POST Form bot with PHP & cURL

1. <?php
2.  
3. //       _____                      _                   _     _           _                
4. //      |  ___|__  _ __ _ __ ___   (_)_ __  _ __  _   _| |_  | |__   ___ | |_              
5. //      | |_ / _ \| '__| '_ ` _ \  | | '_ \| '_ \| | | | __| | '_ \ / _ \| __|              
6. //      |  _| (_) | |  | | | | | | | | | | | |_) | |_| | |_  | |_) | (_) | |_              
7. //      |_|  \___/|_|  |_| |_| |_| |_|_| |_| .__/ \__,_|\__| |_.__/ \___/ \__|              
8. //      __        ___ _   _        ____ ___|_|____  _____   _                              
9. //      \ \      / (_) |_| |__    / ___/ ___||  _ \|  ___| | |__  _   _ _ __   __ _ ___ ___
10. //       \ \ /\ / /| | __| '_ \  | |   \___ \| |_) | |_    | '_ \| | | | '_ \ / _` / __/ __|
11. //        \ V  V / | | |_| | | | | |___ ___) |  _ <|  _|   | |_) | |_| | |_) | (_| \__ \__ \
12. //         \_/\_/  |_|\__|_| |_|  \____|____/|_| \_\_|     |_.__/ \__, | .__/ \__,_|___/___/
13. //                 by Erik Keresztes (fiverr.com/erik_keresztes)  |___/|_|                  
14.  
15.  
16. function getStringBetween($string, $start, $end)
17. {
18.     $string = ' ' . $string; // add space to start of string
19.    
20.     // find ending position of $start
21.     $startpos = strpos($string, $start);
22.     if (!$startpos) return ''; // if can't find $start in $string return empty string
23.     $startpos += strlen($start);
24.    
25.     // get length between $start and $end
26.     $length = strpos($string, $end, $startpos) - $startpos;
27.    
28.     return substr($string, $startpos, $length);
29. }
30.  
31. $url = 'redacted';
32. $cookies = realpath('cookies.txt');
33. $userAgent = 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/32.0.1700.107 Chrome/32.0.1700.107 Safari/537.36';
34.  
35.  
36.  
37.  
38.  
39. // FIRST REQUEST (to get the token)
40.  
41. $ch = curl_init(); // open connection
42.  
43. // set curl options
44. curl_setopt($ch, CURLOPT_URL, $url);
45. curl_setopt($ch, CURLOPT_USERAGENT, $userAgent);
46. curl_setopt($ch, CURLOPT_COOKIEJAR, $cookies);
47. curl_setopt($ch, CURLOPT_COOKIEFILE, $cookies);
48. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
49.  
50. // execute request and get webpage source
51. $result = curl_exec($ch);
52.  
53. curl_close($ch); // close connection
54.  
55. // get CSRF token from webpage source
56. $token = getStringBetween($result, '<meta name="csrf-token" content="', '">');
57.  
58.  
59.  
60.  
61.  
62. // SECOND REQUEST
63.  
64. // set POST variables
65. $fields = array(
66.    '_token' => $token,
67.    'type' => 'unknown',
68.    'rating' => 5,
69.    'comment' => 'This is a test'),
70.    'name' => 'POST bot'
71. );
72.  
73. // build the urlencoded data
74. $postfields = http_build_query($fields);
75.  
76. $ch = curl_init(); // open curl connection
77.  
78. // set curl options
79. curl_setopt($ch, CURLOPT_URL, $url);
80. curl_setopt($ch, CURLOPT_USERAGENT, $userAgent);
81.  
82. curl_setopt($ch, CURLOPT_COOKIEJAR, $cookies);
83. curl_setopt($ch, CURLOPT_COOKIEFILE, $cookies);
84.  
85. curl_setopt($ch, CURLOPT_POST, count($fields));
86. curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);
87. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
88.  
89. curl_exec($ch); // execute post
90.  
91. curl_close($ch); // close connection
92.  
93. ?>