mondel Posted January 18, 2011 Report Posted January 18, 2011 Hi all and thanks for this nice API for webui,I am trying to add a file to my webui server through php curl without success. I uploaded myfile.torrent on the same folder of the .php file and set the CHMOD of the folder and all the files to 777 and here is my code :<?php$file="myfile.torrent";$ch = curl_init("http://ip:port/gui/?action=add-file");curl_setopt($ch, CURLOPT_POST, TRUE);curl_setopt($ch, CURLOPT_USERPWD, "user:pass");curl_setopt($ch, CURLOPT_HTTPHEADERS,array('Content-Type: multipart/form-data'));curl_setopt($ch, CURLOPT_POSTFIELDS, "torrent_file=$file");curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);$out=curl_exec($ch);curl_close($ch);echo $out;?>Please help
DreadWingKnight Posted January 18, 2011 Report Posted January 18, 2011 Blatantly missing token authentication information.
mondel Posted January 19, 2011 Author Report Posted January 19, 2011 The line curl_setopt($ch, CURLOPT_USERPWD, "user:pass"); replaces the token authentication.
Ultima Posted January 19, 2011 Report Posted January 19, 2011 What? No it doesn't. Basic HTTP authentication is not token authentication.There are already PHP scripts available that handle the details for you. Why not just use them instead?
lithopsian Posted January 19, 2011 Report Posted January 19, 2011 Token auth is two steps. Get token in one request, then send the token in the actual command. Cookies and user/password are still required but curl handles them nearly automatically.I don't have a PHP script, but here is a shell script showing token auth for the ?add-url command:#!/bin/bash# Get tokenexport token=$(curl -G -s -c ~/.utorrent/ucookie.txt -n http://192.168.0.4:9091/gui/token.html|sed 's/<[^<>]*>//g')# echo $token# Add URLcurl -G -s -n -b ~/.utorrent/ucookie.txt -d token=$token -d action=add-url -d s="$1" http://192.168.0.4:9091/gui/Try that (or test with token auth disabled) and post back if it still doesn't work.
mondel Posted January 20, 2011 Author Report Posted January 20, 2011 Thank you all for your help. I just tried with add-url instead and it works fine now One last question for Ultima about token auth: when I pick the token from token.html and use it without HTML auth it doesn't log in. So what is the utility of the token auth? And should it let me log in to the webui and I have a problem with mine??
Ultima Posted January 20, 2011 Report Posted January 20, 2011 I'm really not sure what you mean. Are you thinking token authentication is a replacement for basic HTTP authentication or something? Because if so, then you'd be wrong. Both authentication systems are used to fix two distinct classes of security problems, and both complement each other in securing the WebUI backend.
mondel Posted January 20, 2011 Author Report Posted January 20, 2011 Yes, that was my question. Thanks.
lithopsian Posted January 21, 2011 Report Posted January 21, 2011 The token that is given out to curl would be accepted if supplied by your browser with the webui, although I don't know how you would persuade it to do that. It will not replace the need to log in to the webui and correctly exchange cookies. Once you have authenticated using a username and password you don't have to supply those again in subsequent requests in the same session but you will need to send the token each time.More practically you could use the same token in multiple curl sessions, or even in other applications you might write. I believe the token is acceptable for a minimum of 30 minutes from any source and for the whole duration of a particular session.
drfrog666 Posted February 9, 2011 Report Posted February 9, 2011 hello here is a simple perl script to upload torrents you may need to install the two required modules LWP::UserAgent and HTTP::Cookiesthats a quick thing on mac or linux sudo cpan LWP::UserAgent HTTP::Cookieshere it is all you need to change is the server username and password, ive made this to upload to my buffalo nas and you may or may not need the credentials part#!/usr/bin/perluse strict;use warnings;use HTTP::Cookies;use LWP::UserAgent;my @ns_headers = ( 'User-Agent' => 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20041107 Firefox/1.0', 'Accept' => 'image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*', 'Accept-Charset' => 'iso-8859-1,*,utf-8', 'Accept-Language' => 'en-US', );# config your server heremy $directory = "/place/to/upload/torrents/from"; #where your torrents are located local to the scriptmy $server = "192.168.1.25:9090";my $username = "user";my $password = "pass";my $upload_url = "http://$server/gui";my $token_url = "$upload_url/token.html";my $realm = "uTorrentEmbedded";# zero the cookie jarmy $ua = LWP::UserAgent->new();$ua->cookie_jar( { } );#login$ua->credentials( $server, $realm, $username => $password );# get tokenmy $response = $ua->get( $token_url , @ns_headers );my $return = ( $response->is_success && $response->as_string =~/token/) ? 1 : 0 ;# token scraping and verificationmy $token_page = $response->as_string;$token_page =~ /none\;\'\>(.+)\<\/div/g;my $token = undef;$token=$1;unless ($return ==1 && $token ){ print "not logged in or no token exiting";exit; }# get files and loop through them sending and uploadingopendir( DIR, $directory ) or die "can't opendir $directory: $!"; while ( defined( my$file = readdir( DIR ) ) ) { upload_file ( "$directory/$file" ) if $file =~/\.torrent$/; }closedir( DIR );sub upload_file { my $filename = shift; #make query string my %args = ( action => 'add-file', token =>$token,); my $query_string = join '&', map { "$_=$args{$_}" } keys %args; my $url = $upload_url . "/?" . $query_string; # post form content my @content = ( Content_Type => 'form-data', Content => [ torrent_file => [ $filename ], submit => 'ADD_FILE_OK', ] ); $response = $ua->post( $url, @ns_headers, @content ); $return = ($response->is_success && $response->as_string =~/build/) ? 1 : 0 ; unless ($return ==1 ) { print "upload not successful for $filename\n"; } else { unlink $filename; }}
chrispy9658 Posted July 5, 2013 Report Posted July 5, 2013 Sorry to reopen a dead thread.. but i got it working posting with php using a form, just incase anyone stumbles upon this.. I'll give a brief tutorial also..1) go to http://[ip]:[port]/gui/token.html2) View source on that page..3) you will see something similar to this:<html><div id='token' style='display:none;'>T2XFLY1j-KM2dOYOe1XNgryuGLAKDK48DJJTRD2nKWcCKiy4SLPu61SVx1lEAAAAA</div></html>4) copy the code (T2XFLY1J ... AAAAA) and paste in where I've put ##TOKEN###.5) replace [ip]:[port] at the begining of the form with your IP and port numbers.6) best of luck!<html> <body> <form action="http://[ip]:[port]/gui/" method="GET"> <input type="hidden" value="add-url" name="action"> <input type="text" placeholder="Magnet Link..." name="s" id="s"> <input type="hidden" value="##TOKEN##" name="token" id="token"> <input type="submit" value="submit"> </form> </body></html>
thatkookooguy Posted August 20, 2013 Report Posted August 20, 2013 Hey everybody!I'm trying to use the above code and I get an Unauthorized respond from my request. But using the same ip address, port, username, and password on chrome works just fine...so I can't understand what's the problem with my execution of the code. can anyone help?thanks
Recommended Posts
Archived
This topic is now archived and is closed to further replies.