Jump to content
trancexx

WinHTTP functions

Recommended Posts

Boundary line is some random string used as ...boundary line between boundaries. Can be anything (take this conditionally). Format of the boundary line for _WinHttpSimpleFormFill is that what you see for no particular reason.

Thanks for the code. I'll see what to do.


♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites

I think there's another bug in the function: Using debugbar I saw that the form which I want is the one whose id is 'login' (also it is the second form in the page so its index would be 1). Here is the code of the form:

<form action="http://www.portaliz.com/forum/index.php?app=core&amp;module=global&amp;section=login&amp;do=process" method="post" id='login'>
<input type='hidden' name='auth_key' value='880ea6a14ea49e853634fbdc5015a024' />
            
            <input type="hidden" name="referer" value="http://www.portaliz.com/forum/index.php?" />
            
            <div id='regular_signin'>
                <a id='_regularsignin'></a>
                <h3 class='bar'>Enter your sign in name and password</h3>
                <ul>
                    <li class='field'>

                        <label for='username'>Username:</label>
                        <input id='username' type='text' class='input_text' name='username' size='25' />
                    </li>
                    <li class='field'>
                        <label for='password'>Password:</label>
                        <input id='password' type='password' class='input_text' name='password' size='25' /><br />
                        <a href='http://www.portaliz.com/forum/index.php?app=core&amp;module=global&amp;section=lostpass' class='desc' title='Retrieve password'>I've forgotten my password</a>

                    </li>
                </ul>
                
                
                
            </div>
            
            
            <hr />
            <fieldset id='signin_options'>
                <legend>Sign in options</legend>
                <ul>
                    <li class='field checkbox'>

                        <input type='checkbox' id='remember' checked='checked' name='rememberMe' value='1' class='input_check' />
                        <label for='remember'>
                            Remember me<br />
                            <span class='desc'>This is not recommended for shared computers</span>
                        </label>
                    </li>
                    
                </ul>
            </fieldset>

            <fieldset class='submit'>
                <input type='submit' class='input_submit' value='Sign In' /> or <a href='http://www.portaliz.com/forum' title='Cancel' class='cancel'>Cancel</a>
            </fieldset>
        </form>

The problem is that when loggin in manually this is send:

POST /forum/index.php?app=core&module=global&section=login&do=process HTTP/1.1

Host: www.portaliz.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 (.NET CLR 3.5.30729)

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-Language: es-es,es;q=0.8,en-us;q=0.5,en;q=0.3

Accept-Encoding: gzip,deflate

Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7

Keep-Alive: 115

Connection: keep-alive

Referer: http://www.portaliz.com/forum/index.php?app=core&module=global&section=login

Cookie: session_id=0afdf2344ef10653f03c1f8aeaaaaaa

Content-Type: application/x-www-form-urlencoded

Content-Length: 146

auth_key=880ea6a14ea49e853634fbdc5015a024&referer=http%3A%2F%2Fwww.portaliz.com%2Fforum%2F&username=Myusername&password=Mypassword&rememberMe=1

HTTP/1.1 302 Found

Date: Wed, 12 Jan 2011 02:37:43 GMT

Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9

X-Powered-By: PHP/5.2.9

Set-Cookie: session_id=0afdf2344ef10653f03c1f8ae2e8aaaa; path=/; httponly

Set-Cookie: member_id=112444; expires=Thu, 12-Jan-2012 02:37:43 GMT; path=/; httponly

Set-Cookie: pass_hash=b91108b19a6666897b1e0d61f6faaaaa; expires=Wed, 19-Jan-2011 02:37:43 GMT; path=/; httponly

Set-Cookie: coppa=0; path=/

Set-Cookie: session_id=0afdf2344ef10653f03c1f8ae2eaaaa; path=/; httponly

Location: http://www.portaliz.com/forum/

Content-Length: 0

Keep-Alive: timeout=15, max=100

Connection: Keep-Alive

Content-Type: text/html

----------------------------------------------------------

http://www.portaliz.com/forum/

GET /forum/ HTTP/1.1

Host: www.portaliz.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 (.NET CLR 3.5.30729)

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-Language: es-es,es;q=0.8,en-us;q=0.5,en;q=0.3

Accept-Encoding: gzip,deflate

Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7

Keep-Alive: 115

Connection: keep-alive

Referer: http://www.portaliz.com/forum/index.php?app=core&module=global&section=login

Cookie: session_id=0afdf2344ef10653f03c1f8ae2eaaaa; member_id=112000; pass_hash=b91108b19a6666897b1e0d61f6faaaaa; coppa=0

HTTP/1.1 200 OK

Date: Wed, 12 Jan 2011 02:37:44 GMT

Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9

X-Powered-By: PHP/5.2.9

Set-Cookie: pass_hash=b91108b19a6666897b1e0d61f6fab6fe; expires=Wed, 19-Jan-2011 02:37:44 GMT; path=/; httponly

Set-Cookie: session_id=0afdf2344ef10653f03c1f8ae2e86386; path=/; httponly

Cache-Control: no-cache,must-revalidate, max-age=0

Expires: Tue, 11 Jan 2011 02:37:44 GMT

Pragma: no-cache

Content-Encoding: gzip

Vary: Accept-Encoding

Keep-Alive: timeout=15, max=99

Connection: Keep-Alive

Transfer-Encoding: chunked

Content-Type: text/html;charset=ISO-8859-1

But when using this code:

$handleopen = _WinHttpOpen("Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.13 (.NET CLR 3.5.30729)")
    $handleconnect = _WinHttpConnect($handleopen,'www.portaliz.com')    
        _WinHttpSetOption($hConnect, $WINHTTP_OPTION_DISABLE_FEATURE, $WINHTTP_DISABLE_COOKIES)
    _WinHttpSetOption($hConnect, $WINHTTP_OPTION_DISABLE_FEATURE, $WINHTTP_DISABLE_REDIRECTS)   
    $sRead = _WinHttpSimpleFormFill($hConnect, '/forum/index.php?app=core&module=global&section=login', 'login', _
                "name:username", $user, _
                "name:password", $pass)
        _WinHttpCloseHandle($handleconnect)
    _WinHttpCloseHandle($handleopen)
    FileWrite(@ScriptDir&'/strread.html',$sRead)

It sends this in $sAddData: k=880ea6a14ea49e853634fbdc5015a024&settingNewSkin=

I supposed the k= was of auth_key and the number was ok but the name was obviously trimmed. But searching for settingNewSkin I found that it corresponds to this other form:

<form action="http://www.portaliz.com/forum/index.php?app=core&amp;module=global&amp;section=login" method="post" class='left'>
                            <fieldset>
                                <input type='hidden' name='k' value='880ea6a14ea49e853634fbdc5015a024' />
                                <label for='newSkin' class='hide'>Theme:</label>
                                <select name="settingNewSkin" id='newSkin'>
                                    
<option id='skinSetDD_1'  value="1">IP.Board</option>
<option id='skinSetDD_3'  value="3">IP.Board Mobile</option>
<option id='skinSetDD_30' selected="selected" value="30">porta</option>

                                </select>
                                <input type='submit' value='Go' class='input_submit alt' id='newSkinSubmit' />
                            </fieldset>
                        </form>

So it makes sense because this other form has an input whose name is k. What doesn't make sense is why did it select this form if it hasn't got the id='login' and moreover its index is 2 (it's after the one I want which is index 1). From what I understood from your code you use regexp to search for the forms and I don't blame you if the regexp didn't return what we expected :x I have been using them and sometimes they should be called iregular expressions lol. Another thing to take into account is that both forms have the same action= attribute but I don't think that to be relevant cause the forms are identified by id, name or index.

EDIT: I tried with index:1 and now $sAddData seems to be correct as it sends:

auth_key=880ea6a14ea49e853634fbdc5015a024&username=myuser&password=mypass

but it still doesn't log in. Cookies problem maybe? I thought _WinHttpSimpleFormFill got the cookies at some point by doing a 'GET' request, I'm puzzled...

EDIT2: Using this function I made:

Func _GetCookies(ByRef $hRequest)
    ;function that returns the cookies of a server answer in an array
        ;it must be called after _WinHttpReceiveResponse has been successfully completed
    Local $aCookies[100]
    Local $iIndex = 0
    While 1
        $aCookies[$iIndex] = _WinHttpQueryHeaders($hRequest, $WINHTTP_QUERY_SET_COOKIE, Default, $iIndex)
        MsgBox(0, "Cookie: " & $iIndex, $aCookies[$iIndex])
        If StringCompare($aCookies[$iIndex], "") = 0 Then ExitLoop
        $array = StringRegExp($aCookies[$iIndex], "\w+?=[[:alnum:]]+?;", 3)
        If IsArray($array) Then
            $aCookies[$iIndex] = $array[0]
        EndIf
        $iIndex += 1
    WEnd
    If $iIndex > 0 Then
        ReDim $aCookies[$iIndex]
        _ArrayDisplay($aCookies, "Cookie")
    Else
        MsgBox(0, "Cookie", "No cookies for you here.")
    EndIf
    Return $aCookies
EndFunc   ;==>_GetCookies

I researched what cookies were being received and from the cookies I received when submitting the post manually as I previously posted (by the way, I notice now than the session_id cookie was received twice, strange isn't it?):

Set-Cookie: session_id=0afdf2344ef10653f03c1f8ae2e8aaaa; path=/; httponly
Set-Cookie: member_id=112444; expires=Thu, 12-Jan-2012 02:37:43 GMT; path=/; httponly
Set-Cookie: pass_hash=b91108b19a6666897b1e0d61f6faaaaa; expires=Wed, 19-Jan-2011 02:37:43 GMT; path=/; httponly
Set-Cookie: coppa=0; path=/
Set-Cookie: session_id=0afdf2344ef10653f03c1f8ae2eaaaa; path=/; httponly

I only received the session_id one. Moreover this time I edited _WinHttpSimpleFormFill and set $sAddData = 'auth_key=880ea6a14ea49e853634fbdc5015a024&username=myuser&password=mypass' before sending the request. I don't know what's wrong, I also tried sending the referrer in the request like this: $sAddData = 'auth_key=880ea6a14ea49e853634fbdc5015a024&referer=http%3A%2F%2Fwww.portaliz.com%2Fforum%2F&username=myuser&password=mypass&rememberMe=1' but still I don't receive the other cookies.

PS: I forgot to say, thanks for the explanation of the boundary line :P

Edited by Mithrandir

Share this post


Link to post
Share on other sites

You probably need to check "remember me" checkbox:

$sRead = _WinHttpSimpleFormFill($hConnect, '/forum/index.php?app=core&module=global&section=login', 'login', _
                "name:username", $user, _
                "name:password", $pass, _
        "remember", "1")

Try it.

As for the wrong form, that's because with the current code only this would be detected (with different variations):

id=login
id="login"
id="login
id=login"
...

The problem is why is some other form filled if requested is not detected. I've isolated the problem and fixed it. Also added single quotation mark to the detection part. What wouldn't be allowed is nested quotation marks.

Edited by trancexx

♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites

Hi trancexx,

regarding your example for _WinHttpReadData() (@ http://winhttp.origo.ethz.ch/system/files/X1_6_1_9_WinHttpReadData.htm), I'm wondering

if there isn't a "_WinHttpCloseHandle($hRequest)" missing in the error part after "_WinHttpSendRequest($hRequest)"?

Also, to fully capture all the errors, wouldn't it be appropriate to also check for errors after _WinHttpReceiveResponse($hRequest)?

One other thing I noticed is in your example for _WinHttpQueryHeaders @ http://winhttp.origo.ethz.ch/system/files/X1_6_1_9_WinHttpQueryHeaders.htm.

According to the MSDN one doesn't have to _WinHttpQueryDataAvailable prior to _WinHttpQueryHeaders.

Perhaps you want to remove it or clarify why not; I'd appreciate it, thanks.

I'm writing a function where I only go for the headers and I usually like to keep things to the absolute minimum.


You can fool some of the people all of the time, and all of the people some of the time, but you can not fool all of the people all of the time. Abraham Lincoln - http://www.ae911truth.org/ - http://www.freedocumentaries.org/

Share this post


Link to post
Share on other sites

You probably need to check "remember me" checkbox:

$sRead = _WinHttpSimpleFormFill($hConnect, '/forum/index.php?app=core&module=global&section=login', 'login', _
                "name:username", $user, _
                "name:password", $pass, _
        "remember", "1")

Try it.

As for the wrong form, that's because with the current code only this would be detected (with different variations):

id=login
id="login"
id="login
id=login"
...

The problem is why is some other form filled if requested is not detected. I've isolated the problem and fixed it. Also added single quotation mark to the detection part. What wouldn't be allowed is nested quotation marks.

Now it identifies the form correctly using its id :x Concerning the problem, I tried adding the remember me checkbox but still the data is being sent ok (auth_key=880ea6a14ea49e853634fbdc5015a024&username=myuser&password=mypass&rememberMe=1) but I only get the session_id cookie and not the others. I even tried adding the referrer in the request. Look, this is how I'm debugging this in _WinHttpSimpleFormFill, the code I added is after line 1452:

;code I added to debug
        _WinHttpAddRequestHeaders($hRequest,"Referer: http://www.portaliz.com/forum/index.php?app=core&module=global&section=login")
        $sHeaderst = _WinHttpQueryHeaders($hRequest)
        MsgBox(0,"headers to be send",$sHeaderst)
        FileWrite(@ScriptDir&'/datasent.txt',$sAddData)
        ;/code I added to debug
        _WinHttpSendRequest($hRequest, Default, $sAddData)
        _WinHttpReceiveResponse($hRequest)
        _GetCookies($hRequest)
        Local $sReturned = _WinHttpSimpleReadData($hRequest)
        If @error Then
            _WinHttpCloseHandle($hRequest)
            Return SetError(4, 0, "") ; either site is expiriencing problems or your connection
        EndIf
        _WinHttpCloseHandle($hRequest)
        Return $sReturned
    EndIf
    ; If here then there is no form on the page with specified attributes (name, id or index)
    Return SetError(3, 0, "")
EndFunc   ;==>_WinHttpSimpleFormFill

The problem is that $sHeaderst = _WinHttpQueryHeaders($hRequest) does not return anything. It seems it returns the headers of a server response. How can I query the headers to be sent (the ones I'm sending to the server)? Maybe like that I can see if there's a problem with the headers.

