HTTP协议分析系列（六）------php+socket+cookie请求

以www.verycd.com为例

在火狐浏览器登录wuming88888888账号为发送方

在chrome浏览器登录wuming1990账号为接收方

分析发送方的表单

分析提交页源代码POST的数据

[php] view plain copy

1. <?php   
2. require('./http.class.php');  
3. $http=new Http('http://home.verycd.com/cp.php?ac=pm&op=send&touid=0&pmid=0');  
4. $msg=array(  
5.     'formhash'=>'10fe754a',  
6.     'message'=>'你好',  
7.     'pmsubmit'=>true,  
8.     'pmsubmit_btn'=>'发送',  
9.     'refer'=>'http://home.verycd.com/space.php?do=pm&filter=privatepm',  
10.     'username'=>'wuming1990'  
11. );  
12. file_put_contents('./res.html',$http->post($msg));  
13.   
14. ?>  

打开res.html,分析源代码

[php] view plain copy

1. HTTP/1.1 301 Moved Permanently  
2. Server: nginx  
3. Date: Fri, 05 Dec 2014 06:57:05 GMT  
4. Content-Type: text/html  
5. Transfer-Encoding: chunked  
6. Connection: close  
7. Set-Cookie: sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com  
8. Set-Cookie: member_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com  
9. Set-Cookie: member_name=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com  
10. Set-Cookie: pass_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com  
11. Set-Cookie: rememberme=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com  
12. Set-Cookie: mgroupId=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com  
13. Set-Cookie: coppa=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com  
14. Set-Cookie: uchome_auth=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com  
15. Set-Cookie: uchome_loginuser=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com  
16. Location: http://www.verycd.com/account/profile/  
17. Set-Cookie: uchome__refer=cp.php%253Fac%253Dprofile; path=/; domain=.verycd.com  
18.   
19. 33fc  

调试查看自己发送的是什么内容？

[php] view plain copy

1. 这时候我们可以分析出错误出现在第一行  
2. 打印该对象  
3. Http Object  
4. (  
5.     [errno:protected] => 0  
6.     [errstr:protected] =>   
7.     [response:protected] =>   
8.     [url:protected] => Array  
9.         (  
10.             [scheme] => http  
11.             [host] => home.verycd.com  
12.             [path] => /cp.php  
13.             [query] => ac=pm&op=send&touid=0&pmid=0  
14.             [port] => 80  
15.         )  
16.   
17.     [version:protected] => HTTP/1.1  
18.     [fh:protected] => Resource id #3  
19.     [line:protected] => Array  
20.         (  
21.             [0] => POST /cp.php HTTP/1.1  
22.         )  
23.   
24.     [header:protected] => Array  
25.         (  
26.             [0] => Host:home.verycd.com  
27.             [1] => Content-type:application/x-www-form-urlencoded  
28.             [2] => Content-length:185  
29.         )  
30.   
31.     [body:protected] => Array  
32.         (  
33.             [0] => formhash=10fe754a&message=%E4%BD%A0%E5%A5%BD&pmsubmit=1&pmsubmit_btn=%E5%8F%91%E9%80%81&refer=http%3A%2F%2Fhome.verycd.com%2Fspace.php%3Fdo%3Dpm%26filter%3Dprivatepm&username=wuming1990  
34.         )  
35.   
36. )  

