-1
I was able to do what I wanted, but how do I check to see if the user data is correct?
In the previous question I asked how to get all cookies if really the user and password exists on Twitter, I managed to do this with the code I will put here.
But how do I verify that the data is correct?
If it shows the message: Correct login and password, otherwise show me Incorrect login and password.
My code:
<?php
$username = 'pdosilva1020';
$password = '';
function start($username, $password) {
$request = curl_init();
curl_setopt_array($request, [
CURLOPT_URL => 'https://twitter.com',
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => false,
CURLOPT_HEADER => true,
CURLOPT_COOKIEJAR => getcwd() . '/cookies/' . $username . '.txt',
CURLOPT_USERAGENT => $_SERVER['HTTP_USER_AGENT'],
CURLOPT_HEADERFUNCTION => function($curl, $header) use (&$cookie) {
if (stripos($header, 'Set-Cookie:') === 0) {
if (preg_match('/^Set-Cookie: \s*([^;]*)/i', $header, $matches)) {
$cookie .= $matches[1] . '; ';
}
}
return strlen($header);
}
]
);
$response = curl_exec($request);
preg_match('/value="(.*?)" name="authenticity_token"/', $response, $matches);
$authenticity_token = $matches[1];
$post_fields = http_build_query([
'session' => [
'username_or_email' => $username,
'password' => $password
],
'return_to_ssl' => true,
'scribe_log' => '',
'redirect_after_login' => '/',
'authenticity_token' => $authenticity_token
]
);
curl_setopt_array($request, [
CURLOPT_URL => 'https://twitter.com/sessions',
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS => $post_fields,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => false,
CURLOPT_HEADER => true,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_COOKIE => $cookie,
CURLOPT_USERAGENT => $_SERVER['HTTP_USER_AGENT'],
CURLOPT_HTTPHEADER => [
'accept-language: pt-BR,pt;q=0.8,en-US;q=0.6,en;q=0.4',
'content-type: application/x-www-form-urlencoded',
'origin: https://twitter.com',
'referer: https://twitter.com/login',
],
]
);
$response = curl_exec($request);
curl_close($request);
}
var_dump(start($username, $password));
You left your user and password exposed in the code and still published here.
– Inkeliz