I'm also going to mimmick with WinHttpOpenRequest what I got with live http headers (again the session_id cookie is sent twice in the server response :S ):

http://www.portaliz.com/forum/index.php?app=core&module=global&section=login&do=process

POST /forum/index.php?app=core&module=global&section=login&do=process HTTP/1.1

Host: www.portaliz.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 (.NET CLR 3.5.30729)

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-Language: es-es,es;q=0.8,en-us;q=0.5,en;q=0.3

Accept-Encoding: gzip,deflate

Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7

Keep-Alive: 115

Connection: keep-alive

Referer: http://www.portaliz.com/forum/index.php?app=core&module=global&section=login

Content-Type: application/x-www-form-urlencoded

Content-Length: 97

auth_key=880ea6a14ea49e853634fbdc5015a024&username=myuser&password=mypass&rememberMe=1

HTTP/1.1 302 Found

Date: Wed, 12 Jan 2011 15:54:47 GMT

Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9

X-Powered-By: PHP/5.2.9

Set-Cookie: session_id=d76f47f7ffd1e50996fbdb71cb571aaaa; path=/; httponly

Set-Cookie: member_id=112aaa; expires=Thu, 12-Jan-2012 15:54:47 GMT; path=/; httponly

Set-Cookie: pass_hash=b91108b19a6666897b1e0d61f6aaaa; expires=Wed, 19-Jan-2011 15:54:47 GMT; path=/; httponly

Set-Cookie: coppa=0; path=/

Set-Cookie: session_id=d76f47f7ffd1e50996fbdb71cb571aaaa; path=/; httponly

Location: http://www.portaliz.com/forum/index.php?

Content-Length: 0

Keep-Alive: timeout=15, max=100

Connection: Keep-Alive

Content-Type: text/html

http://www.portaliz.com/forum/index.php?

GET /forum/index.php? HTTP/1.1

Host: www.portaliz.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 (.NET CLR 3.5.30729)

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-Language: es-es,es;q=0.8,en-us;q=0.5,en;q=0.3

Accept-Encoding: gzip,deflate

Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7

Keep-Alive: 115

Connection: keep-alive

Referer: http://www.portaliz.com/forum/index.php?app=core&module=global&section=login

Cookie: session_id=d76f47f7ffd1e50996fbdb71cbaaa; member_id=1124aaaa; pass_hash=b91108b19a6666897b1e0d61f6fabaaaaa; coppa=0

HTTP/1.1 200 OK

Date: Wed, 12 Jan 2011 15:54:48 GMT

Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9

X-Powered-By: PHP/5.2.9

Set-Cookie: pass_hash=b91108b19a6666897b1e0d61f6faaaaaaa; expires=Wed, 19-Jan-2011 15:54:48 GMT; path=/; httponly

Set-Cookie: session_id=d76f47f7ffd1e50996fbdb71cbaaaaaaa; path=/; httponly

Cache-Control: no-cache,must-revalidate, max-age=0

Expires: Tue, 11 Jan 2011 15:54:48 GMT

Pragma: no-cache

Content-Encoding: gzip

Vary: Accept-Encoding

Keep-Alive: timeout=15, max=99

Connection: Keep-Alive

Transfer-Encoding: chunked

Content-Type: text/html;charset=ISO-8859-1

And check if I'm receiving all the cookies that way.

Oh I didn't try the multipart form that also gave problems cause I think you didn't modify that part. Just tell me if you make some change in that part and I'll check it.

Share this post


Link to post
Share on other sites

There isn't a problem with headers (that you can get like this for example):

_WinHttpQueryHeaders($hRequest, BitOR($WINHTTP_QUERY_FLAG_REQUEST_HEADERS, $WINHTTP_QUERY_RAW_HEADERS_CRLF))

It's something else.

Could you check one more time $sAddData? Shouldn't that be:

auth_key=880ea6a14ea49e853634fbdc5015a024&referer=http%3A%2F%2Fwww.portaliz.com%2Fforum%2Findex.php%3F&username=myuser&password=mypass&rememberMe=1

What happens if you remove

auth_key=880ea6a14ea49e853634fbdc5015a024&referer=http%3A%2F%2Fwww.portaliz.com%2Fforum%2Findex.php%3F&

?

@Mojo, thanks for the heads-up. You are right btw. I'll do corrections for the next release.

Edited by trancexx

♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites

There isn't a problem with headers (that you can get like this for example):

_WinHttpQueryHeaders($hRequest, BitOR($WINHTTP_QUERY_FLAG_REQUEST_HEADERS, $WINHTTP_QUERY_RAW_HEADERS_CRLF))

It's something else.

Could you check one more time $sAddData? Shouldn't that be:

auth_key=880ea6a14ea49e853634fbdc5015a024&referer=http%3A%2F%2Fwww.portaliz.com%2Fforum%2Findex.php%3F&username=myuser&password=mypass&rememberMe=1

What happens if you remove

auth_key=880ea6a14ea49e853634fbdc5015a024&referer=http%3A%2F%2Fwww.portaliz.com%2Fforum%2Findex.php%3F&

?

I used that code to see what headers are being sent:

_WinHttpAddRequestHeaders($hRequest, "Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,*/*;q=0.5")
        _WinHttpAddRequestHeaders($hRequest, "Accept-Charset: utf-8;q=0.7")
        ;debug code     
        $sHeaderst = _WinHttpQueryHeaders($hRequest, BitOR($WINHTTP_QUERY_FLAG_REQUEST_HEADERS, $WINHTTP_QUERY_RAW_HEADERS_CRLF))
        MsgBox(0,"headers to be send",$sHeaderst)
        FileWrite(@ScriptDir&'/headerssent.txt',$sHeaderst)
        FileWrite(@ScriptDir&'/datasent.txt',$sAddData)
        ;/debug code
        _WinHttpSendRequest($hRequest, Default, $sAddData)
        _WinHttpReceiveResponse($hRequest)
        _GetCookies($hRequest)
        Local $sReturned = _WinHttpSimpleReadData($hRequest)
        If @error Then

and these are the headers that are being send:

POST /forum/index.php HTTP/1.1

Content-Type: application/x-www-form-urlencoded

Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,*/*;q=0.5

Accept-Charset: utf-8;q=0.7

This is quite different from what should be sent since I specified the action page to be '/forum/index.php?app=core&module=global&section=login' even though you can also login at the main page. Anyway there are many headers missing if you compare to the headers I traced using live http headers which I posted in my previous post.

I tried setting $sAddData to be

auth_key=880ea6a14ea49e853634fbdc5015a024&referer=http%3A%2F%2Fwww.portaliz.com%2Fforum%2Findex.php%3F&username=myuser&password=mypass&rememberMe=1

before sending and It still sends the headers I posted in this post and I receive only the session_id cookie.

I also tried just

username=myuser&password=mypass&rememberMe=1

and the same: just one cookie in the server response and the headers are not correctly sent.

Sure the headers are not a problem?

Share this post


Link to post
Share on other sites

As I said I mimmicked what I traced with Live Http headers (I mimicked the POST part not the GET that comes afterwards):

POST /forum/index.php?app=core&module=global&section=login&do=process HTTP/1.1
Host: www.portaliz.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 (.NET CLR 3.5.30729)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: es-es,es;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.portaliz.com/forum/index.php?app=core&module=global&section=login
Content-Type: application/x-www-form-urlencoded
Content-Length: 97
auth_key=880ea6a14ea49e853634fbdc5015a024&username=myuser&password=mypass&rememberMe=1

HTTP/1.1 302 Found
Date: Wed, 12 Jan 2011 15:54:47 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Set-Cookie: session_id=d76f47f7ffd1e50996fbdb71cb571aaaa; path=/; httponly
Set-Cookie: member_id=112aaa; expires=Thu, 12-Jan-2012 15:54:47 GMT; path=/; httponly
Set-Cookie: pass_hash=b91108b19a6666897b1e0d61f6aaaa; expires=Wed, 19-Jan-2011 15:54:47 GMT; path=/; httponly
Set-Cookie: coppa=0; path=/
Set-Cookie: session_id=d76f47f7ffd1e50996fbdb71cb571aaaa; path=/; httponly
Location: http://www.portaliz.com/forum/index.php?
Content-Length: 0
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html

http://www.portaliz.com/forum/index.php?

GET /forum/index.php? HTTP/1.1
Host: www.portaliz.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 (.NET CLR 3.5.30729)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: es-es,es;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.portaliz.com/forum/index.php?app=core&module=global
Cookie: session_id=d76f47f7ffd1e50996fbdb71cbaaa; member_id=1124aaaa; pass_hash=b91108b19a6666897b1e0d61f6fabaaaaa; coppa=0

HTTP/1.1 200 OK
Date: Wed, 12 Jan 2011 15:54:48 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Set-Cookie: pass_hash=b91108b19a6666897b1e0d61f6faaaaaaa; expires=Wed, 19-Jan-2011 15:54:48 GMT; path=/; httponly
Set-Cookie: session_id=d76f47f7ffd1e50996fbdb71cbaaaaaaa; path=/; httponly
Cache-Control: no-cache,must-revalidate, max-age=0
Expires: Tue, 11 Jan 2011 15:54:48 GMT
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1

I mimmicked it using this code:

#include <WinHttp.au3>
#include <Array.au3>

Global $sUserName = "myuser"
Global $sPassword = "mypass"
Global $sDomain = "www.portaliz.com"
Global $sPage = "/forum/index.php?app=core&module=global&section=login"
Global $sAdditionalData = "auth_key=880ea6a14ea49e853634fbdc5015a024&username="&$sUserName&"&password="&$sPassword&"&rememberMe=1"

Global $hOpen = _WinHttpOpen("Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.13 (.NET CLR 3.5.30729)")

Global $hConnect = _WinHttpConnect($hOpen, $sDomain)

Global $hRequest = _WinHttpOpenRequest($hConnect, "POST", $sPage)

; Enable cookies for sure
_WinHttpSetOption($hRequest, $WINHTTP_OPTION_DISABLE_FEATURE, $WINHTTP_DISABLE_COOKIES)

_WinHttpAddRequestHeaders($hRequest,"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8")
_WinHttpAddRequestHeaders($hRequest, "Accept-Language: es-es,es;q=0.8,en-us;q=0.5,en;q=0.3")
_WinHttpAddRequestHeaders($hRequest, "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7")
_WinHttpAddRequestHeaders($hRequest, "Keep-Alive: 115")
_WinHttpAddRequestHeaders($hRequest, "Connection: keep-alive")
_WinHttpAddRequestHeaders($hRequest,"Referer: http://www.portaliz.com/forum/index.php?app=core&module=global&section=login")
_WinHttpAddRequestHeaders($hRequest, "Content-Type: application/x-www-form-urlencoded")
_WinHttpAddRequestHeaders($hRequest,"Content-Length: 97")

_WinHttpSendRequest($hRequest, Default, $sAdditionalData)

_WinHttpReceiveResponse($hRequest)

If _WinHttpQueryDataAvailable($hRequest) Then $sHeader = _WinHttpQueryHeaders($hRequest)
_GetCookies($hRequest)

Global $sReturned
If _WinHttpQueryDataAvailable($hRequest) Then
    Do
        $sReturned &= _WinHttpReadData($hRequest)
    Until @error
EndIf

_WinHttpCloseHandle($hRequest)
_WinHttpCloseHandle($hConnect)
_WinHttpCloseHandle($hOpen)

MsgBox(0, "Returned", $sReturned)
FileWrite(@ScriptDir&'/returned.html',$sReturned)
FileWrite(@ScriptDir&'/headers.txt',$sHeader)

And this is what I got as response in $sHeader:

HTTP/1.1 200 OK
Date: Thu, 13 Jan 2011 02:44:22 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Set-Cookie: session_id=8650cab553013d5108a2510a4ca9daaa; path=/; httponly
Cache-Control: no-cache,must-revalidate, max-age=0
Expires: Wed, 12 Jan 2011 02:44:22 GMT
Pragma: no-cache
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1

It seems that it has skipped the 'HTTP/1.1 302 Found' that appeared in what I traced with Live Http Headers. Also, it looks similar to the server response to the 'GET' request.

I guess I'm close to unveil this: I think that the WinHttpFunctions are automatically redirecting immediately after receiving the 302 code and that would explain why I'm not getting all the cookies.--->What do you think trancexx?

I am also going to try this same code but disabling redirection as well in _WinHttpSimpleFormFill

EDIT: I didn't mean 'disabling redirection as well as _WinHttpSimpleFormFill' but 'disabling redirection as well in _WinHttpSimpleFormFill'

Edited by Mithrandir

Share this post


Link to post
Share on other sites

I think this disables automatic Cookie-Handling, at least according to the documentation:

_WinHttpSetOption($hRequest, $WINHTTP_OPTION_DISABLE_FEATURE, $WINHTTP_DISABLE_COOKIES)

Also it could be that the auth_key must be fetched from the site wich displays the form.

Edited by ProgAndy

*GERMAN* [note: you are not allowed to remove author / modified info from my UDFs]My UDFs:[_SetImageBinaryToCtrl] [_TaskDialog] [AutoItObject] [Animated GIF (GDI+)] [ClipPut for Image] [FreeImage] [GDI32 UDFs] [GDIPlus Progressbar] [Hotkey-Selector] [Multiline Inputbox] [MySQL without ODBC] [RichEdit UDFs] [SpeechAPI Example] [WinHTTP]UDFs included in AutoIt: FTP_Ex (as FTPEx), _WinAPI_SetLayeredWindowAttributes

Share this post


Link to post
Share on other sites

Before anything find this code inside the function:

If @error Then
    If StringLeft($sAction, 1) <> "/" Then
        Local $sCurrent
        Local $aUrl = StringRegExp($sActionPage, '(.*)/', 3)
        If Not @error Then $sCurrent = $aUrl[0]
        If $sCurrent Then $sAction = $sCurrent & "/" & $sAction
    Else
        ; FIXME: anything here?
    EndIf
Else
    $sNewURL = $aCrackURL[2]
    $sAction = $aCrackURL[6]
EndIf

And then change it to this:

If @error Then
    If StringLeft($sAction, 1) <> "/" Then
        Local $sCurrent
        Local $aUrl = StringRegExp($sActionPage, '(.*)/', 3)
        If Not @error Then $sCurrent = $aUrl[0]
        If $sCurrent Then $sAction = $sCurrent & "/" & $sAction
    Else
        ; FIXME: anything here?
    EndIf
Else
    $sNewURL = $aCrackURL[2]
    $sAction = $aCrackURL[6] & $aCrackURL[7]
EndIf

The only difference is added $aCrackURL[7].


♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites

I think this disables automatic Cookie-Handling, at least according to the documentation:

_WinHttpSetOption($hRequest, $WINHTTP_OPTION_DISABLE_FEATURE, $WINHTTP_DISABLE_COOKIES)

Also it could be that the auth_key must be fetched from the site wich displays the form.

You're right! According to the article Cookie Handling in WinHTTP :

Disabling Automatic Cookie Handling

To disable cookie handling, the WinHTTP client application calls the WinHttpSetOption function with the dwOption parameter set to WINHTTP_OPTION_DISABLE_FEATURE, and the lpBuffer parameter set to WINHTTP_DISABLE_COOKIES. The hInternet parameter can be either a session handle or a request handle. When cookie handling is disabled on a request handle that has sent a previous request, the client should manually remove existing request cookie headers with the WinHttpAddRequestHeaders function before sending the next request. For more information, see Removing Cookie Headers.

Note The client application must set all cookies on the session after automatic mode has been disabled.

I remember I asked if that wouldn't be actually disabling cookies and trancexx sensibly said 'It disables the ability to disable something. Therefore it enables.' . But it seems msdn is not logical at all :shifty:

Are WinHttp.au3 and WinHttpConstants.au3 based on msdn documentation of WinHttp? If so, it would be good to edit the examples of WinHttp.chm where it says 'enable cookies for sure _WinHttpSetOption($hRequest, $WINHTTP_OPTION_DISABLE_FEATURE, $WINHTTP_DISABLE_COOKIES)'

@ProgAndy: What do you mean by 'the auth_key must be fetched from the site wich displays the form' ? I traced the login process with LiveHttp Headers and researched the source code with IETAB and auth_key has always the same value that is 880ea6a14ea49e853634fbdc5015a024

and I send that value in the post data: auth_key=880ea6a14ea49e853634fbdc5015a024&username=myuser&password=mypass&rememberMe=1

Another thing I tried in the mimmick of the login process I made, was to disable redirections using the documentation on msdn:

Option Flags

As you will see in the code, I tried using

WINHTTP_OPTION_REDIRECT_POLICY_NEVER-->Redirects are never followed. The 30x status is returned to the application.

and

WINHTTP_DISABLE_REDIRECTS

both each at one time and at the same time but I always got the '200 ok' header from the server response:

HTTP/1.1 200 OK

Date: Thu, 13 Jan 2011 16:12:23 GMT

Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9

X-Powered-By: PHP/5.2.9

Set-Cookie: session_id=7ac6d5c23ed625504e61cb4b9baaaaa; path=/; httponly

Cache-Control: no-cache,must-revalidate, max-age=0

Expires: Wed, 12 Jan 2011 16:12:24 GMT

Pragma: no-cache

Keep-Alive: timeout=15, max=100

Connection: Keep-Alive

Transfer-Encoding: chunked

Content-Type: text/html;charset=ISO-8859-1

And not the '302 Found' I received when tracing the manually login:

HTTP/1.1 302 Found

Date: Wed, 12 Jan 2011 15:54:47 GMT

Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9

X-Powered-By: PHP/5.2.9

Set-Cookie: session_id=d76f47f7ffd1e50996fbdb71cb571aaaa; path=/; httponly

Set-Cookie: member_id=112aaa; expires=Thu, 12-Jan-2012 15:54:47 GMT; path=/; httponly

Set-Cookie: pass_hash=b91108b19a6666897b1e0d61f6aaaa; expires=Wed, 19-Jan-2011 15:54:47 GMT; path=/; httponly

Set-Cookie: coppa=0; path=/

Set-Cookie: session_id=d76f47f7ffd1e50996fbdb71cb571aaaa; path=/; httponly

Location: http://www.portaliz.com/forum/index.php?

Content-Length: 0

Keep-Alive: timeout=15, max=100

Connection: Keep-Alive

Content-Type: text/html

Also, I continue receiving only one cookie.

Here is the code:

#include <WinHttp.au3>
#include <Array.au3>

Global $sUserName = "myuser"
Global $sPassword = "mypass"
Global $sDomain = "www.portaliz.com"
Global $sPage = "/forum/index.php?app=core&module=global&section=login"
Global $sAdditionalData = "auth_key=880ea6a14ea49e853634fbdc5015a024&username="&$sUserName&"&password="&$sPassword&"&rememberMe=1"

; Initialize and get session handle
Global $hOpen = _WinHttpOpen("Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.13 (.NET CLR 3.5.30729)")

; Get connection handle
Global $hConnect = _WinHttpConnect($hOpen, $sDomain)

; Make a request
Global $hRequest = _WinHttpOpenRequest($hConnect, "POST", $sPage)
; Enable cookies for sure
;_WinHttpSetOption($hRequest, $WINHTTP_OPTION_DISABLE_FEATURE, $WINHTTP_DISABLE_COOKIES)
;_WinHttpSetOption($hRequest,$WINHTTP_OPTION_REDIRECT_POLICY,$WINHTTP_OPTION_REDIRECT_POLICY_NEVER)
; Add header fields to the request
_WinHttpAddRequestHeaders($hRequest,"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8")
_WinHttpAddRequestHeaders($hRequest, "Accept-Language: es-es,es;q=0.8,en-us;q=0.5,en;q=0.3")
_WinHttpAddRequestHeaders($hRequest, "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7")
_WinHttpAddRequestHeaders($hRequest, "Keep-Alive: 115")
_WinHttpAddRequestHeaders($hRequest, "Connection: keep-alive")
_WinHttpAddRequestHeaders($hRequest,"Referer: http://www.portaliz.com/forum/index.php?app=core&module=global&section=login")
_WinHttpAddRequestHeaders($hRequest, "Content-Type: application/x-www-form-urlencoded")
_WinHttpAddRequestHeaders($hRequest,"Content-Length: 97")
_WinHttpSetOption($hRequest,$WINHTTP_OPTION_REDIRECT_POLICY,$WINHTTP_OPTION_REDIRECT_POLICY_NEVER)
_WinHttpSetOption($hRequest, $WINHTTP_OPTION_DISABLE_FEATURE,$WINHTTP_DISABLE_REDIRECTS)

_WinHttpSendRequest($hRequest, Default, $sAdditionalData)

; Wait for the response
_WinHttpReceiveResponse($hRequest)

If _WinHttpQueryDataAvailable($hRequest) Then $sHeader = _WinHttpQueryHeaders($hRequest)
_GetCookies($hRequest)
; See what's returned
Global $sReturned
If _WinHttpQueryDataAvailable($hRequest) Then ; if there is data
    Do
        $sReturned &= _WinHttpReadData($hRequest)
    Until @error
EndIf

; Close handles
_WinHttpCloseHandle($hRequest)
_WinHttpCloseHandle($hConnect)
_WinHttpCloseHandle($hOpen)

; See what's returned
MsgBox(0, "Returned", $sReturned)
FileWrite(@ScriptDir&'/returned.html',$sReturned)
FileWrite(@ScriptDir&'/headers.txt',$sHeader)

Why is it still skipping the 302 code if I disabled redirects?

Before anything find this code inside the function:

If @error Then
    If StringLeft($sAction, 1) <> "/" Then
        Local $sCurrent
        Local $aUrl = StringRegExp($sActionPage, '(.*)/', 3)
        If Not @error Then $sCurrent = $aUrl[0]
        If $sCurrent Then $sAction = $sCurrent & "/" & $sAction
    Else
        ; FIXME: anything here?
    EndIf
Else
    $sNewURL = $aCrackURL[2]
    $sAction = $aCrackURL[6]
EndIf

And then change it to this:

If @error Then
    If StringLeft($sAction, 1) <> "/" Then
        Local $sCurrent
        Local $aUrl = StringRegExp($sActionPage, '(.*)/', 3)
        If Not @error Then $sCurrent = $aUrl[0]
        If $sCurrent Then $sAction = $sCurrent & "/" & $sAction
    Else
        ; FIXME: anything here?
    EndIf
Else
    $sNewURL = $aCrackURL[2]
    $sAction = $aCrackURL[6] & $aCrackURL[7]
EndIf

The only difference is added $aCrackURL[7].

:x:P It was that! I can't believe the error was in something so simple! -This is like my university labs :nuke: - Next time I'll check everything, including the action page of the POST request.

Concerning the change you told me, I had to add it a slight modification:

Else
                ; FIXME: anything here?
            EndIf
        Else
            $sNewURL = $aCrackURL[2]
            $aCrackURL[7] = StringReplace($aCrackURL[7],'amp;',"")
            $sAction = $aCrackURL[6] & $aCrackURL[7]
            ;MsgBox(0,"",$sAction)
        EndIf

because it was sending this as the action page:

/forum/index.php?app=core&amp;module=global&amp;section=login&amp;do=process

So I removed the amp; . However, I don't know if it's an error of _WinHttpCrackUrl because I have used it and it never returned the url components with amp; (which I noticed being added when seeing source codes of webs in Firefox for instance). You may want to take a look into this for the next release.

Another thing, even though I consider this to be solved because in $sRead returned from _WinHttpSimpleFormFill I see that I'm logged in with my username, there's a detail to take into account: This time I received two cookies:

pass_hash=b91108b19a6666897b1e0d61f6fabaaa;

session_id=83ad633dab80e69ed22f053baf9aaaaa;

while when logging in manually I received these cookies:

session_id=d76f47f7ffd1e50996fbdb71cb571aaaa;

member_id=112aaa;

pass_hash=b91108b19a6666897b1e0d61f6aaaa;

coppa=0;

Should I worry about this or the other two cookies are not important?

Share this post


Link to post
Share on other sites

Are WinHttp.au3 and WinHttpConstants.au3 based on msdn documentation of WinHttp? If so, it would be good to edit the examples of WinHttp.chm where it says 'enable cookies for sure _WinHttpSetOption($hRequest, $WINHTTP_OPTION_DISABLE_FEATURE, $WINHTTP_DISABLE_COOKIES)'

Yes it is. This line should be removed in the example-

@ProgAndy: What do you mean by 'the auth_key must be fetched from the site wich displays the form' ? I traced the login process with LiveHttp Headers and researched the source code with IETAB and auth_key has always the same value that is 880ea6a14ea49e853634fbdc5015a024

and I send that value in the post data: auth_key=880ea6a14ea49e853634fbdc5015a024&username=myuser&password=mypass&rememberMe=1

Some forms are protected with a key that changes each time it is displayed. I thought auth_key could be this form key. But since you say it does not change this assumption was wrong.

So I removed the amp; . However, I don't know if it's an error of _WinHttpCrackUrl because I have used it and it never returned the url components with amp; (which I noticed being added when seeing source codes of webs in Firefox for instance). You may want to take a look into this for the next release.

This is no error in _WinHTTPCrackUrl. In HTML you have to write the & in URLs as &amp;. So when extracting it, this has to be replaced.

Should I worry about this or the other two cookies are not important?

You only get the cookies of the last request and this is 200 OK with those 2 cookies. The others are stored by WinHTTP if you don't disable it, but I don't know how to get them as plaintext. Edited by ProgAndy

*GERMAN* [note: you are not allowed to remove author / modified info from my UDFs]My UDFs:[_SetImageBinaryToCtrl] [_TaskDialog] [AutoItObject] [Animated GIF (GDI+)] [ClipPut for Image] [FreeImage] [GDI32 UDFs] [GDIPlus Progressbar] [Hotkey-Selector] [Multiline Inputbox] [MySQL without ODBC] [RichEdit UDFs] [SpeechAPI Example] [WinHTTP]UDFs included in AutoIt: FTP_Ex (as FTPEx), _WinAPI_SetLayeredWindowAttributes

Share this post


Link to post
Share on other sites

@trancexx: I found another problem with a multipart/form, here's the source code:

<form id='postingform' action='http://www.portaliz.com/forum/index.php?' method='post' enctype='multipart/form-data'>
    <!-- hidden inputs at bottom -->
    
<div class='maintitle_base'><div class='header_left'><div class='header_right'><h2 class='maintitle'>Posting A New Topic In Introductions</h2></div></div></div>

<div class='box_l'><div class='box_r'>
<!--SKINNOTE: Not semantic to have an empty list here for styling purposes :P -->
<div class='generic_bar'></div>


    <fieldset>
        <h3 class='bar'>Topic Information</h3>
        <ul>
            <li class='field'>
                <label for='topic_title'>Topic Title</label>

                <input id='topic_title' class='input_text' type="text" size="50" maxlength="150" name="TopicTitle" value="" tabindex="0" />
            </li>
            <li class='field'>
                <label for='topic_desc'>Topic Description</label>
                <input id='topic_desc' class='input_text' type="text" size="50" maxlength="70" name="TopicDesc" value="" tabindex="0" />
                <span class='desc'>(Optional)</span>
            </li>
                    </ul>

    </fieldset>


    <fieldset id='poll_fieldset' style='display: none'>
        <h3 class='bar'>Topic Poll</h3>
        
<script type='text/javascript'>
//<![CDATA[
    ipb.poll.maxQuestions = parseInt( 5 );
    ipb.poll.maxChoices = parseInt( 20 );
    ipb.poll.isPublicPoll = parseInt(  );
    ipb.poll.showonload = 0;
    ipb.poll.isMod = 0;
    
    ipb.poll.questions = $H(
        {}
    );
    
    ipb.poll.choices = $H(
        {}
    );
    
    ipb.poll.votes = $H(
        {}
    );
    
    ipb.poll.multi = $H(
        
    );
    
