Home >Backend Development >PHP Tutorial >About the final version of the voting website written in PHP_PHP tutorial

About the final version of the voting website written in PHP_PHP tutorial

WBOY
WBOYOriginal
2016-07-13 17:16:571071browse

 

 

Following the last essay about cheating on votes, I decided to try it using each student’s password to log in to the Academic Affairs Office, although I had done this before when I was doing WeChat development at the beginning of the semester.

The first thing to do is to log in to the school’s Academic Affairs Office website, and then open

<span  1</span> <span //</span><span 第一步:提交数据,生成cookie,将cookie保存在临时目录下
</span><span  2</span> <span //在指定目录中建立一个具有唯一文件名的文件。如果该目录不存在,tempnam() 会在系统临时目录中生成一个文件,并返回其文件名</span>
<span  3</span> <span $cookie_file</span>=<span tempnam</span>('./temp','cookie'<span );
</span><span  4</span> <span $ch</span>=<span curl_init();
</span><span  5</span> <span $login_url</span>="网址"<span ;
</span><span  6</span> <span $curlPost</span>="uname=账号&upwd=密码&usertypex=%B9%DC%C0%ED%D4%B1"<span ;
</span><span  7</span> curl_setopt(<span $ch</span>,CURLOPT_URL,<span $login_url</span><span );
</span><span  8</span> <span //</span><span 启用时会将头文件的信息作为数据流输出</span>
<span  9</span> curl_setopt(<span $ch</span>,CURLOPT_USERAGENT, 'Mozilla/5.0 (compatible;MS IE 9.0; Windows NT 6.1; WOW 64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.0.30729; BRI/2; MASM; .NET4.0C; .NET4.0E; InfoPath.3; Media Center PC 6.0; SE 2.X MeTaSr 1.0)'<span );
</span><span 10</span> curl_setopt(<span $ch</span>,CURLOPT_HEADER,<span true</span><span ); 
</span><span 11</span> curl_setopt(<span $ch</span>,CURLOPT_MAXREDIRS,1<span ); 
</span><span 12</span> curl_setopt(<span $ch</span>,CURLOPT_RETURNTRANSFER,1<span );
</span><span 13</span> curl_setopt(<span $ch</span>,CURLOPT_FOLLOWLOCATION,1<span ); 
</span><span 14</span> curl_setopt(<span $ch</span>,CURLOPT_POST,1<span );
</span><span 15</span> curl_setopt(<span $ch</span>,CURLOPT_POSTFIELDS,<span $curlPost</span><span );
</span><span 16</span> <span //</span><span 设置连接结束后保存cookie信息的文件</span>
<span 17</span> curl_setopt(<span $ch</span>,CURLOPT_COOKIEJAR,<span $cookie_file</span><span );
</span><span 18</span> <span $content_login</span>=curl_exec(<span $ch</span><span );
</span><span 19</span> <span //</span><span print_r($content_login);</span>
<span 20</span> <span var_dump</span>(<span $cookie_file</span><span );
</span><span 21</span> curl_close(<span $ch</span>);

The test shows nothing because:

<span $content_login</span>=curl_exec(<span $ch</span><span );
</span><span //</span><span print_r($content_login);</span>

Will be explained later, continue:

<span  1</span> <span $ch2</span>=<span curl_init();
</span><span  2</span> <span $login_url2</span>=网址2"<span ;
</span><span  3</span> curl_setopt(<span $ch2</span>,CURLOPT_USERAGENT, 'Mozilla/5.0 (compatible;MS IE 9.0; Windows NT 6.1; WOW 64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.0.30729; BRI/2; MASM; .NET4.0C; .NET4.0E; InfoPath.3; Media Center PC 6.0; SE 2.X MeTaSr 1.0)'<span );
</span><span  4</span> curl_setopt(<span $ch2</span>,CURLOPT_HEADER,0<span ); 
</span><span  5</span> curl_setopt(<span $ch2</span>,CURLOPT_URL,<span $login_url2</span><span ); 
</span><span  6</span> curl_setopt(<span $ch2</span>,CURLOPT_RETURNTRANSFER,1<span );
</span><span  7</span> curl_setopt(<span $ch2</span>,CURLOPT_CONNECTTIMEOUT,120<span );
</span><span  8</span>  
<span  9</span> curl_setopt(<span $ch2</span>,CURLOPT_AUTOREFERER,1<span ); 
</span><span 10</span> curl_setopt(<span $ch2</span>,CURLOPT_POST,1<span );
</span><span 11</span> 
<span 12</span> curl_setopt(<span $ch2</span>,CURLOPT_POSTFIELDS,<span $curlPost</span><span ); 
</span><span 13</span> curl_setopt(<span $ch2</span>,CURLOPT_REFERER,"来源"<span );  
</span><span 14</span> <span //</span><span 设置连接结束后保存cookie信息的文件</span>
<span 15</span> curl_setopt(<span $ch2</span>,CURLOPT_COOKIEFILE,<span $cookie_file</span><span ); 
</span><span 16</span> <span $content_login</span>=curl_exec(<span $ch2</span><span );
</span><span 17</span> <span //</span><span $content_login='1';</span>
<span 18</span> <span print_r</span>(<span $content_login</span><span );
</span><span 19</span> <span //</span><span curl_exec($ch);</span>
<span 20</span> curl_close(<span $ch2</span>);

Here, the same cookie is used so that the server can identify it directly.

<span $content_login</span>=curl_exec(<span $ch2</span>);

This is the content obtained from the web page.

<span print_r</span>(<span $content_login</span>);

This is to print out the obtained content. If you are careful, you can find:

in front of it.
<span $content_login</span>='1';

I commented out this sentence. This is what I use to test whether the data can be modified. When I obtained the class schedule, I couldn't modify the obtained data. I don't know why, but it can be done here.

If the account password is wrong, a dialog box will pop up as shown on the website to show that the account password is wrong. In this way, just add another student_id to the data table. An account can only be used once.

 

I really hope that this time I can really stop ticket fraud. I am exhausted.

Thank you also to netizens. The verification code of Mogujie is really good. I also figured it out and will share it with you tomorrow. However, the ticket brush has a function that allows you to enter the verification code manually. This is useless, so I gave up the verification code.

I will be scolded to death by those people.

 

Please indicate the source when reprinting: http://www.cnblogs.com/yydcdut/p/3472248.html

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/626633.htmlTechArticleFollowing the last essay about the ticket fraud, I decided to try it with each student’s password to log in to the Academic Affairs Office. Although I did this when I was doing WeChat development at the beginning of school. First...
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn