How to do logins using the WinHttpRequest COM?
You can see lots of people automating things on websites using mouseclick and keystroke simulation on browser windows or using the IE COM, but for some applications you don\
-
I already posted this on the AHK forums, but I think the information is useful enough to get archived on Stackoverflow as well. :)
Tools & getting started
First of all, if you want to do things like logins, you should probably learn some HTML and the basics about the HTTP protocol. Fiddler and SetProxy(2,"localhost:8888") will help you A LOT with the debugging and reverse engineering. I also recommend using an add on for your browser to quickly clean your cookies.
Example 1 (IP Board forums)
Okay, now let's take a look at some examples. What would a login to the autohotkey.com forum look like?
To reverse engineer the login of taht site I simply analyzed the browsers HTTP requests to autohotkey.com (use Fiddler or F12 in your browser for that) and by some trial and error I was able to minimize it to the basics. We need exactly two requests and the login needs one request header, as well as 3 POST data parameters.Here is what we are basically gonna do:
- Do a simple GET request on http://www.autohotkey.com/board/index.php?app=core&module=global§ion=login
- Extract the auth_key parameter form the login form from the response body (ResponseText)
- Create the POST data string containing the auth_key parameter as well as the username, password and rememberMe parameter for the login
- Set the Content-Type header for the next request
- Send the POST data string to http://www.autohotkey.com/board/index.php?app=core&module=global§ion=login&do=process
- Analyze the response body checking if the HTML documents title starts with the words "Sign In". If so, then you're obviously not signed in (the login failed/wrong login data). If the title is different, then the login was successfull.
Example 1 code
;Prepare our WinHttpRequest object HttpObj := ComObjCreate("WinHttp.WinHttpRequest.5.1") ;HttpObj.SetProxy(2,"localhost:8888") ;Send data through Fiddler HttpObj.SetTimeouts(6000,6000,6000,6000) ;Set timeouts to 6 seconds ;HttpObj.Option(6) := False ;disable location-header rediects ;Set our URLs loginSiteURL := "http://www.autohotkey.com/board/index.php?app=core&module=global§ion=login" loginURL := "http://www.autohotkey.com/board/index.php?app=core&module=global§ion=login&do=process" ;Set our login data username := "Brutosozialprodukt" password := "xxxxxxxxxxxxxx" rememberMe := "1" ;Step 1 HttpObj.Open("GET",loginSiteURL) HttpObj.Send() ;Step 2 RegExMatch(HttpObj.ResponseText,"Sign In")) MsgBox, The login failed! Else MsgBox, Login was successfull! </code></pre> <p>This will probably work for most IPB forums if change the URLs properly. </p> <h2>Example 2 (phpbb forums)</h2> <p>Let's do another login to the new/other AHK forum (this will be much easier).</p> <ol> <li>Create the POST data containing username, password and the autologin parameter</li> <li>Set the Content-Type header</li> <li>Send the POST data to http://ahkscript.org/boards/ucp.php?mode=login</li> <li>Analyze the response body checking if the HTML documents title starts with the word "Login". If so, then you're obviously not logged in yet (the login failed/wrong login data). If the title is different, then the login was successfull.</li> </ol> <p><strong>Example 2 code</strong> </p> <pre><code>;Prepare our WinHttpRequest object HttpObj := ComObjCreate("WinHttp.WinHttpRequest.5.1") ;HttpObj.SetProxy(2,"localhost:8888") ;Send data through Fiddler HttpObj.SetTimeouts(6000,6000,6000,6000) ;Set timeouts to 6 seconds ;HttpObj.Option(6) := False ;disable location-header rediects ;Set our URLs loginURL := "http://ahkscript.org/boards/ucp.php?mode=login" ;Set our login data username := "Brutosozialprodukt" password := "xxxxxxxxxxxxxx" autologin := "on" ;Step 1 loginBody := "username=" username "&password=" password "&autologin=" autologin "&login=Login" ;Step 2/3 HttpObj.Open("POST",loginURL) HttpObj.SetRequestHeader("Content-Type","application/x-www-form-urlencoded") HttpObj.Send(loginBody) ;Step 4 If (InStr(HttpObj.ResponseText,"<title>Login")) MsgBox, The