    //ipb.templates['poll_section_wrap'] = "<div id='poll_#{id}' class='general_box'>#{content}</div>";
    ipb.templates['poll_question'] =    new Template("<li class='field question' id='question_#{qid}_wrap' style='display: none'>" +
                                            "   <label for='#{qid}'><strong>Question</strong></label>" +
                                            "   <div class='wrap rounded'>" + 
                                            "       <input type='text' class='input_text question_title' id='#{qid}' value='#{value}' size='40' maxlength='254' name='question[#{qid}]' />" +
                                            "       <input type='checkbox' class='input_check' value='1' name='multi[#{qid}]' id='multi_#{qid}'/> <label for='multi_#{qid}'><span class='desc'>Allow users to select multiple answers?</span></label>" + 
                                            "       <ol id='choices_for_#{qid}'></ol>" + 
                                            "       <ul class='post_controls'>" +
                                            "           <li><a href='#' id='add_choice_#{qid}' title='Add Choice'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/add.png' alt='+' /> Add Another Choice</a></li>" +
                                            "           <li><a href='#' id='remove_question_#{qid}' title='Remove question'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/delete.png' alt='-' /> Remove question</a></li>" +
                                            "       </ul>" +
                                            "   </div>" +
                                            "</li>");
    ipb.templates['poll_choice'] =      new Template("<li id='poll_#{qid}_#{cid}_wrap' style='display: none'><input type='text' id='poll_#{qid}_#{cid}' name='choice[#{qid}_#{cid}]' class='input_text' value='#{choice}' size='46' maxlength='254' /> <input type='text' id='poll_#{qid}_#{cid}_votes' name='votes[#{qid}_#{cid}]' value='#{votes}' class='input_text' size='5' /> <a href='#' id='remove_#{qid}_#{cid}' title='Remove Choice'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/bullet_delete.png' alt='Remove Choice' /></a></li>");
//]]>
</script>

<div class='post_form poll_form' id='poll_form'>
    <div class='topic_controls' id='add_poll' style='display: none'>
        <ul class='topic_buttons'>

            <li><a href='#'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/chart_curve_add.png' alt='Show' /> Manage Topic Poll</a></li>
        </ul>
    </div>
    <fieldset id='poll_wrap' style='display: none' class='clear'>
        <ul id='poll_container'>
            <li class='field'>
                <label for='poll_title'>Poll Title (Optional)</label>

                <input type='text' class='input_text' name='poll_question' id='poll_title' size='40' value='' />
            </li>
            <li class='field checkbox'>
                    <input type='checkbox' class='input_check' name='poll_view_voters' id='poll_view_voters' value='1'  />
                    <label for='poll_view_voters'>Public Poll?</label>
                    <span class='desc'>(If checked, votes will be made public. <strong>This cannot be changed once a vote has been made!</strong>)</span>
                </li>

            
        </ul>
        <span class='desc' id='poll_stats'></span>
        <div class='topic_controls'>
            <ul class='topic_buttons'>
                <li id='add_new_question'><a href='#'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/add.png' alt='+' /> Add Another Question</a></li>
                <li id='close_poll'><a href='#'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/cross.png' alt='x' /> Close Poll Form</a></li>
            </ul>

        </div>
    </fieldset>
</div>
    </fieldset>
    <script type='text/javascript'>
        $('poll_fieldset').show();
    </script>

<fieldset>
    <h3 class='bar'>Topic</h3>
    
    <!-- RTE ON: 0 -->

<!--top-->
<input type='hidden' name='ed-0_wysiwyg_used' id='ed-0_wysiwyg_used' value='0' />
<input type='hidden' name='editor_ids[]' value='ed-0' />

<div class='ips_editor ' id='editor_ed-0'>
    <div class='sidebar row1 altrow' id='ed-0_sidebar' style='display: none'>
            <h4><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/close_popup.png' alt='' id='ed-0_close_sidebar' /><span>Emoticons</span></h4>
            <div id='ed-0_emoticon_holder' class='emoticon_holder'></div>
            <div class='show_all_emoticons' id='ed-0_showall_bar'>
                <input type='button' value='Show All' id='ed-0_showall_emoticons' class='input_submit emoticons' />

            </div>
        </div>
    <div id='ed-0_controls' class='controls'>
        <ul id='ed-0_toolbar_1' class='toolbar' style='display: none'>
            <li class='left'>
                <span id='ed-0_cmd_removeformat' class='rte_control rte_button' title='Remove formatting'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/remove_formatting.png' alt='Remove formatting' /></span>
            </li>
            <!--<li class='left'>
                <span id='ed-0_cmd_togglesource' class='rte_control rte_button' title='Toggle HTML source'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/toggle_source.png' alt='Toggle HTML source' /></span>
            </li>-->
            <li class='left'>

                <span id='ed-0_cmd_otherstyles' class='rte_control rte_menu rte_special' title='Other available styles' style='display: none'>Other styles</span>
            </li>
            <li class='left'>
                <span id='ed-0_cmd_fontname' class='rte_control rte_menu rte_font' title='Choose a font to use'>Fonts</span>
            </li>
            <li class='left'>
                <span id='ed-0_cmd_fontsize' class='rte_control rte_menu rte_fontsize' title='Choose a font size'>Sizes</span>

            </li>
            <li class='left'>
                <span id='ed-0_cmd_forecolor' class='rte_control rte_palette' title='Text color'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/font_color.png' alt='Text color' /></span>
            </li>
            <!--<li class='left'>
                <span id='ed-0_cmd_backcolor' class='rte_control rte_palette' title='Background color'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/background_color.png' alt='Background color' /></span>
            </li>-->
            
            <li class='right'>
                <span id='ed-0_cmd_spellcheck' class='rte_control rte_button' title='Spellcheck'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/spellcheck.png' alt='Spellcheck' /></span>
            </li>
            <li class='right'>

                <span id='ed-0_cmd_r_small' class='rte_control rte_button' title='Decrease editor size'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/resize_small.png' alt='Decrease editor size' /></span>
            </li>
            <li class='right'>
                <span id='ed-0_cmd_r_big' class='rte_control rte_button' title='Increase editor size'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/resize_big.png' alt='Increase editor size' /></span>
            </li>
            <li class='right sep'>
                <span id='ed-0_cmd_help' class='rte_control rte_button' title='Help'><a href='http://www.portaliz.com/forum/index.php?app=forums&amp;module=extras&amp;section=legends&amp;do=bbcode' title='Help'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/help.png' alt='Help' /></a></span>
            </li>           
            <li class='right sep'>

                <span id='ed-0_cmd_undo' class='rte_control rte_button' title='Undo'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/undo.png' alt='Undo' /></span>
            </li>
            <li class='right'>
                <span id='ed-0_cmd_redo' class='rte_control rte_button' title='Redo'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/redo.png' alt='Redo' /></span>
            </li>
            
        
            <li class='right'>
                <!--<span id='ed-0_cmd_switcheditor' class='rte_control rte_button' title='Switch between standard and rich text editor'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/switch.png' alt='Switch between standard and rich text editor' /></span>-->
            </li>
        
        </ul>

        <ul id='ed-0_toolbar_2' class='toolbar' style='display: none'>
            <li>
                <span id='ed-0_cmd_bold' class='rte_control rte_button' title='Bold'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/bold.png' alt='Bold' /></span>
            </li>
            <li>
                <span id='ed-0_cmd_italic' class='rte_control rte_button' title='Italic'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/italic.png' alt='Italic' /></span>
            </li>
            <li>
                <span id='ed-0_cmd_underline' class='rte_control rte_button' title='Underline'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/underline.png' alt='Underline' /></span>

            </li>
            <li class='sep'>
                <span id='ed-0_cmd_strikethrough' class='rte_control rte_button' title='Strikethrough'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/strike.png' alt='Strikethrough' /></span>
            </li>
            <li>
                <span id='ed-0_cmd_subscript' class='rte_control rte_button' title='Subscript'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/subscript.png' alt='Subscript' /></span>
            </li>
            <li class='sep'>
                <span id='ed-0_cmd_superscript' class='rte_control rte_button' title='Superscript'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/superscript.png' alt='Superscript' /></span>

            </li>
            <li>
                <span id='ed-0_cmd_insertunorderedlist' class='rte_control rte_button' title='Insert list'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/unordered_list.png' alt='Insert list' /></span>
            </li>
            <li class='sep'>
                <span id='ed-0_cmd_insertorderedlist' class='rte_control rte_button' title='Insert list'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/ordered_list.png' alt='Insert list' /></span>
            </li>           
        
            <li>
                <span id='ed-0_cmd_emoticons' class='rte_control rte_button' title='Emoticons'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/emoticons.png' alt='Emoticons' /></span>

            </li>
        
            <li>
                <span id='ed-0_cmd_link' class='rte_control rte_palette' title='Insert link'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/link.png' alt='Insert link' /></span>
            </li>
            <li>
                <span id='ed-0_cmd_image' class='rte_control rte_palette' title='Insert image'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/picture.png' alt='Insert image' /></span>
            </li>
            <li>
                <span id='ed-0_cmd_email' class='rte_control rte_palette' title='Insert email address'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/email.png' alt='Insert email address' /></span>

            </li>
            <li>
                <span id='ed-0_cmd_ipb_quote' class='rte_control rte_button' title='Insert quotation'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/quote.png' alt='Insert quotation' /></span>
            </li>
            <li>
                <span id='ed-0_cmd_ipb_code' class='rte_control rte_button' title='Insert code snippet'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/code.png' alt='Insert code snippet' /></span>
            </li>
            <li>
                <span id='ed-0_cmd_media' class='rte_control rte_palette' title='Insert media'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/media.png' alt='Insert media' /></span>

            </li>
            <li class='right'>
                <span id='ed-0_cmd_justifyright' class='rte_control rte_button' title='Align right'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/align_right.png' alt='Align right' /></span>
            </li>
            <li class='right'>
                <span id='ed-0_cmd_justifycenter' class='rte_control rte_button' title='Align center'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/align_center.png' alt='Align center' /></span>
            </li>
            <li class='right'>
                <span id='ed-0_cmd_justifyleft' class='rte_control rte_button' title='Align left'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/align_left.png' alt='Align left' /></span>

            </li>
            <li class='right sep'>
                <span id='ed-0_cmd_indent' class='rte_control rte_button' title='Indent'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/indent.png' alt='Indent' /></span>
            </li>
            <li class='right'>
                <span id='ed-0_cmd_outdent' class='rte_control rte_button' title='Outdent'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/outdent.png' alt='Outdent' /></span>
            </li>
        </ul>
    </div>

    <div id='ed-0_wrap' class='editor'>
        <textarea name="Post" class="input_rte" id="ed-0_textarea" rows="10" cols="60" tabindex="0"></textarea>
    </div>
</div>
    
