It doesn’t work because Facebook requires you to send more information. Simply monitoring the network traffic you can see that the "Login" is done in:
https://m.facebook.com/login/async/
It also sends a lot of data and not simply "email" and "password":
m_ts:
li:
try_number:
unrecognized_tries:
email:
pass:
m_sess:
fb_dtsg:
lsd:
__dyn:
__req:
__ajax__:
__user:
If you disable Javascript it will use https://m.facebook.com/login.php
, the same pointed by your URL, but containing in the body the information:
lsd:
m_ts:
li:
try_number:
unrecognized_tries:
email:
pass:
login:
_fb_noscript:
So you need to figure out how they are generated what they mean and then play this in Curl, so you can log in.
If you keep sending only email
and pass
you will never be able to access, at least it would not be logical for Facebook to allow this, maybe some information may not be sent, but this will have to be tested one by one.
Remember that Facebook has an API using Oauth, which is much safer than using login/password.