login failed! Else MsgBox, Login was successfull! </code></pre> <p>This will probably work for most phpbb forums if change the URLs properly. </p> </p> <div class="appendcontent"> </div> </div> <div class="jieda-reply"> <span class="jieda-zan button_agree" type="zan" data-id='1278058'> <i class="iconfont icon-zan"></i> <em>0</em> </span> <span type="reply" class="showpinglun" data-id="1278058"> <i class="iconfont icon-svgmoban53"></i> 讨论(0) </span> <div class="jieda-admin"> </div> </div> <div class="comments-mod " style="display: none; float:none;padding-top:10px;" id="comment_1278058"> <div class="areabox clearfix"> <form class="layui-form" action=""> <div class="layui-form-item"> <label class="layui-form-label" style="padding-left:0px;width:60px;">发布评论:</label> <div class="layui-input-block" style="margin-left:90px;"> <input type="text" placeholder="不少于5个字" AUTOCOMPLETE="off" class="comment-input layui-input" name="content" /> <input type='hidden' value='0' name='replyauthor' /> </div> <div class="mar-t10"><span class="fr layui-btn layui-btn-sm addhuidapinglun" data-id="1278058">提交评论 </span></div> </div> </form> </div> <hr> <ul class="my-comments-list nav"> <li class="loading"> <img src='https://www.e-learn.cn/qa/static/css/default/loading.gif' align='absmiddle' /> 加载中... </li> </ul> </div> </li> </ul> <div class="layui-form layui-form-pane"> <form id="huidaform" name="answerForm" method="post"> <div class="layui-form-item layui-form-text"> <a name="comment"></a> <div class="layui-input-block"> <script type="text/javascript" src="https://www.e-learn.cn/qa/static/js/neweditor/ueditor.config.js"></script> <script type="text/javascript" src="https://www.e-learn.cn/qa/static/js/neweditor/ueditor.all.js"></script> <script type="text/plain" id="editor" name="content" style="width:100%;height:200px;"></script> <script type="text/javascript"> var isueditor=1; var editor = UE.getEditor('editor',{ //这里可以选择自己需要的工具按钮名称,此处仅选择如下五个 toolbars:[['source','fullscreen', '|', 'undo', 'redo', '|', 'bold', 'italic', 'underline', 'fontborder', 'strikethrough', 'removeformat', 'formatmatch', 'autotypeset', 'blockquote', 'pasteplain', '|', 'forecolor', 'backcolor', 'insertorderedlist', 'insertunorderedlist', 'selectall', 'cleardoc', '|', 'rowspacingtop', 'rowspacingbottom', 'lineheight', '|', 'customstyle', 'paragraph', 'fontfamily', 'fontsize', '|', 'indent', '|', 'justifyleft', 'justifycenter', 'justifyright', 'justifyjustify', '|', 'link', 'unlink', 'anchor', '|', 'simpleupload', 'insertimage', 'scrawl', 'insertvideo', 'attachment', 'map', 'insertcode', '|', 'horizontal', '|', 'preview', 'searchreplace', 'drafts']], initialContent:'', //关闭字数统计 wordCount:false, zIndex:2, //关闭elementPath elementPathEnabled:false, //默认的编辑区域高度 initialFrameHeight:250 //更多其他参数,请参考ueditor.config.js中的配置项 //更多其他参数,请参考ueditor.config.js中的配置项 }); editor.ready(function() { editor.setDisabled(); }); $("#editor").find("*").css("max-width","362px"); </script> </div> </div> <div class="layui-form-item"> <label for="L_vercode" class="layui-form-label">验证码</label> <div class="layui-input-inline"> <input type="text" id="code" name="code" value="" required lay-verify="required" placeholder="图片验证码" autocomplete="off" class="layui-input"> </div> <div class="layui-form-mid"> <span style="color: #c00;"><img class="hand" src="https://www.e-learn.cn/qa/user/code.html" onclick="javascript:updatecode();" id="verifycode"><a class="changecode" href="javascript:updatecode();"> 看不清?</a></span> </div> </div> <div class="layui-form-item"> <input type="hidden" value="454078" id="ans_qid" name="qid"> <input type="hidden" id="tokenkey" name="tokenkey" value=''/> <input type="hidden" value="How to do logins using the WinHttpRequest COM?" id="ans_title" name="title"> <div class="layui-btn layui-btn-disabled" id="ajaxsubmitasnwer" >提交回复</div> </div> </form> </div> </div> <input type="hidden" value="454078" id="adopt_qid" name="qid" /> <input type="hidden" id="adopt_answer" value="0" name="aid" /> </div> <div class="layui-col-md4"> <!-- 热门讨论问题 --> <dl class="fly-panel fly-list-one"> <dt class="fly-panel-title">热议问题</dt> <!-- 本周热门讨论问题显示10条-->
