About the final version of the voting website written in PHP_PHP tutorial

　

　

Following the last essay about cheating on votes, I decided to try it using each student’s password to log in to the Academic Affairs Office, although I had done this before when I was doing WeChat development at the beginning of the semester.

The first thing to do is to log in to the school’s Academic Affairs Office website, and then open

<span  1</span> <span //</span><span 第一步:提交数据,生成cookie,将cookie保存在临时目录下
</span><span  2</span> <span //在指定目录中建立一个具有唯一文件名的文件。如果该目录不存在，tempnam() 会在系统临时目录中生成一个文件，并返回其文件名</span>
<span  3</span> <span $cookie_file</span>=<span tempnam</span>('./temp','cookie'<span );
</span><span  4</span> <span $ch</span>=<span curl_init();
</span><span  5</span> <span $login_url</span>="网址"<span ;
</span><span  6</span> <span $curlPost</span>="uname=账号&upwd=密码&usertypex=%B9%DC%C0%ED%D4%B1"<span ;
</span><span  7</span> curl_setopt(<span $ch</span>,CURLOPT_URL,<span $login_url</span><span );
</span><span  8</span> <span //</span><span 启用时会将头文件的信息作为数据流输出</span>
<span  9</span> curl_setopt(<span $ch</span>,CURLOPT_USERAGENT, 'Mozilla/5.0 (compatible;MS IE 9.0; Windows NT 6.1; WOW 64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.0.30729; BRI/2; MASM; .NET4.0C; .NET4.0E; InfoPath.3; Media Center PC 6.0; SE 2.X MeTaSr 1.0)'<span );
</span><span 10</span> curl_setopt(<span $ch</span>,CURLOPT_HEADER,<span true</span><span ); 
</span><span 11</span> curl_setopt(<span $ch</span>,CURLOPT_MAXREDIRS,1<span ); 
</span><span 12</span> curl_setopt(<span $ch</span>,CURLOPT_RETURNTRANSFER,1<span );
</span><span 13</span> curl_setopt(<span $ch</span>,CURLOPT_FOLLOWLOCATION,1<span ); 
</span><span 14</span> curl_setopt(<span $ch</span>,CURLOPT_POST,1<span );
</span><span 15</span> curl_setopt(<span $ch</span>,CURLOPT_POSTFIELDS,<span $curlPost</span><span );
</span><span 16</span> <span //</span><span 设置连接结束后保存cookie信息的文件</span>
<span 17</span> curl_setopt(<span $ch</span>,CURLOPT_COOKIEJAR,<span $cookie_file</span><span );
</span><span 18</span> <span $content_login</span>=curl_exec(<span $ch</span><span );
</span><span 19</span> <span //</span><span print_r($content_login);</span>
<span 20</span> <span var_dump</span>(<span $cookie_file</span><span );
</span><span 21</span> curl_close(<span $ch</span>);

The test shows nothing because:

<span $content_login</span>=curl_exec(<span $ch</span><span );
</span><span //</span><span print_r($content_login);</span>

Will be explained later, continue:

<span  1</span> <span $ch2</span>=<span curl_init();
</span><span  2</span> <span $login_url2</span>=网址2"<span ;
</span><span  3</span> curl_setopt(<span $ch2</span>,CURLOPT_USERAGENT, 'Mozilla/5.0 (compatible;MS IE 9.0; Windows NT 6.1; WOW 64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.0.30729; BRI/2; MASM; .NET4.0C; .NET4.0E; InfoPath.3; Media Center PC 6.0; SE 2.X MeTaSr 1.0)'<span );
</span><span  4</span> curl_setopt(<span $ch2</span>,CURLOPT_HEADER,0<span ); 
</span><span  5</span> curl_setopt(<span $ch2</span>,CURLOPT_URL,<span $login_url2</span><span ); 
</span><span  6</span> curl_setopt(<span $ch2</span>,CURLOPT_RETURNTRANSFER,1<span );
</span><span  7</span> curl_setopt(<span $ch2</span>,CURLOPT_CONNECTTIMEOUT,120<span );
</span><span  8</span>  
<span  9</span> curl_setopt(<span $ch2</span>,CURLOPT_AUTOREFERER,1<span ); 
</span><span 10</span> curl_setopt(<span $ch2</span>,CURLOPT_POST,1<span );
</span><span 11</span> 
<span 12</span> curl_setopt(<span $ch2</span>,CURLOPT_POSTFIELDS,<span $curlPost</span><span ); 
</span><span 13</span> curl_setopt(<span $ch2</span>,CURLOPT_REFERER,"来源"<span );  
</span><span 14</span> <span //</span><span 设置连接结束后保存cookie信息的文件</span>
<span 15</span> curl_setopt(<span $ch2</span>,CURLOPT_COOKIEFILE,<span $cookie_file</span><span ); 
</span><span 16</span> <span $content_login</span>=curl_exec(<span $ch2</span><span );
</span><span 17</span> <span //</span><span $content_login='1';</span>
<span 18</span> <span print_r</span>(<span $content_login</span><span );
</span><span 19</span> <span //</span><span curl_exec($ch);</span>
<span 20</span> curl_close(<span $ch2</span>);

Here, the same cookie is used so that the server can identify it directly.

<span $content_login</span>=curl_exec(<span $ch2</span>);

This is the content obtained from the web page.

<span print_r</span>(<span $content_login</span>);

This is to print out the obtained content. If you are careful, you can find:

in front of it.

<span $content_login</span>='1';

I commented out this sentence. This is what I use to test whether the data can be modified. When I obtained the class schedule, I couldn't modify the obtained data. I don't know why, but it can be done here.

If the account password is wrong, a dialog box will pop up as shown on the website to show that the account password is wrong. In this way, just add another student_id to the data table. An account can only be used once.

　

I really hope that this time I can really stop ticket fraud. I am exhausted.

Thank you also to netizens. The verification code of Mogujie is really good. I also figured it out and will share it with you tomorrow. However, the ticket brush has a function that allows you to enter the verification code manually. This is useless, so I gave up the verification code.

I will be scolded to death by those people.

　

Please indicate the source when reprinting: http://www.cnblogs.com/yydcdut/p/3472248.html

http://www.bkjia.com/PHPjc/626633.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/626633.htmlTechArticleFollowing the last essay about the ticket fraud, I decided to try it with each student’s password to log in to the Academic Affairs Office. Although I did this when I was doing WeChat development at the beginning of school. First...