[php] view plain copy

1. 修改我们的http类  
2.   
3. <pre name="code" class="php"> //http请求类的接口  
4. interface Proto{  
5.     //连接url  
6.     function conn($url);  
7.     //发送get查询  
8.     function get();  
9.     //发送post查询  
10.     function post();  
11.     //关闭连接  
12.     function close();  
13. }  
14. class Http implements Proto{  
15.     const CRLF="\r\n";  
16.     protected $errno=-1;  
17.     protected $errstr='';  
18.     protected $response='';  
19.     protected $url=null;  
20.     protected $version='HTTP/1.1';  
21.     protected $fh=null;  
22.     protected $line=array();  
23.     protected $header=array();  
24.     protected $body=array();  
25.       
26.     public function __construct($url){  
27.         $this->conn($url);  
28.         $this->setHeader('Host:'.$this->url['host']);  
29.     }  
30.     //此方法负责写请求行  
31.     protected function setLine($method){  
32.         $this->line[0]=$method.' '.$this->url['path'].'?'.$this->url['query'].' '.$this->version;  
33.     }  
34.     //此方法负责写头信息  
35.     public function setHeader($headerline){  
36.         $this->header[]=$headerline;  
37.     }  
38.     //此方法负责写主体信息  
39.     protected function setBody($body){  
40.           
41.         $this->body[]=http_build_query($body);;  
42.     }  
43.     //连接url  
44.     function conn($url){  
45.         $this->url=parse_url($url);  
46.         //判断端口  
47.         if(!isset($this->url['port'])){  
48.             $this->url['port']=80;  
49.         }  
50.         $this->fh=fsockopen($this->url['host'],$this->url['port'],$this->errno,$this->errstr,3);  
51.     }  
52.     //构造get请求的数据  
53.     function get(){  
54.         $this->setLine('GET');  
55.         $this->request();  
56.         return $this->response;  
57.     }  
58.     //构造post请求的数据  
59.     function post($body=array()){  
60.         //构造主体信息  
61.         $this->setLine('POST');  
62.           
63.         //设置content-type  
64.         $this->setHeader('Content-type:application/x-www-form-urlencoded');  
65.         //设置主体信息，比GET不一样的地方  
66.         $this->setBody($body);  
67.         //计算content-length  
68.         $this->setHeader('Content-length:'.strlen($this->body[0]));  
69.         $this->request();  
70.         return $this->response;  
71.     }  
72.     //真正请求  
73.     function request(){  
74.         //把请求行，头信息，实体信息  放在一个数组里，便于拼接  
75.         $req=array_merge($this->line,$this->header,array(''),$this->body,array(''));  
76.         $req=implode(self::CRLF,$req);  
77. //      print_r($this);  
78. //      echo $req;  
79. //      exit;  
80.         fwrite($this->fh,$req);  
81.           
82.         while(!feof($this->fh)){  
83.             $this->response.=fread($this->fh,1024);  
84.         }  
85.           
86.         $this->close();//关闭连接  
87.         return $this->response;  
88.     }  
89.     //关闭连接  
90.     function close(){  
91.         fclose($this->fh);  
92.     }  
93. }  

生成如下POST /cp.php?ac=pm&op=send&touid=0&pmid=0 HTTP/1.1Host:home.verycd.comContent-type:application/x-www-form-urlencodedContent-length:185formhash=10fe754a&message=%E4%BD%A0%E5%A5%BD&pmsubmit=1&pmsubmit_btn=%E5%8F%91%E9%80%81&refer=http%3A%2F%2Fhome.verycd.com%2Fspace.php%3Fdo%3Dpm%26filter%3Dprivatepm&username=wuming1990

[php] view plain copy

1. HTTP/1.1 200 OK  
2. Server: nginx  
3. Date: Fri, 05 Dec 2014 07:11:39 GMT  
4. Content-Type: text/html  
5. Transfer-Encoding: chunked  
6. Connection: close  
7. Set-Cookie: sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com  
8. Set-Cookie: member_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com  
9. Set-Cookie: member_name=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com  
10. Set-Cookie: pass_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com  
11. Set-Cookie: rememberme=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com  
12. Set-Cookie: mgroupId=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com  
13. Set-Cookie: coppa=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com  
14. Set-Cookie: uchome_auth=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com  
15. Set-Cookie: uchome_loginuser=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.verycd.com  
16. Set-Cookie: uchome__refer=cp.php%253Fac%253Dpm; path=/; domain=.verycd.com  
17.   
18. 表示已成功，但是不完全，我们接着看res.html中的内容  
19. 在网页中有如下内容：表明需要先登录以后才能操作  

服务器怎么知道咱们没登陆的？

http一个很重要的特点：无状态，两次请求之间没有关系。

服务器如何记住一个客户？

 

建立cookie.PHP

[php] view plain copy

1. <?php  
2. header('content-type:text/html;charset=utf8');   
3. setcookie('user','zhangsan');  
4. echo '服务器给你的编号是zhangsan';  
5. ?>  