<!-- Toolpanes -->
<script type="text/javascript">
//<![CDATA[
$('ed-0_toolbar_1').show();
$('ed-0_toolbar_2').show();
// Rikki: Had to remove <form>... </form> because Opera would see </form> and not pass the topic icons / hidden fields properly. Tried "</" + "form>" but when it is parsed, it had the same affect
ipb.editor_values.get('templates')['link'] = new Template("<label for='#{id}_url'>URL</label><input type='text' class='input_text' id='#{id}_url' value='http://' tabindex='10' /><label for='#{id}_urltext'>Link text</label><input type='text' class='input_text _select' id='#{id}_urltext' value='My link' tabindex='11' /><input type='submit' class='input_submit' value='Insert Link' tabindex='12' />");
ipb.editor_values.get('templates')['image'] = new Template("<label for='#{id}_img'>Image URL</label><input type='text' class='input_text' id='#{id}_img' value='http://' tabindex='10' /><input type='submit' class='input_submit' value='Insert Image' tabindex='11' />");
ipb.editor_values.get('templates')['email'] = new Template("<label for='#{id}_email'>Email Address</label><input type='text' class='input_text' id='#{id}_email' tabindex='10' /><label for='#{id}_emailtext'>Link text</label><input type='text' class='input_text _select' id='#{id}_emailtext' value='Email me' tabindex='11' /><input type='submit' class='input_submit' value='Insert Email' tabindex='12' />");
ipb.editor_values.get('templates')['media'] = new Template("<label for='#{id}_media'>Media URL</label><input type='text' class='input_text' id='#{id}_media' value='http://' tabindex='10' /><input type='submit' class='input_submit' value='Insert Media' tabindex='11' />");
ipb.editor_values.get('templates')['generic'] = new Template("<div class='rte_title'>#{title}</div><strong>Example</strong><pre>#{example}</pre><label for='#{id}_option' class='optional'>#{option_text}</label><input type='text' class='input_text optional' id='#{id}_option' tabindex='10' /><label for='#{id}_text' class='tagcontent'>#{value_text}</label><textarea class='input_text _select tagcontent' id='#{id}_text' tabindex='11' rows='4' cols='30' style='width: 98%' /></textarea><input type='submit' class='input_submit' value='Add' tabindex='12' />");
ipb.editor_values.get('templates')['toolbar'] = new Template("<ul id='#{id}_toolbar_#{toolbarid}' class='toolbar' style='display: none'>#{content}</ul>");
ipb.editor_values.get('templates')['button'] = new Template("<li><span id='#{id}_cmd_custom_#{cmd}' class='rte_control rte_button specialitem' title='#{title}'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/#{img}' alt='' /></span></li>");
ipb.editor_values.get('templates')['menu_item'] = new Template("<li id='#{id}_cmd_custom_#{cmd}' class='specialitem clickable'>#{title}</li>");
ipb.editor_values.get('templates')['togglesource'] = new Template("<fieldset id='#{id}_ts_controls' class='submit' style='text-align: left'><input type='button' class='input_submit' value='Update' id='#{id}_ts_update' />&nbsp;&nbsp;&nbsp; <a href='#' id='#{id}_ts_cancel' class='cancel'>Cancel Source Edit</a></fieldset>");
ipb.editor_values.get('templates')['emoticons_showall'] = new Template("<input class='input_submit emoticons' type='button' id='#{id}_all_emoticons' value='Show all emoticons' />");
ipb.editor_values.get('templates')['emoticon_wrapper'] = new Template("<h4><span>Emoticons</span></h4><div id='#{id}_emoticon_holder' class='emoticon_holder'></div>");
// Add smilies into the mix
ipb.editor_values.set( 'show_emoticon_link', true );
ipb.editor_values.set( 'emoticons', $H({ ':weightlifter:' : "1,weightlifter.gif",
':ballchain:' : "2,ballchain.gif",
':rolleyes:' : "3,rolleyes.gif",
':violent:' : "4,violent.gif",
':welcome:' : "5,welcome.gif",
'&lt;_&lt;' : "6,dry.gif",
':mellow:' : "7,mellow.gif",
':unsure:' : "8,unsure.gif",
':rockon:' : "9,rockon.gif",
':boxing:' : "10,boxing.gif",
':plane:' : "11,plane.gif",
':yield:' : "12,yield.gif",
':boink:' : "13,boink.gif",
':blush:' : "14,blush.gif",
':smash:' : "15,smash.gif",
':blink:' : "16,blink.gif",
':angry:' : "17,angry.gif",
':boom:' : "18,boom.gif",
':blah:' : "19,blah.gif",
':fear:' : "20,fear.gif",
':wave:' : "21,wave.gif",
':huh:' : "22,huh.gif",
':spy:' : "23,spy.gif",
':lol:' : "24,laugh.gif",
':eek:' : "25,eek.gif",
':)' : "26,smile.gif",
':(' : "27,sad.gif",
':o' : "28,ohmy.gif",
';)' : "29,wink.gif",
':P' : "30,tongue.gif",
'B)' : "31,cool.gif",
':D' : "32,biggrin.gif" }) );
ipb.editor_values.set( 'bbcodes', $H({"hide":{"id":"39","title":"(T30) Hide Content","desc":"Hides the content between the tags if the members hasn't replied to the topic","tag":"hide","useoption":"0","example":"[hide]Hidden text until you reply![/hide]","switch_option":"0","menu_option_text":"","menu_content_text":"Write here the text you want to hide:","single_tag":"0","optional_option":"0","image":"hide.png"},"acronym":{"id":"8","title":"Acronym","desc":"Allows you to make an acronym that will display a description when moused over","tag":"acronym","useoption":"1","example":"[acronym='Laugh Out Loud']lol[/acronym]","switch_option":"0","menu_option_text":"Enter the description for this acronym (EG: Laugh Out Loud)","menu_content_text":"Enter the acronym (EG: lol)","single_tag":"0","optional_option":"0","image":""},"entry":{"id":"11","title":"Blog Entry Link","desc":"This tag provides an easy way to link to a blog entry.","tag":"entry","useoption":"1","example":"[entry=100]Click me![/entry]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"0","image":""},"blog":{"id":"10","title":"Blog Link","desc":"This tag provides an easy way to link to a blog.","tag":"blog","useoption":"1","example":"[blog=100]Click me![/blog]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"0","image":""},"code":{"id":"16","title":"Code","desc":"Allows you to enter general code","tag":"code","useoption":"0","example":"[__CODE_PROTECTED]JiMwMzY7dGV4dCA9ICYjMzk7U29tZSBsb25nIGNvZGUgaGVyZSYjMzk7Ow==[/__CODE_PROTECTED]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"0","image":""},"extract":{"id":"9","title":"Extract Blog Entry","desc":"This will allow users to define an extract for an entry. Only this piece of the entry will be displayed on the main blog page and will show up in the RSS feed.","tag":"extract","useoption":"0","example":"[extract]This is an example![/extract]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"0","image":""},"hr":{"id":"15","title":"Horizontal Rule","desc":"Adds a horizontal rule to separate text","tag":"hr","useoption":"0","example":"[hr]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"1","optional_option":"0","image":""},"html":{"id":"18","title":"HTML Code","desc":"Allows you to enter formatted/syntax-highlighted HTML code","tag":"html","useoption":"0","example":"[html]<div class='outer'>\n  <p>Hello World</p>\n </div>[/html]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"0","image":""},"member":{"id":"34","title":"Member","desc":"Given a member name, a link is automatically generated to the member's profile","tag":"member","useoption":"1","example":"[member=admin] runs this site.","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"1","optional_option":"0","image":""},"optional":{"id":"36","title":"Optional","desc":"","tag":"optional","useoption":"0","example":"","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"1","image":""},"php":{"id":"17","title":"PHP Code","desc":"Allows you to enter PHP code into a formatted/highlighted syntax box","tag":"php","useoption":"0","example":"[php]$variable = true;\n\nprint_r($variable);[/php]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"0","image":""},"post":{"id":"6","title":"Post Link","desc":"This tag provides an easy way to link to a post.","tag":"post","useoption":"1","example":"[post=1]Click me![/post]","switch_option":"0","menu_option_text":"Enter the Post ID","menu_content_text":"Enter the title for this link","single_tag":"0","optional_option":"0","image":""},"snapback":{"id":"1","title":"Post Snap Back","desc":"This tag displays a little linked image which links back to a post - used when quoting posts from the board. Opens in same window by default.","tag":"snapback","useoption":"0","example":"[snapback]100[/snapback]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"0","image":""},"spoiler":{"id":"7","title":"Spoiler","desc":"Spoiler tag","tag":"spoiler","useoption":"0","example":"[spoiler]Some hidden text[/spoiler]","switch_option":"0","menu_option_text":"","menu_content_text":"Enter the text to be masked","single_tag":"0","optional_option":"0","image":""},"sql":{"id":"19","title":"SQL Code","desc":"Allows you to enter formatted/syntax-highlighted SQL code","tag":"sql","useoption":"0","example":"[sql]SELECT p.*, t.* FROM posts p LEFT JOIN topics t ON t.tid=p.topic_id WHERE t.tid=7[/sql]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"0","image":""},"topic":{"id":"5","title":"Topic Link","desc":"This tag provides an easy way to link to a topic","tag":"topic","useoption":"1","example":"[topic=1]Click me![/topic]","switch_option":"0","menu_option_text":"Enter the topic ID","menu_content_text":"Enter the title for this link","single_tag":"0","optional_option":"0","image":""},"pagebreak":{"id":"38","title":"Tutorial pagebreak","desc":"Insert a pagebreak into a multi-paged tutorial.","tag":"pagebreak","useoption":"0","example":"This is page 1<br />[pagebreak]<br />This is page 2","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"1","optional_option":"0","image":""},"twitter":{"id":"37","title":"Twitter","desc":"A tag to link to a user's twitter account","tag":"twitter","useoption":"0","example":"[twitter]userName[/twitter]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"0","image":"twitter.png"},"xml":{"id":"20","title":"XML Code","desc":"Allows you to enter formatted/syntax-highlighted XML code","tag":"xml","useoption":"0","example":"[xml]<outer>\n <inner>\n  <tag param='1'>Test</tag>\n </inner>\n</outer>[/xml]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"0","image":""}}) );
ipb.vars['emoticon_url'] = "http://www.portaliz.com/forum/public/style_emoticons/default";
ipb.editors[ 'ed-0' ] = new ipb.editor( 'ed-0', USE_RTE );
//]]>
</script>
</fieldset>

<fieldset id='post_options' class='with_subhead'>
    <h3 class='bar'>Options</h3>

        
    <div id='post_options_options'>
        <h4>Post Options</h4>
        <ul>
            
                <li class='field checkbox'>
                    <input type="checkbox" name="enableemo" class="input_check" value="yes" id='enable_emo' checked="checked" />
                    <label for='enable_emo'><strong>Enable</strong> emoticons?</label>
                </li>

            <li class='field checkbox'>
                    <input type="checkbox" name="enablesig" class="input_check" value="yes" id='enable_sig' checked="checked" />
                    <label for='enable_sig'><strong>Enable</strong> signature?</label>
                </li>
                
                    <li class='field checkbox'>
                        <input type="checkbox" name="enabletrack" class="input_check" id='enable_track' value="1"  />
                        <label for='enable_track'><strong>Enable</strong> email notification of replies?</label>

                    </li>
                
        </ul>
        <hr />
    

    
    
    
        <h4>Post icon</h4>
        <ul id='post_icons'>
            <li>
                <input type="radio" class="input_radio" name="iconid" value="1" />&nbsp;
                <img src="http://www.portaliz.com/forum/public/style_extra/post_icons/icon1.gif" alt='' />

            </li>
            <li>
                <input type="radio" class="input_radio" name="iconid" value="2" />&nbsp;
                <img src="http://www.portaliz.com/forum/public/style_extra/post_icons/icon2.gif" alt='' />
            </li>
            <li>
                <input type="radio" class="input_radio" name="iconid" value="3" />&nbsp;
                <img src="http://www.portaliz.com/forum/public/style_extra/post_icons/icon3.gif" alt='' />
            </li>

            <li>
                <input type="radio" class="input_radio" name="iconid" value="4" />&nbsp;
                <img src="http://www.portaliz.com/forum/public/style_extra/post_icons/icon4.gif" alt='' />
            </li>
            <li>
                <input type="radio" class="input_radio" name="iconid" value="5" />&nbsp;
                <img src="http://www.portaliz.com/forum/public/style_extra/post_icons/icon5.gif" alt='' />
            </li>
            <li>

                <input type="radio" class="input_radio" name="iconid" value="6" />&nbsp;
                <img src="http://www.portaliz.com/forum/public/style_extra/post_icons/icon6.gif" alt='' />
            </li>
            <li>
                <input type="radio" class="input_radio" name="iconid" value="7" />&nbsp;
                <img src="http://www.portaliz.com/forum/public/style_extra/post_icons/icon7.gif" alt='' />
            </li>
            <li class='clear'>
                <input type="radio" class="input_radio" name="iconid" value="8" />&nbsp;

                <img src="http://www.portaliz.com/forum/public/style_extra/post_icons/icon8.gif" alt='' />
            </li>
            <li>
                <input type="radio" class="input_radio" name="iconid" value="9" />&nbsp;
                <img src="http://www.portaliz.com/forum/public/style_extra/post_icons/icon9.gif" alt='' />
            </li>
            <li>
                <input type="radio" class="input_radio" name="iconid" value="10" />&nbsp;
                <img src="http://www.portaliz.com/forum/public/style_extra/post_icons/icon10.gif" alt='' />

            </li>
            <li>
                <input type="radio" class="input_radio" name="iconid" value="11" />&nbsp;
                <img src="http://www.portaliz.com/forum/public/style_extra/post_icons/icon11.gif" alt='' />
            </li>
            <li>
                <input type="radio" class="input_radio" name="iconid" value="12" />&nbsp;
                <img src="http://www.portaliz.com/forum/public/style_extra/post_icons/icon12.gif" alt='' />
            </li>

            <li>
                <input type="radio" class="input_radio" name="iconid" value="13" />&nbsp;
                <img src="http://www.portaliz.com/forum/public/style_extra/post_icons/icon13.gif" alt='' />
            </li>
            <li>
                <input type="radio" class="input_radio" name="iconid" value="14" />&nbsp;
                <img src="http://www.portaliz.com/forum/public/style_extra/post_icons/icon14.gif" alt='' />
            </li>
            <li class='clear'>

                <input type="radio" class="input_radio" name="iconid" value="0" checked="checked" />&nbsp;&nbsp;[ Use None ]
            </li>
        </ul>
        <hr />
    </div>
    
    <span id='toggle_post_options' class='clickable'></span>
    
    <script type='text/javascript'>
        ipb.post.hideOptions();
    </script>
</fieldset>
<fieldset class='submit'>
    <input type='hidden' name='st' value='0' />

    <input type='hidden' name='app' value='forums' />
    <input type='hidden' name='module' value='post' />
    <input type='hidden' name='section' value='post' />
    <input type='hidden' name='do' value='new_post_do' />
    <input type='hidden' name='s' value='6815c21dd6f05bb152e8b265fb23ffab' />
    <input type='hidden' name='p' value='0' />
    <input type='hidden' name='t' value='' />
    <input type='hidden' name='f' value='39' />
    <input type='hidden' name='parent_id' value='0' />

    <input type='hidden' name='attach_post_key' value='3475dade069b28e1f7e831819cb8d6af' />
    <input type='hidden' name='auth_key' value='86bceeeb168aac615004a31243b25ec8' />
    <input type='hidden' name='removeattachid' value='0' />
    
    <input type="submit" name="dosubmit" value="Post New Topic" tabindex="0" class="input_submit" accesskey="s"  />&nbsp;
    <input type="submit" name="preview" value="Preview Post" tabindex="0" class="input_submit alt" />
    or 
            <a href='http://www.portaliz.com/forum/forum/39-introductions/' title='Cancel' class='cancel' tabindex='0'>Cancel</a>
        
</fieldset>
</form>

This is what should be sent when previewing the post (I already checked the headers this time and they are ok):

-----------------------------66522393630838
Content-Disposition: form-data; name="TopicTitle"

Firsttest
-----------------------------66522393630838
Content-Disposition: form-data; name="TopicDesc"


-----------------------------66522393630838
Content-Disposition: form-data; name="poll_question"


-----------------------------66522393630838
Content-Disposition: form-data; name="ed-0_wysiwyg_used"

0
-----------------------------66522393630838
Content-Disposition: form-data; name="editor_ids[]"

ed-0
-----------------------------66522393630838
Content-Disposition: form-data; name="Post"

FirstTest
-----------------------------66522393630838
Content-Disposition: form-data; name="enableemo"

yes
-----------------------------66522393630838
Content-Disposition: form-data; name="enablesig"

yes
-----------------------------66522393630838
Content-Disposition: form-data; name="iconid"

0
-----------------------------66522393630838
Content-Disposition: form-data; name="st"

0
-----------------------------66522393630838
Content-Disposition: form-data; name="app"

forums
-----------------------------66522393630838
Content-Disposition: form-data; name="module"

post
-----------------------------66522393630838
Content-Disposition: form-data; name="section"

post
-----------------------------66522393630838
Content-Disposition: form-data; name="do"

new_post_do
-----------------------------66522393630838
Content-Disposition: form-data; name="s"

d3f0faad9d0f42f74d8fec8ddedccbd1
-----------------------------66522393630838
Content-Disposition: form-data; name="p"

0
-----------------------------66522393630838
Content-Disposition: form-data; name="t"


-----------------------------66522393630838
Content-Disposition: form-data; name="f"

39
-----------------------------66522393630838
Content-Disposition: form-data; name="parent_id"

0
-----------------------------66522393630838
Content-Disposition: form-data; name="attach_post_key"

3475dade069b28e1f7e831819cb8d6af
-----------------------------66522393630838
Content-Disposition: form-data; name="auth_key"

86bceeeb168aac615004a31243b25ec8
-----------------------------66522393630838
Content-Disposition: form-data; name="removeattachid"

