Automatic notification of readers about the news using VKontakte. Part 3
Those who have used the vk.wallpost.php class up to this time may have encountered a problem with the operation of this script on the hosting. This class was written by the user xbreaker and disassembled in detail in parts in the articles: Part 1 and Part 2 .
The script works great on the local computer. But when you upload it to the hosting, it stops sending messages.
In fact, for a long time I could not understand what the problem was. I tried to track all calls to curl, and found that the user is authenticated (receives cookies with the sid field), but he does not want to send messages, moreover, after this attempt, he lost authorization altogether. The reason could lie either in the hosting settings, or because the VKontakte service blocked the entrance to the site.
')
I dropped the first, because I was sure that the script does not contain any sophisticated constructions that cannot work on a normally configured hosting. It seemed to me that "VKontakte" blocks the ip address of some hosters, but this would be a complete perversion for the administrators of "VKontakte".
The reason turned out to be quite banal. After a few hours spent empty, I decided to deduce what the VKontakte service gives back:
Now it became obvious that this is indeed a lock. It now remains to bypass it.
The first thing we need is the last four digits of the phone number, as written in the message. To view the response headers when sending the code, I used the anonymizer and browser inspector:
It can be seen that we need two additional parameters for sending this code: “hash” and “to”, which can be obtained on the page with the request for this code (since these data are sent via AJAX, they are written in JS code).
I compiled the following expressions for parsing:
And added them to the getParams () function:
Those. now we get from the page except aydishnikov also these two parameters.
Now you can make a function to enter this code:
It uses the property of the $ this-> code class, which I declared above.
This property is set in the constructor, so now the class is created as follows:
Now the script works on hosting. But still, there remains one problem: if the authorization parameters of the VKontakte service change, the script will stop working.
A working script with an example is here .
Thanks again to the author of the class. I hope he will not be offended for the corrections.
The script works great on the local computer. But when you upload it to the hosting, it stops sending messages.
Search problem
In fact, for a long time I could not understand what the problem was. I tried to track all calls to curl, and found that the user is authenticated (receives cookies with the sid field), but he does not want to send messages, moreover, after this attempt, he lost authorization altogether. The reason could lie either in the hosting settings, or because the VKontakte service blocked the entrance to the site.
')
I dropped the first, because I was sure that the script does not contain any sophisticated constructions that cannot work on a normally configured hosting. It seemed to me that "VKontakte" blocks the ip address of some hosters, but this would be a complete perversion for the administrators of "VKontakte".
The reason turned out to be quite banal. After a few hours spent empty, I decided to deduce what the VKontakte service gives back:
Now it became obvious that this is indeed a lock. It now remains to bypass it.
Solution to the problem
The first thing we need is the last four digits of the phone number, as written in the message. To view the response headers when sending the code, I used the anonymizer and browser inspector:
It can be seen that we need two additional parameters for sending this code: “hash” and “to”, which can be obtained on the page with the request for this code (since these data are sent via AJAX, they are written in JS code).
I compiled the following expressions for parsing:
preg_match_all('/hash: \'(.+?)\'/i', $r, $f4);
preg_match_all('/[, ]to: \'(.+?)\'/i', $r, $f5);
And added them to the getParams () function:
private function getParams()
{
$c=$this->getCurl();
curl_setopt($c, CURLOPT_REFERER, 'http://vkontakte.ru/settings.php');
curl_setopt($c, CURLOPT_URL, $this->wallURL); //
$r = curl_exec($c);
preg_match_all('/"post_hash":"(\w+)"/i', $r, $f1);
preg_match_all('/"user_id":(\d+),/i', $r, $f2);
preg_match_all('/handlePageParams\(\{"id":(\d+),/i', $r, $f3);
preg_match_all('/hash: \'(.+?)\'/i', $r, $f4);
preg_match_all('/[, ]to: \'(.+?)\'/i', $r, $f5);
$f = array(
'post_hash' => @$f1[1][0], //
'user_id' => @$f2[1][0],
'my_id' => @$f3[1][0], //id
'hash' => @$f4[1][0],
'to' => @$f5[1][0]);
if ($this->wallId=="")
$this->wallId=$f["my_id"];
return $f;
}
Those. now we get from the page except aydishnikov also these two parameters.
Now you can make a function to enter this code:
private function check($params) {
$c = curl_init();
$params = 'code='. $this->code. '&act=security_check&to='. $params['to']. '&hash=' .$params['hash']. '&al_page=';
curl_setopt($c, CURLOPT_URL,'http://vkontakte.ru/login.php');
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
@curl_setopt($c, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($c, CURLOPT_COOKIEJAR, $this->_cookies);
curl_setopt($c, CURLOPT_COOKIEFILE, $this->_cookies);
curl_setopt($c, CURLOPT_POST, 1);
curl_setopt($c, CURLOPT_USERAGENT, $this->userAgent);
curl_setopt($c, CURLOPT_POSTFIELDS, $params);
$this->execCurl($c, 'check');
return true;
}
It uses the property of the $ this-> code class, which I declared above.
This property is set in the constructor, so now the class is created as follows:
$vk = new vk_wallpost($login, $pass, $code, $wallURL, $wallId="");Using
Now the script works on hosting. But still, there remains one problem: if the authorization parameters of the VKontakte service change, the script will stop working.
A working script with an example is here .
Thanks again to the author of the class. I hope he will not be offended for the corrections.
Source: https://habr.com/ru/post/134478/
All Articles