Python to PHP Login System (HTTP Post)

test at test.test test at test.test
Sat Jun 24 14:56:17 EDT 2006 

On Sat, 24 Jun 2006 01:28:29 GMT, jjlee at reportlab.com (John J. Lee)
wrote:

>test at test.test writes:
>
>> On 22 Jun 2006 16:19:50 -0700, "Justin  Azoff"
>> <justin.azoff at gmail.com> wrote:
>> 
>> >Jeethu Rao wrote:
>> >> You need to use httplib.
>> >> http://docs.python.org/lib/httplib-examples.html
>> >>
>> >> Jeethu Rao
>> >
>> >Not at all.  They need to read the documentation for urrlib:
>> >
>> >http://docs.python.org/lib/module-urllib.html
>> >http://docs.python.org/lib/node483.html
>> >"The following example uses the "POST" method instead:"....
>> >
>> >Additionally, they probably need to use cookielib, otherwise the logged
>> >in state will not be persistant.
>
>Or you may not be able to log in at all, for an everyday meaning of
>"log in".
>
>
>> Here's what's strange... I tried using urllib like this:
>> ----------------------------------------------------------------------------------
>> try:
>> 	msparams = urllib.urlencode({'user':
>> self.components.User.text, 'pass':
>> self.components.MagnetSharePassword.text, 'sublogin': 1})
>> 	 f = urllib.urlopen("http://www.magnetshare.com/process.php",
>> msparams)
>> 	fc = f.read()
>> 	fc.close()
>> 	print fc
>> except:
>> 	self.statusBar.text = "Disconnected"
>> 	result = dialog.alertDialog(self, 'Couldn\'t connect to
>> MagnetShare.com! Please check your Internet connection, and then try
>> again.')
>> else:
>> 	print fc
>> -----------------------------------------------------------------------------------
>> ...and then I visited http://www.magnetshare.com/main.php to see if I
>> was logged in. Sure enough I was logged in, but the exception was
>
>That's not how it works (assuming you visited that URL in a browser,
>not using Python).  The "logged-in-ness" comes from a "session ID"
>cookie that is stored in your browser (or in your Python code).  The
>server sends a cookie when you log in (and usually stores your cookie
>in a database).  The browser keeps the cookie.  When you come back
>later using the same browser (maybe even after you've closed the
>browser, if it's the right kind of cookie), your browser sends the
>cookie back and the server looks up the session ID from that cookie in
>the database, and sees it's you.
>
>If you come back using a different browser (and your Python program is
>effectively just a different browser than your copy of Firefox or IE
>or whatever), then the server won't remember who you are, so you're
>not logged in *in that browser session*, even if the server has you
>recorded in its database as logged in from a different browser
>session.
>
>So, the fact that you saw yourself as logged in when you looked using
>your web browser doesn't really help your Python program -- it's still
>out in the cold.
>
>
>> thrown anyway. I commented out the urlopen, f, and fc  lines and
>> tested it again. This time I made it to "else:"
>> 
>> I'm stumped. I'm glad that the user can log in; however, the
>> MagnetShare application needs to read in the response from the server,
>> and then decide what to do with the information.
>
>Here's one way:
>
>easy_install mechanize
>
>(install easy_install first if you don't have that:
>
>http://peak.telecommunity.com/DevCenter/EasyInstall#installing-easy-install
>
>)
>
>#-------------------------------
>import mechanize
>
>SHOW_COOKIES = True
>
>br = mechanize.Browser()
>if SHOW_COOKIES:
>    cj = mechanize.CookieJar()
>    br.set_cookiejar(cj)
>br.open("http://www.magnetshare.com/main.php")
>br.select_form(nr=0)
>br["user"] = "joe"
>br["pass"] = "password"
>r = br.submit()
>assert "Logged In" in r.get_data()
>if SHOW_COOKIES:
>    for cookie in cj:
>        print cj
>#-------------------------------
>
>
>(note the cookiejar is always there; you only need to create one and
>pass it in in order to get at it to e.g. print out the cookies you've
>collected)
>
>
>John

Thanks a lot John! This "mechanize" was exactly what I was looking
for. There are some key improvements over urllib2 and also, cookies
are turned on by default.

Just an FYI for others, PHP can set $SESSIONID when the user refuses
cookies. I haven't decided whether the application will use cookies or
not, but luckily I got the login page response I was looking for. Now,
I just parse the HTML using Python, and then go to the next screen in
the MagnetShare application.

Here's the test code I used.
---------------------------------------------------------------------------------------
import mechanize

br = mechanize.Browser()
br.open("http://www.magnetshare.com/main.php")
br.select_form(nr=0)
br["user"] = "test2"
br["pass"] = "test2"
response1 = br.submit()
fc = response1.read()
print fc
----------------------------------------------------------------------------------------

Cheers!

Ben

More information about the Python-list mailing list