0
-----------------------------66522393630838
Content-Disposition: form-data; name="preview"

Preview Post
-----------------------------66522393630838--

And this is what is being sent by _WinHttpSimpleFormFill:

------WinHttpBoundaryLine_27747.79111
Content-Disposition: form-data; name="TopicTitle"

Firsttest
------WinHttpBoundaryLine_27747.79111
Content-Disposition: form-data; name="TopicDesc"


------WinHttpBoundaryLine_27747.79111
Content-Disposition: form-data; name="question[#{qid}]"

#{value}
------WinHttpBoundaryLine_27747.79111
Content-Disposition: form-data; name="choice[#{qid}_#{cid}]"

#{choice}
------WinHttpBoundaryLine_27747.79111
Content-Disposition: form-data; name="votes[#{qid}_#{cid}]"

#{votes}
------WinHttpBoundaryLine_27747.79111
Content-Disposition: form-data; name="poll_question"


------WinHttpBoundaryLine_27747.79111
Content-Disposition: form-data; name="ed-0_wysiwyg_used"

0
------WinHttpBoundaryLine_27747.79111
Content-Disposition: form-data; name="editor_ids[]"

ed-0
------WinHttpBoundaryLine_27747.79111
Content-Disposition: form-data; name="Post"

FirstTest
------WinHttpBoundaryLine_27747.79111--

Clearly there are many input type='hidden' that are missing. I examined the 'Case multipart/form' part by adding this code:

Case "multipart/form-data"
                If $sMethod = "POST" Then ; can't be GET
                    $fMuftiPart = True
                    #cs
                    #ce
                    If $fMuftiPart Then MsgBox(0,"debug","$fMuftiPart is True");This is to check if it entered this case
                    #cs
                    #ce
                    $aInput = StringRegExp($sForm, "(?si)<\h*(?:input|textarea|label|fieldset|legend|select|optgroup|option|button)\h*(.*?)/*\h*>", 3)
                    If @error Then Return SetError(2, 0, "") ; invalid form
                    #cs
                    #ce
                    _ArrayDisplay($aInput)
                    #cs
                    #ce
                    Local $aMInputIds[4][UBound($aInput)]

And _ArrayDisplay($aInput) showed this:

[0]|
[1]|for='topic_title'
[2]|id='topic_title' class='input_text' type="text" size="50" maxlength="150" name="TopicTitle" value="" tabindex="0" 
[3]|for='topic_desc'
[4]|id='topic_desc' class='input_text' type="text" size="50" maxlength="70" name="TopicDesc" value="" tabindex="0" 
[5]|id='poll_fieldset' style='display: none'
[6]|for='#{qid}'
[7]|type='text' class='input_text question_title' id='#{qid}' value='#{value}' size='40' maxlength='254' name='question[#{qid}]' 
[8]|type='checkbox' class='input_check' value='1' name='multi[#{qid}]' id='multi_#{qid}'
[9]|for='multi_#{qid}'
[10]|type='text' id='poll_#{qid}_#{cid}' name='choice[#{qid}_#{cid}]' class='input_text' value='#{choice}' size='46' maxlength='254' 
[11]|type='text' id='poll_#{qid}_#{cid}_votes' name='votes[#{qid}_#{cid}]' value='#{votes}' class='input_text' size='5' 
[12]|id='poll_wrap' style='display: none' class='clear'
[13]|for='poll_title'
[14]|type='text' class='input_text' name='poll_question' id='poll_title' size='40' value='' 
[15]|type='checkbox' class='input_check' name='poll_view_voters' id='poll_view_voters' value='1'  
[16]|for='poll_view_voters'
[17]|
[18]|type='hidden' name='ed-0_wysiwyg_used' id='ed-0_wysiwyg_used' value='0' 
[19]|type='hidden' name='editor_ids[]' value='ed-0' 
[20]|type='button' value='Show All' id='ed-0_showall_emoticons' class='input_submit emoticons' 
[21]|name="Post" class="input_rte" id="ed-0_textarea" rows="10" cols="60" tabindex="0"

So, I think there may be a problem with the regex there:

$aInput = StringRegExp($sForm, "(?si)<\h*(?:input|textarea|label|fieldset|legend|select|optgroup|option|button)\h*(.*?)/*\h*>", 3)

but why? It functioned well in the other cases -which were application-x www urlencoded forms but that does not make any difference here, the problem is it doesn't parse all the 'inputs' correctly-

Why it does not match for instance

<input type='hidden' name='f' value='39' />
?

I will try with a different regex, I made this some time ago that may be useful:

$conditionalregexp = StringRegExp($sRead, '(?i)(?s)<div id="someid".*?(?(?=<div).*?</div>)</div>', 3)

The part in red extracts the source code of a div object with a determined id and the part in blue checks if there are other <div tags and if they are, it finds the following closing </div>. Without the blue part it would stop extracting the code when it finds the first </div>

Anyway, could you point me to some documentation or explain me the employment of the (?si) conditional regex in

$aInput = StringRegExp($sForm, "(?si)<\h*(?:input|textarea|label|fieldset|legend|select|optgroup|option|button)\h*(.*?)/*\h*>", 3)
please?

PS: I just saw you made revision 81 . I will try it to see if the is fixed.

PS2: I forgot to thank also ProgAndy for his explanations :x

Edited by Mithrandir

Share this post


Link to post
Share on other sites

Mmm don't waste time in the regexp: I debugged what form was getting parsed using this code:

Case "multipart/form-data"
                If $sMethod = "POST" Then ; can't be GET
                    $fMuftiPart = True
                    #cs
                    #ce
                    If $fMuftiPart Then MsgBox(0,"debug","$fMuftiPart is True")
                    #cs
                    #ce
                    FileWrite(@ScriptDir&'/sForm.html',$sForm)
                    $aInput = StringRegExp($sForm, "(?si)<\h*(?:input|textarea|label|fieldset|legend|select|optgroup|option|button)\h*(.*?)/*\h*>", 3)
                    If @error Then Return SetError(2, 0, "") ; invalid form
                    #cs
                    #ce
                    _ArrayDisplay($aInput)
                    #cs
                    #ce
                    Local $aMInputIds[4][UBound($aInput)]

And I saw that this was returned in $sForm:

id='postingform' action='http://www.portaliz.com/forum/index.php?' method='post' enctype='multipart/form-data'>

<div class='maintitle_base'><div class='header_left'><div class='header_right'><h2 class='maintitle'>Posting A New Topic In Introductions</h2></div></div></div>

<div class='box_l'><div class='box_r'>

<div class='generic_bar'></div>

<fieldset>

<h3 class='bar'>Topic Information</h3>

<ul>

<li class='field'>

<label for='topic_title'>Topic Title</label>

<input id='topic_title' class='input_text' type="text" size="50" maxlength="150" name="TopicTitle" value="" tabindex="0" />

</li>

<li class='field'>

<label for='topic_desc'>Topic Description</label>

<input id='topic_desc' class='input_text' type="text" size="50" maxlength="70" name="TopicDesc" value="" tabindex="0" />

<span class='desc'>(Optional)</span>

</li>

</ul>

</fieldset>

<fieldset id='poll_fieldset' style='display: none'>

<h3 class='bar'>Topic Poll</h3>

<script type='text/javascript'>

//<![CDATA[

ipb.poll.maxQuestions = parseInt( 5 );

ipb.poll.maxChoices = parseInt( 20 );

ipb.poll.isPublicPoll = parseInt( );

ipb.poll.showonload = 0;

ipb.poll.isMod = 0;

ipb.poll.questions = $H(

{}

);

ipb.poll.choices = $H(

{}

);

ipb.poll.votes = $H(

{}

);

ipb.poll.multi = $H(

);

//ipb.templates['poll_section_wrap'] = "<div id='poll_#{id}' class='general_box'>#{content}</div>";

ipb.templates['poll_question'] = new Template("<li class='field question' id='question_#{qid}_wrap' style='display: none'>" +

" <label for='#{qid}'><strong>Question</strong></label>" +

" <div class='wrap rounded'>" +

" <input type='text' class='input_text question_title' id='#{qid}' value='#{value}' size='40' maxlength='254' name='question[#{qid}]' />" +

" <input type='checkbox' class='input_check' value='1' name='multi[#{qid}]' id='multi_#{qid}'/> <label for='multi_#{qid}'><span class='desc'>Allow users to select multiple answers?</span></label>" +

" <ol id='choices_for_#{qid}'></ol>" +

" <ul class='post_controls'>" +

" <li><a href='#' id='add_choice_#{qid}' title='Add Choice'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/add.png' alt='+' /> Add Another Choice</a></li>" +

" <li><a href='#' id='remove_question_#{qid}' title='Remove question'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/delete.png' alt='-' /> Remove question</a></li>" +

" </ul>" +

" </div>" +

"</li>");

ipb.templates['poll_choice'] = new Template("<li id='poll_#{qid}_#{cid}_wrap' style='display: none'><input type='text' id='poll_#{qid}_#{cid}' name='choice[#{qid}_#{cid}]' class='input_text' value='#{choice}' size='46' maxlength='254' /> <input type='text' id='poll_#{qid}_#{cid}_votes' name='votes[#{qid}_#{cid}]' value='#{votes}' class='input_text' size='5' /> <a href='#' id='remove_#{qid}_#{cid}' title='Remove Choice'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/bullet_delete.png' alt='Remove Choice' /></a></li>");

//]]>

</script>

<div class='post_form poll_form' id='poll_form'>

<div class='topic_controls' id='add_poll' style='display: none'>

<ul class='topic_buttons'>

<li><a href='#'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/chart_curve_add.png' alt='Show' /> Manage Topic Poll</a></li>

</ul>

</div>

<fieldset id='poll_wrap' style='display: none' class='clear'>

<ul id='poll_container'>

<li class='field'>

<label for='poll_title'>Poll Title (Optional)</label>

<input type='text' class='input_text' name='poll_question' id='poll_title' size='40' value='' />

</li>

<li class='field checkbox'>

<input type='checkbox' class='input_check' name='poll_view_voters' id='poll_view_voters' value='1' />

<label for='poll_view_voters'>Public Poll?</label>

<span class='desc'>(If checked, votes will be made public. <strong>This cannot be changed once a vote has been made!</strong>)</span>

</li>

</ul>

<span class='desc' id='poll_stats'></span>

<div class='topic_controls'>

<ul class='topic_buttons'>

<li id='add_new_question'><a href='#'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/add.png' alt='+' /> Add Another Question</a></li>

<li id='close_poll'><a href='#'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/cross.png' alt='x' /> Close Poll Form</a></li>

</ul>

</div>

</fieldset>

</div>

</fieldset>

<script type='text/javascript'>

$('poll_fieldset').show();

</script>

<fieldset>

<h3 class='bar'>Topic</h3>

<input type='hidden' name='ed-0_wysiwyg_used' id='ed-0_wysiwyg_used' value='0' />

<input type='hidden' name='editor_ids[]' value='ed-0' />

<div class='ips_editor ' id='editor_ed-0'>

<div class='sidebar row1 altrow' id='ed-0_sidebar' style='display: none'>

<h4><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/close_popup.png' alt='' id='ed-0_close_sidebar' /><span>Emoticons</span></h4>

<div id='ed-0_emoticon_holder' class='emoticon_holder'></div>

<div class='show_all_emoticons' id='ed-0_showall_bar'>

<input type='button' value='Show All' id='ed-0_showall_emoticons' class='input_submit emoticons' />

</div>

</div>

<div id='ed-0_controls' class='controls'>

<ul id='ed-0_toolbar_1' class='toolbar' style='display: none'>

<li class='left'>

<span id='ed-0_cmd_removeformat' class='rte_control rte_button' title='Remove formatting'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/remove_formatting.png' alt='Remove formatting' /></span>

</li>

<li class='left'>

<span id='ed-0_cmd_otherstyles' class='rte_control rte_menu rte_special' title='Other available styles' style='display: none'>Other styles</span>

</li>

<li class='left'>

<span id='ed-0_cmd_fontname' class='rte_control rte_menu rte_font' title='Choose a font to use'>Fonts</span>

</li>

<li class='left'>

<span id='ed-0_cmd_fontsize' class='rte_control rte_menu rte_fontsize' title='Choose a font size'>Sizes</span>

</li>

<li class='left'>

<span id='ed-0_cmd_forecolor' class='rte_control rte_palette' title='Text color'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/font_color.png' alt='Text color' /></span>

</li>

<li class='right'>

<span id='ed-0_cmd_spellcheck' class='rte_control rte_button' title='Spellcheck'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/spellcheck.png' alt='Spellcheck' /></span>

</li>

<li class='right'>

<span id='ed-0_cmd_r_small' class='rte_control rte_button' title='Decrease editor size'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/resize_small.png' alt='Decrease editor size' /></span>

</li>

<li class='right'>

<span id='ed-0_cmd_r_big' class='rte_control rte_button' title='Increase editor size'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/resize_big.png' alt='Increase editor size' /></span>

</li>

<li class='right sep'>

<span id='ed-0_cmd_help' class='rte_control rte_button' title='Help'><a href='http://www.portaliz.com/forum/index.php?app=forums&module=extras&section=legends&do=bbcode' title='Help'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/help.png' alt='Help' /></a></span>

</li>

<li class='right sep'>

<span id='ed-0_cmd_undo' class='rte_control rte_button' title='Undo'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/undo.png' alt='Undo' /></span>

</li>

<li class='right'>

<span id='ed-0_cmd_redo' class='rte_control rte_button' title='Redo'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/redo.png' alt='Redo' /></span>

</li>

<li class='right'>

</li>

</ul>

<ul id='ed-0_toolbar_2' class='toolbar' style='display: none'>

<li>

<span id='ed-0_cmd_bold' class='rte_control rte_button' title='Bold'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/bold.png' alt='Bold' /></span>

</li>

<li>

<span id='ed-0_cmd_italic' class='rte_control rte_button' title='Italic'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/italic.png' alt='Italic' /></span>

</li>

<li>

<span id='ed-0_cmd_underline' class='rte_control rte_button' title='Underline'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/underline.png' alt='Underline' /></span>

</li>

<li class='sep'>

<span id='ed-0_cmd_strikethrough' class='rte_control rte_button' title='Strikethrough'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/strike.png' alt='Strikethrough' /></span>