建立readcookie.php

[php] view plain copy

1. <?php  
2. header('content-type:text/html;charset=utf8');   
3. echo '服务器给你的编号是'.$_COOKIE['user'];  
4. ?>  

利用命令窗口提交请求

增加提交的信息

[php] view plain copy

1. <?php   
2. require('./http.class.php');  
3. $http=new Http('http://home.verycd.com/cp.php?ac=pm&op=send&touid=0&pmid=0');  
4. $http->setHeader('cookie:Hm_lvt_c7849bb40e146a37d411700cb7696e46=1417760419; Hm_lpvt_c7849bb40e146a37d411700cb7696e46=1417760610; post_action=repost; sid=7fd8c62c8d000561d658c4e25eccb6f791a8d4b6; member_id=9933070; member_name=wuming88888888; mgroupId=93; pass_hash=263b6d67494b1888f1e7b8cc227ea4bd; rememberme=true; uchome_auth=63a2o4ZG8YsPG1Tv4%2FIYiydpKrQVqgKgxAQgp%2FI5ZxYQIVjc8ad40VEyW2peEmnKYwKQ2qserNpgSOrxwXLKpDomid%2Fq; uchome_loginuser=wuming88888888; CNZZDATA1479=cnzz_eid%3D407399210-1417756656-http%253A%252F%252Fwww.verycd.com%252F%26ntime%3D1417756656; __utma=248211998.394160120.1417760633.1417760633.1417760633.1; __utmb=248211998.8.10.1417760633; __utmc=248211998; __utmz=248211998.1417760633.1.1.utmcsr=verycd.com|utmccn=(referral)|utmcmd=referral|utmcct=/account/profile/base/; __utmt=1; uchome_sendmail=1; uchome_checkpm=1; dcm=1');  
5. $msg=array(  
6.     'formhash'=>'10fe754a',  
7.     'message'=>'i am from wuming88888888',  
8.     'pmsubmit'=>true,  
9.     'pmsubmit_btn'=>'发送',  
10.     'refer'=>'http://home.verycd.com/space.php?do=pm&filter=privatepm',  
11.     'username'=>'wuming1990'  
12. );  
13. file_put_contents('./res.html',$http->post($msg));  
14. echo 'ok';  
15. ?>  

再看wuming1990的用户是否收到信息

（PS：如果发送不成功，表明COOKIE值不对，cookie的生成与请求头信息有关，保守做法：把全部请求头信息加到post请求里面）

[php] view plain copy

1. Accepttext/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8  
2.   
3. Accept-Encoding gzip, deflate  
4.   
5. Accept-Language zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3  
6.   
7. Connection keep-alive  
8.   
9. CookieHm_lvt_c7849bb40e146a37d411700cb7696e46=1417760419; Hm_lpvt_c7849bb40e146a37d411700cb7696e46=1417760610; post_action=repost; sid=7fd8c62c8d000561d658c4e25eccb6f791a8d4b6; member_id=9933070; member_name=wuming88888888; mgroupId=93; pass_hash=263b6d67494b1888f1e7b8cc227ea4bd; rememberme=true; uchome_auth=63a2o4ZG8YsPG1Tv4%2FIYiydpKrQVqgKgxAQgp%2FI5ZxYQIVjc8ad40VEyW2peEmnKYwKQ2qserNpgSOrxwXLKpDomid%2Fq; uchome_loginuser=wuming88888888; CNZZDATA1479=cnzz_eid%3D407399210-1417756656-http%253A%252F%252Fwww.verycd.com%252F%26ntime%3D1417756656; __utma=248211998.394160120.1417760633.1417760633.1417760633.1; __utmb=248211998.8.10.1417760633; __utmc=248211998; __utmz=248211998.1417760633.1.1.utmcsr=verycd.com|utmccn=(referral)|utmcmd=referral|utmcct=/account/profile/base/; __utmt=1; uchome_sendmail=1; uchome_checkpm=1; dcm=1  
10.   
11. Hosthome.verycd.com  
12.   
13. Refererhttp://home.verycd.com/cp.php?ac=pm  
14.   
15. User-Agent Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0  
16.   
17.    

书写格式：

$http->setHeader('红色字体:黑色字体');