0

here is the code 

<?php

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, 'http://page/');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "frashnum=&action=login&Frm_Logintoken=4&Username=admin&Password=admin");
curl_setopt($ch, CURLOPT_POST, 1);

$headers = array();
$headers[] = 'Content-Type: application/x-www-form-urlencoded';
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

$result = curl_exec($ch);
if (curl_errno($ch)) {
    echo 'Error:' . curl_error($ch);
}
curl_close ($ch);

?>

i got it using Curl-to-PHP

by converting this command to php

curl "http://page/" --data "frashnum=&action=login&Frm_Logintoken=24&Username=admin&Password=admin"

and i need to get the value of the login token using this XMLHttpRequest request and js code first 

<!DOCTYPE html>
<html>
<body>

<script>

httpRequest = new XMLHttpRequest()
httpRequest.onreadystatechange = function() {
if (httpRequest.readyState == XMLHttpRequest.DONE) {
       let str =(httpRequest.responseText);
       alert(str)
       let pattern =/\bgetObj\("Frm_Logintoken"\)\.value = "([^"]+)";/;
       console.log(str.match(pattern)[1]);

    }
}
httpRequest.open('GET', 'http://page/', true);
httpRequest.send(null);

</script>

</body>
</html>

so i need to replace the Frm_Logintoken value with the console.log(str.match(pattern)1); result

what i have tried and failed 

<!DOCTYPE html>
<html>
<body>
<script>   
var xhr = new XMLHttpRequest();
xhr.open('post','http://page/', true);
xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
xhr.onload = function () {
    // do something to response
    console.log(this.responseText);

};
xhr.send('document.getElementById("Frm_Username").value = "test"');
xhr.send('document.getElementById("Frm_Password").value = "test"');
xhr.send('function dosubmit()'); 
</script>
</body>
</html>

it give me this error

Uncaught DOMException: Failed to execute 'send' on 'XMLHttpRequest': The object's state must be OPENED.

And i don't know how to define the match console.log(str.match(pattern)[1]); results out of the function in the first js code

and there is something that i am Not sure about do i need the login token just like the php code or i can just insert the data then use the function function dosubmit() that's in the code of the page we are sending the data to !

mina nageh
  • 143
  • 2
  • 2
  • 13
  • Here's an example of how to do a POST request https://stackoverflow.com/questions/9713058/send-post-data-using-xmlhttprequest In your example above you are doing a GET(and in PHP it's post). – man0v Jun 10 '19 at 12:13
  • @man0v i am doing GET to have Frm_Logintoken value first ! – mina nageh Jun 10 '19 at 12:16
  • and there is something that i am Not sure about do i need the login token just like the php code or i can just insert the data then use the function `function dosubmit()` that's in the code of the page we are sending the data to ! – mina nageh Jun 10 '19 at 12:38

1 Answers1

0

In order to make an HTTP POST request in JavaScript you can use something like this(as shown here Send POST data using XMLHttpRequest)

var http = new XMLHttpRequest();
var url = 'http://page/';
var params = 'frashnum=&action=login&Frm_Logintoken=4&Username=admin&Password=admin';
http.open('POST', url, true);

//Send the proper header information along with the request
http.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');

http.send(params);
man0v
  • 654
  • 3
  • 13
  • thanks mate it worked... but about the " i don't know how to define the match console.log(str.match(pattern)[1]); results out of the function in the first js code " here is a code that shows the response text and logins and matches the token out of the response .. https://www.pastiebin.com/5cfe549855d1a .... and i wonder why we didn't use the function dosubmit() ? as it will make the thing a lot easier cause it will help us to avoid the login token extracting part ! – mina nageh Jun 10 '19 at 13:04
  • and how do i request another page after we successfully login ? on the domain like http://page/test2/ and get it's response text ! @man0v – mina nageh Jun 10 '19 at 13:18
  • these are separate questions and this is getting out of the scope of stackoverflow. There are plenty of examples on stackoverflow as well. I really can't answer any better than that – man0v Jun 10 '19 at 15:20
  • i looked at a lot of questions but didn't find my answer !! .. i am getting results is not defined when trying to get it after returning it from the function in the this line `http.onload = function () {` i think the problem is the = cause i removed it and i was able to return the value but this ruins the rest of the code !! – mina nageh Jun 10 '19 at 15:36