</li>

<li>

<span id='ed-0_cmd_subscript' class='rte_control rte_button' title='Subscript'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/subscript.png' alt='Subscript' /></span>

</li>

<li class='sep'>

<span id='ed-0_cmd_superscript' class='rte_control rte_button' title='Superscript'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/superscript.png' alt='Superscript' /></span>

</li>

<li>

<span id='ed-0_cmd_insertunorderedlist' class='rte_control rte_button' title='Insert list'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/unordered_list.png' alt='Insert list' /></span>

</li>

<li class='sep'>

<span id='ed-0_cmd_insertorderedlist' class='rte_control rte_button' title='Insert list'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/ordered_list.png' alt='Insert list' /></span>

</li>

<li>

<span id='ed-0_cmd_emoticons' class='rte_control rte_button' title='Emoticons'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/emoticons.png' alt='Emoticons' /></span>

</li>

<li>

<span id='ed-0_cmd_link' class='rte_control rte_palette' title='Insert link'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/link.png' alt='Insert link' /></span>

</li>

<li>

<span id='ed-0_cmd_image' class='rte_control rte_palette' title='Insert image'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/picture.png' alt='Insert image' /></span>

</li>

<li>

<span id='ed-0_cmd_email' class='rte_control rte_palette' title='Insert email address'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/email.png' alt='Insert email address' /></span>

</li>

<li>

<span id='ed-0_cmd_ipb_quote' class='rte_control rte_button' title='Insert quotation'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/quote.png' alt='Insert quotation' /></span>

</li>

<li>

<span id='ed-0_cmd_ipb_code' class='rte_control rte_button' title='Insert code snippet'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/code.png' alt='Insert code snippet' /></span>

</li>

<li>

<span id='ed-0_cmd_media' class='rte_control rte_palette' title='Insert media'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/media.png' alt='Insert media' /></span>

</li>

<li class='right'>

<span id='ed-0_cmd_justifyright' class='rte_control rte_button' title='Align right'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/align_right.png' alt='Align right' /></span>

</li>

<li class='right'>

<span id='ed-0_cmd_justifycenter' class='rte_control rte_button' title='Align center'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/align_center.png' alt='Align center' /></span>

</li>

<li class='right'>

<span id='ed-0_cmd_justifyleft' class='rte_control rte_button' title='Align left'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/align_left.png' alt='Align left' /></span>

</li>

<li class='right sep'>

<span id='ed-0_cmd_indent' class='rte_control rte_button' title='Indent'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/indent.png' alt='Indent' /></span>

</li>

<li class='right'>

<span id='ed-0_cmd_outdent' class='rte_control rte_button' title='Outdent'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/outdent.png' alt='Outdent' /></span>

</li>

</ul>

</div>

<div id='ed-0_wrap' class='editor'>

<textarea name="Post" class="input_rte" id="ed-0_textarea" rows="10" cols="60" tabindex="0"></textarea>

</div>

</div>

<script type="text/javascript">

//<![CDATA[

$('ed-0_toolbar_1').show();

$('ed-0_toolbar_2').show();

// Rikki: Had to remove <form>...

Note how it stops after

// Rikki: Had to remove <form>...
. Clearly the </form> that comes afterwards makes the script match the form up to there and screw our purpose. Although at the beginning of the code you removed html comments
$sHTML = StringRegExpReplace($sHTML, "(?s)<!--.*?-->", "") ; removing comments
This is part of a comment of a javascript:

<!-- Toolpanes -->
<script type="text/javascript">
//<![CDATA[
$('ed-0_toolbar_1').show();
$('ed-0_toolbar_2').show();
// Rikki: Had to remove <form>... </form> because Opera would see </form> and not pass the topic icons / hidden fields properly. Tried "</" + "form>" but when it is parsed, it had the same affect
ipb.editor_values.get('templates')['link'] = new Template("<label for='#{id}_url'>URL</label><input type='text' class='input_text' id='#{id}_url' value='http://' tabindex='10' /><label for='#{id}_urltext'>Link text</label><input type='text' class='input_text _select' id='#{id}_urltext' value='My link' tabindex='11' /><input type='submit' class='input_submit' value='Insert Link' tabindex='12' />");
ipb.editor_values.get('templates')['image'] = new Template("<label for='#{id}_img'>Image URL</label><input type='text' class='input_text' id='#{id}_img' value='http://' tabindex='10' /><input type='submit' class='input_submit' value='Insert Image' tabindex='11' />");
ipb.editor_values.get('templates')['email'] = new Template("<label for='#{id}_email'>Email Address</label><input type='text' class='input_text' id='#{id}_email' tabindex='10' /><label for='#{id}_emailtext'>Link text</label><input type='text' class='input_text _select' id='#{id}_emailtext' value='Email me' tabindex='11' /><input type='submit' class='input_submit' value='Insert Email' tabindex='12' />");
ipb.editor_values.get('templates')['media'] = new Template("<label for='#{id}_media'>Media URL</label><input type='text' class='input_text' id='#{id}_media' value='http://' tabindex='10' /><input type='submit' class='input_submit' value='Insert Media' tabindex='11' />");
ipb.editor_values.get('templates')['generic'] = new Template("<div class='rte_title'>#{title}</div><strong>Example</strong><pre>#{example}</pre><label for='#{id}_option' class='optional'>#{option_text}</label><input type='text' class='input_text optional' id='#{id}_option' tabindex='10' /><label for='#{id}_text' class='tagcontent'>#{value_text}</label><textarea class='input_text _select tagcontent' id='#{id}_text' tabindex='11' rows='4' cols='30' style='width: 98%' /></textarea><input type='submit' class='input_submit' value='Add' tabindex='12' />");
ipb.editor_values.get('templates')['toolbar'] = new Template("<ul id='#{id}_toolbar_#{toolbarid}' class='toolbar' style='display: none'>#{content}</ul>");
ipb.editor_values.get('templates')['button'] = new Template("<li><span id='#{id}_cmd_custom_#{cmd}' class='rte_control rte_button specialitem' title='#{title}'><img src='http://www.portaliz.com/forum/public/style_images/overlay-blueberry/rte_icons/#{img}' alt='' /></span></li>");
ipb.editor_values.get('templates')['menu_item'] = new Template("<li id='#{id}_cmd_custom_#{cmd}' class='specialitem clickable'>#{title}</li>");
ipb.editor_values.get('templates')['togglesource'] = new Template("<fieldset id='#{id}_ts_controls' class='submit' style='text-align: left'><input type='button' class='input_submit' value='Update' id='#{id}_ts_update' />    <a href='#' id='#{id}_ts_cancel' class='cancel'>Cancel Source Edit</a></fieldset>");
ipb.editor_values.get('templates')['emoticons_showall'] = new Template("<input class='input_submit emoticons' type='button' id='#{id}_all_emoticons' value='Show all emoticons' />");
ipb.editor_values.get('templates')['emoticon_wrapper'] = new Template("<h4><span>Emoticons</span></h4><div id='#{id}_emoticon_holder' class='emoticon_holder'></div>");
// Add smilies into the mix
ipb.editor_values.set( 'show_emoticon_link', true );
ipb.editor_values.set( 'emoticons', $H({ ':weightlifter:' : "1,weightlifter.gif",
':ballchain:' : "2,ballchain.gif",
':rolleyes:' : "3,rolleyes.gif",
':violent:' : "4,violent.gif",
':welcome:' : "5,welcome.gif",
'<_<' : "6,dry.gif",
':mellow:' : "7,mellow.gif",
':unsure:' : "8,unsure.gif",
':rockon:' : "9,rockon.gif",
':boxing:' : "10,boxing.gif",
':plane:' : "11,plane.gif",
':yield:' : "12,yield.gif",
':boink:' : "13,boink.gif",
':blush:' : "14,blush.gif",
':smash:' : "15,smash.gif",
':blink:' : "16,blink.gif",
':angry:' : "17,angry.gif",
':boom:' : "18,boom.gif",
':blah:' : "19,blah.gif",
':fear:' : "20,fear.gif",
':wave:' : "21,wave.gif",
':huh:' : "22,huh.gif",
':spy:' : "23,spy.gif",
':lol:' : "24,laugh.gif",
':eek:' : "25,eek.gif",
':)' : "26,smile.gif",
':(' : "27,sad.gif",
':o' : "28,ohmy.gif",
';)' : "29,wink.gif",
':P' : "30,tongue.gif",
'B)' : "31,cool.gif",
':D' : "32,biggrin.gif" }) );
ipb.editor_values.set( 'bbcodes', $H({"hide":{"id":"39","title":"(T30) Hide Content","desc":"Hides the content between the tags if the members hasn't replied to the topic","tag":"hide","useoption":"0","example":"[hide]Hidden text until you reply![/hide]","switch_option":"0","menu_option_text":"","menu_content_text":"Write here the text you want to hide:","single_tag":"0","optional_option":"0","image":"hide.png"},"acronym":{"id":"8","title":"Acronym","desc":"Allows you to make an acronym that will display a description when moused over","tag":"acronym","useoption":"1","example":"[acronym='Laugh Out Loud']lol[/acronym]","switch_option":"0","menu_option_text":"Enter the description for this acronym (EG: Laugh Out Loud)","menu_content_text":"Enter the acronym (EG: lol)","single_tag":"0","optional_option":"0","image":""},"entry":{"id":"11","title":"Blog Entry Link","desc":"This tag provides an easy way to link to a blog entry.","tag":"entry","useoption":"1","example":"[entry=100]Click me![/entry]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"0","image":""},"blog":{"id":"10","title":"Blog Link","desc":"This tag provides an easy way to link to a blog.","tag":"blog","useoption":"1","example":"[blog=100]Click me![/blog]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"0","image":""},"code":{"id":"16","title":"Code","desc":"Allows you to enter general code","tag":"code","useoption":"0","example":"[__CODE_PROTECTED]JiMwMzY7dGV4dCA9ICYjMzk7U29tZSBsb25nIGNvZGUgaGVyZSYjMzk7Ow==[/__CODE_PROTECTED]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"0","image":""},"extract":{"id":"9","title":"Extract Blog Entry","desc":"This will allow users to define an extract for an entry. Only this piece of the entry will be displayed on the main blog page and will show up in the RSS feed.","tag":"extract","useoption":"0","example":"[extract]This is an example![/extract]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"0","image":""},"hr":{"id":"15","title":"Horizontal Rule","desc":"Adds a horizontal rule to separate text","tag":"hr","useoption":"0","example":"[hr]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"1","optional_option":"0","image":""},"html":{"id":"18","title":"HTML Code","desc":"Allows you to enter formatted/syntax-highlighted HTML code","tag":"html","useoption":"0","example":"[html]<div class='outer'>\n  <p>Hello World</p>\n </div>[/html]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"0","image":""},"member":{"id":"34","title":"Member","desc":"Given a member name, a link is automatically generated to the member's profile","tag":"member","useoption":"1","example":"[member=admin] runs this site.","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"1","optional_option":"0","image":""},"optional":{"id":"36","title":"Optional","desc":"","tag":"optional","useoption":"0","example":"","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"1","image":""},"php":{"id":"17","title":"PHP Code","desc":"Allows you to enter PHP code into a formatted/highlighted syntax box","tag":"php","useoption":"0","example":"[php]$variable = true;\n\nprint_r($variable);[/php]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"0","image":""},"post":{"id":"6","title":"Post Link","desc":"This tag provides an easy way to link to a post.","tag":"post","useoption":"1","example":"[post=1]Click me![/post]","switch_option":"0","menu_option_text":"Enter the Post ID","menu_content_text":"Enter the title for this link","single_tag":"0","optional_option":"0","image":""},"snapback":{"id":"1","title":"Post Snap Back","desc":"This tag displays a little linked image which links back to a post - used when quoting posts from the board. Opens in same window by default.","tag":"snapback","useoption":"0","example":"[snapback]100[/snapback]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"0","image":""},"spoiler":{"id":"7","title":"Spoiler","desc":"Spoiler tag","tag":"spoiler","useoption":"0","example":"[spoiler]Some hidden text[/spoiler]","switch_option":"0","menu_option_text":"","menu_content_text":"Enter the text to be masked","single_tag":"0","optional_option":"0","image":""},"sql":{"id":"19","title":"SQL Code","desc":"Allows you to enter formatted/syntax-highlighted SQL code","tag":"sql","useoption":"0","example":"[sql]SELECT p.*, t.* FROM posts p LEFT JOIN topics t ON t.tid=p.topic_id WHERE t.tid=7[/sql]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"0","image":""},"topic":{"id":"5","title":"Topic Link","desc":"This tag provides an easy way to link to a topic","tag":"topic","useoption":"1","example":"[topic=1]Click me![/topic]","switch_option":"0","menu_option_text":"Enter the topic ID","menu_content_text":"Enter the title for this link","single_tag":"0","optional_option":"0","image":""},"pagebreak":{"id":"38","title":"Tutorial pagebreak","desc":"Insert a pagebreak into a multi-paged tutorial.","tag":"pagebreak","useoption":"0","example":"This is page 1<br />[pagebreak]<br />This is page 2","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"1","optional_option":"0","image":""},"twitter":{"id":"37","title":"Twitter","desc":"A tag to link to a user's twitter account","tag":"twitter","useoption":"0","example":"[twitter]userName[/twitter]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"0","image":"twitter.png"},"xml":{"id":"20","title":"XML Code","desc":"Allows you to enter formatted/syntax-highlighted XML code","tag":"xml","useoption":"0","example":"[xml]<outer>\n <inner>\n  <tag param='1'>Test</tag>\n </inner>\n</outer>[/xml]","switch_option":"0","menu_option_text":"","menu_content_text":"","single_tag":"0","optional_option":"0","image":""}}) );
ipb.vars['emoticon_url'] = "http://www.portaliz.com/forum/public/style_emoticons/default";
ipb.editors[ 'ed-0' ] = new ipb.editor( 'ed-0', USE_RTE );
//]]>
</script>

I wouldn't dare removing the javascripts from the source using the regex from my previous post

StringRegExpReplace($sRead,'(?i)(?s)<script type="text/javascript">.*?(?(?=<script).*?</script>)</script>',"")
because it may screw up things in other forms although I don't think javascripts are part of fields that have to be filled in forms.

