253A%252F%252Fwww.verycd.com%252F%26ntime%3D1417756656; __utma=248211998.394160120.1417760633.1417760633.1417760633.1; __utmb=248211998.8.10.1417760633; __utmc=248211998; __utmz=248211998.1417760633.1.1.utmcsr=verycd.com|utmccn=(referral)|utmcmd=referral|utmcct=/account/profile/base/; __utmt=1; uchome_sendmail=1; uchome_checkpm=1; dcm=1');
$msg=array(
'formhash'=>'10fe754a',
'message'=>'i am from wuming88888888',
'pmsubmit'=>true,
'pmsubmit_btn'=>'发送',
'refer'=>'http://home.verycd.com/space.php?do=pm&filter=privatepm',
'username'=>'wuming1990'
);
file_put_contents('./res.html',$http->post($msg));
echo 'ok';
?>
再看wuming1990的用户是否收到信息
(PS:如果发送不成功,表明COOKIE值不对,cookie的生成与请求头信息有关,保守做法:把全部请求头信息加到post请求里面)
Accepttext/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding gzip, deflate
Accept-Language zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3
Connection keep-alive
CookieHm_lvt_c7849bb40e146a37d411700cb7696e46=1417760419; Hm_lpvt_c7849bb40e146a37d411700cb7696e46=1417760610; post_action=repost; sid=7fd8c62c8d000561d658c4e25eccb6f791a8d4b6; member_id=9933070; member_name=wuming88888888; mgroupId=93; pass_hash=263b6d67494b1888f1e7b8cc227ea4bd; rememberme=true; uchome_auth=63a2o4ZG8YsPG1Tv4%2FIYiydpKrQVqgKgxAQgp%2FI5ZxYQIVjc8ad40VEyW2peEmnKYwKQ2qserNpgSOrxwXLKpDomid%2Fq; uchome_loginuser=wuming88888888; CNZZDATA1479=cnzz_eid%3D407399210-1417756656-http%253A%252F%252Fwww.verycd.com%252F%26ntime%3D1417756656; __utma=248211998.394160120.1417760633.1417760633.1417760633.1; __utmb=248211998.8.10.1417760633; __utmc=248211998; __utmz=248211998.1417760633.1.1.utmcsr=verycd.com|utmccn=(referral)|utmcmd=referral|utmcct=/account/profile/base/; __utmt=1; uchome_sendmail=1; uchome_checkpm=1; dcm=1
Hosthome.verycd.com
Refererhttp://home.verycd.com/cp.php?ac=pm
User-Agent Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0
书写格式:
$http->setHeader('红色字体:黑色字体');