The other choice would be to remove only the comment that causes trouble:

// Rikki: Had to remove <form>... </form> because Opera would see </form> and not pass the topic icons / hidden fields properly. Tried "</" + "form>" but when it is parsed, it had the same affect

It is in one line and I guess they will always be in one line because in javascript there's no closing bracket for comments...So would a regex that is closed by a newline function in general? like this:

$sHTML = StringRegExpReplace($sHTML, "(?i)//.*?\r{1}", "") ; removing javascript comments (up to the first carriage return (@CR, chr(13)))
;or
$sHTML = StringRegExpReplace($sHTML, "(?i)//.*?\n{1}", "") ; removing javascript comments (up to the first linefeed (@LF, chr(10)))
;or?
$sHTML = StringRegExpReplace($sHTML, "(?i)//.*?\Z{1}", "") ; Match only at end of string, or before newline at the end---> What does this means?

PS: It's incredible again how the simplest thing ruins a beautiful function. This time a comment that could have been put in the documentation or the log of the version!! (obviously I'm referring to the 'Rikki: Had to remove <form>' chat-between-developers comment :P:x:shifty: )

EDIT: I tried the three regex replace and either they removed pretty everything in the form or they didn't remove anything. How can I match the shortest string before a newline?...

Or...maybe what happens is that as $sHTML is all a string that doesn't record the carriage returns/newlines of the original html. Is it like this? If so, how to remove the //this is a javascript comment comments?

Edited by Mithrandir

Share this post


Link to post
Share on other sites

CDATA is what should be removed and then test.

There is a line in the function

$sHTML = StringRegExpReplace($sHTML, "(?s)<!--.*?-->", "") ; removing comments

...replace it with:

$sHTML = StringRegExpReplace($sHTML, "(?s)<!--.*?-->", "") ; removing comments
$sHTML = StringRegExpReplace($sHTML, "(?s)<!\[CDATA\[.*?\]\]>", "") ; removing CDATA
Edited by trancexx

♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites

CDATA is what should be removed and then test.

There is a line in the function

$sHTML = StringRegExpReplace($sHTML, "(?s)<!--.*?-->", "") ; removing comments

...replace it with:

$sHTML = StringRegExpReplace($sHTML, "(?s)<!--.*?-->", "") ; removing comments
$sHTML = StringRegExpReplace($sHTML, "(?s)<!\[CDATA\[.*?\]\]>", "") ; removing CDATA

Thanks! That worked perfectly! I didn't know about CDATA, after reading these articles:

XML CDATA-W3schools.com

CDATA-wikipedia

SGML basic types-w3.org

I think the webbrowser -which is firefox in my case and it is also the one that I set as useragent in _WinHttpOpen- doesn't render the document as XHTML as wikipedia says:

CDATA sections in XHTML documents are liable to be parsed differently by web browsers if they render the document as HTML, since HTML parsers do not recognise the CDATA start and end markers, nor do they recognise HTML entity references such as &lt; within <script> tags. This can cause rendering problems in web browsers and can lead to cross-site scripting vulnerabilities if used to display data from untrusted sources, since the two kinds of parser will disagree on where the CDATA section ends.

So, is because of that that the CDATA section was shown in the source code? I mean, if the webbrowser had parsed the document as XHTML, the code inside CDATA tags wouldn't have appeared, would them?

And finally, so can this code

$sHTML = StringRegExpReplace($sHTML, "(?s)<!\[CDATA\[.*?\]\]>", ""); removing CDATA
be left in _WinHttpSimpleFormFill? ie it wouldn't cause trouble to parse form elements because forms aren't inside CDATA tags, right?

-----------------------------------------------------------------------------------------------------------------------------

I also tried the form that gave the and it is previewed ok despite sending all the bold, italics etc buttons. The problem was the &amp; in the actionpage in this case. Obviously, the correction you did in rev 81 is right cause it doesn't make sense to send the buttons in the request.

One thing that I would like to suggest would be to encode the values of the fields that are explicitly set (ie they are passed as parameters to _WinHttpSimpleFormFill, those that aren't left default) when the form is application/x-www-form-urlencoded. I saw you did it for the ones that are left default in this part of the code:

Case "", "application/x-www-form-urlencoded"
                $aInput = StringRegExp($sForm, "(?si)<\h*(?:input|textarea|label|fieldset|legend|select|optgroup|option|button)\h*(.*?)/*\h*>", 3)
                If @error Then Return SetError(2, 0, "") ; invalid form
                Local $aInputIds[4][UBound($aInput)]
                For $i = 0 To UBound($aInput) - 1 ; for all input elements
                    $aArray = StringRegExp($aInput[$i], '(?i).*?id\h*=(\h*"(.*?)"|' & "\h*'(.*?)'|" & '(.*?)(?: |\Z))', 3) ; e.g. id="abc" or id='abc' or id=abc
                    If Not @error Then $aInputIds[0][$i] = $aArray[UBound($aArray) - 1] ; id
                    $aArray = StringRegExp($aInput[$i], '(?i).*?name\h*=(\h*"(.*?)"|' & "\h*'(.*?)'" & '|(.*?)(?: |\Z))', 3) ; e.g. name="abc" or name='abc' or name=abc
                    If Not @error Then $aInputIds[1][$i] = $aArray[UBound($aArray) - 1] ; name
                    $aArray = StringRegExp($aInput[$i], '(?i).*?value\h*=(\h*"(.*?)"|' & "\h*'(.*?)'" & '|(.*?)(?: |\Z))', 3) ; e.g. value="abc" or value='abc' or value=abc
                    If Not @error Then $aInputIds[2][$i] = __WinHttpURLEncode($aArray[UBound($aArray) - 1]) ; value

but it would be good to encode the values in the For $k = 1 To $iNumParams bucle IMO, and I think it would be replacing the line:

$sAddData = StringReplace($sAddData, $aInputIds[1][$j] & "=" & $aInputIds[2][$j], $aInputIds[1][$j] & "=" & $sPassedData)

by:

$sAddData = StringReplace($sAddData, $aInputIds[1][$j] & "=" & $aInputIds[2][$j], $aInputIds[1][$j] & "=" & __WinHttpURLEncode($sPassedData))

and:

$sAddData = StringRegExpReplace($sAddData, "(?i)\Q" & $aSplit[1] & "\E=.*?(&|\Z)", $aSplit[1] & "=" & $sPassedData & "$1")
                        $iNumRepl = @extended
                        If $iNumRepl > 1 Then ; remove duplicates
                            $sAddData = StringRegExpReplace($sAddData, "(?i)\Q" & $aSplit[1] & "\E=.*?(&|\Z)", "", $iNumRepl - 1)
                        EndIf

by:

$sAddData = StringRegExpReplace($sAddData, "(?i)\Q" & $aSplit[1] & "\E=.*?(&|\Z)", $aSplit[1] & "=" & __WinHttpURLEncode($sPassedData) & "$1");<--What's the meaning of this $1? I don't recall seeing it in post data requests in live http headers
                        $iNumRepl = @extended
                        If $iNumRepl > 1 Then ; remove duplicates
                            $sAddData = StringRegExpReplace($sAddData, "(?i)\Q" & $aSplit[1] & "\E=.*?(&|\Z)", "", $iNumRepl - 1)
                        EndIf

What do you think? (I would also like to know the meaning of that "$1" in the last autoit code :x

PS: I now remember that someone told me that the data sent in a post request could be all encoded. That would be easier to modify in the code. Moreover, what I wrote before may screw a GET request because I don't know whether they can be encoded so instead of all that, it would be necessary to replace this (which is right before

Case "multipart/form-data"
):

__WinHttpFinalizeCtrls($sSubmit, $sRadio, $sCheckBox, $sAddData, "&")
                If $sMethod = "GET" Then
                    $sAction &= "?" & $sAddData
                    $sAddData = "" ; not to send as addition to the request (this is GET)
                EndIf
                ExitLoop

by this:

__WinHttpFinalizeCtrls($sSubmit, $sRadio, $sCheckBox, $sAddData, "&")
                If $sMethod = "GET" Then
                    $sAction &= "?" & $sAddData
                    $sAddData = "" ; not to send as addition to the request (this is GET)
                Else
                    $sAddData = __WinHttpURLEncode($sAddData)
                EndIf
                ExitLoop

The only doubt is that if one encodes all the data that is going to be sent, it would be actually encoding the fields that are left default twice (because they were already encoded in the bucle 'For $i = 0 To UBound($aInput) - 1 ; for all input elements' .

To sum up,If you encode with __WinHttpURLEncode an already encoded string, the result is the same or does it change?

Obviously another solution (the best one in my opinion) would be not to encode the input values in the bucle 'For $i = 0 To UBound($aInput) - 1 ; for all input elements'

also because after there's this comparison:

If $sPassedData = $aInputIds[2][$j] Then
that would not match if the user passed $sPassedData without encoding ie 'hello how are you'<>'hello+how+are+you' Edited by Mithrandir

Share this post


Link to post
Share on other sites

What do you think? (I would also like to know the meaning of that "$1" in the last autoit code :x

$1 is part of the regexp pattern.

$sPassedData is encoded. There is no need to do it twice. Check the code, you'll see

For $k = 1 To $iNumParams
    $sPassedData = __WinHttpURLEncode(...

I really owe you big thanks for your extensive testing of the code. It really makes the difference.

Thank you Mithrandir :P

edit:

$sData = " A "

If __WinHttpURLEncode(__WinHttpURLEncode($sData)) = __WinHttpURLEncode($sData) Then
    MsgBox(64, "__WinHttpURLEncode", "Encoding encoded makes no difference")
Else
    MsgBox(64, "__WinHttpURLEncode", "Encoding encoded will change the string in this case")
EndIf
Edited by trancexx

♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites

$1 is part of the regexp pattern.

$sPassedData is encoded. There is no need to do it twice. Check the code, you'll see

For $k = 1 To $iNumParams
    $sPassedData = __WinHttpURLEncode(...

I really owe you big thanks for your extensive testing of the code. It really makes the difference.

Thank you Mithrandir :nuke:

edit:

$sData = " A "

If __WinHttpURLEncode(__WinHttpURLEncode($sData)) = __WinHttpURLEncode($sData) Then
    MsgBox(64, "__WinHttpURLEncode", "Encoding encoded makes no difference")
Else
    MsgBox(64, "__WinHttpURLEncode", "Encoding encoded will change the string in this case")
EndIf

You're right. I was working with version 1.6.1.8 and not the revision 81 :x:shifty: In revision 81 you encoded the passed data.

And it's me who has to thank you for making such a great UDF as well as giving me the opportunity to test it and learn so many things :lol: I like to test and debug things until I find a solution or die trying it :D and you as well as Progandy have been always there to assist me. Thank you again!

PS: If you're going to release a new version I would add to revision 81

$sAction = StringReplace($sAction,'&amp;','&')
after the EndIf at this part:

Else
            $sNewURL = $aCrackURL[2]
            $sAction = $aCrackURL[6] & $aCrackURL[7]
        EndIf

and you wouldn't want to forget the

$sHTML = StringRegExpReplace($sHTML, "(?s)<!\[CDATA\[.*?\]\]>", ""); removing CDATA
:(

PS2: Another thing to improve would be the problem that can cause comments as the one that I posted. According to this it would be easy to remove CSS comments since they have an opening and closing pattern ( /* commented text */ ) . The problem is with Javascript comments that don't have a closing pattern, like

// This is a one-line comment

# One-line comments with the HTML comment-opening sequence (<!--). Note that the Javascript interpreter ignores the closing characters of HTML comments (-->). Consider this example:

<!-- This is treated as a one-line JS comment

<!-- It works just like a comment beginning with //

<!-- --> This is also a one-line JS comment

<!-- --> because JS ignores the closing characters

<!-- --> of HTML-style comments

How to deal with them? I think the regexp for that should match a linebreak at the end but my previous attempt failed :P

Or also another thing that can be done would be to remove everything between <script> </script> tags while it doesn't screw anything ( is it possible for forms to be inside <script> </script> tags? )

Edited by Mithrandir

Share this post


Link to post
Share on other sites

How to replicate a command like this?

Posted Image


I'm a compulsive poster. When I post something, come to read it at least 5 minutes later after the posting, because I will edit it. I edited even this signature a few minutes later after I wrote it.

Share this post


Link to post
Share on other sites

How to replicate a command like this?

Posted Image

Try to use this example of the function _WinHttpAddRequestHeaders from the help file of WinHttp.au3:

#AutoIt3Wrapper_AU3Check_Parameters=-d -w 1 -w 2 -w 3 -w 4 -w 5 -w 6

#include "WinHttp.au3"

Opt("MustDeclareVars", 1)

; !!!Note that this example will fail because of invalid username and password!!!

Global $sAddress = "secure.imdb.com"
Global $sUserName = "SomeUserName"
Global $sPassword = "SomePassword"
; Post data:
Global $sPostData = "login=" & $sUserName & "&password=" & $sPassword & "&u=https%3A%2F%2Fsecure.imdb.com%2Fregister-imdb%2Flogin"

; Initialize and get session handle
Global $hOpen = _WinHttpOpen("Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1) Gecko/20090624 Firefox/3.5")

; Get connection handle
Global $hConnect = _WinHttpConnect($hOpen, $sAddress, $INTERNET_DEFAULT_HTTPS_PORT)

; Make a request
Global $hRequest = _WinHttpOpenRequest($hConnect, _
        "POST", _
        "register-imdb/login", _
        Default, _
        Default, _
        "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", _
        $WINHTTP_FLAG_SECURE)

; Enable cookies for sure (DON'T USE THIS BECAUSE IT ACTUALLY DISABLES AUTOMATIC HANDLING OF COOKIES)
;_WinHttpSetOption($hRequest, $WINHTTP_OPTION_DISABLE_FEATURE, $WINHTTP_DISABLE_COOKIES)

; Add header fields to the request
_WinHttpAddRequestHeaders($hRequest, "Accept-Language: en-us,en;q=0.5")
_WinHttpAddRequestHeaders($hRequest, "Content-Type: application/x-www-form-urlencoded")
_WinHttpAddRequestHeaders($hRequest, "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7")
_WinHttpAddRequestHeaders($hRequest, "Keep-Alive: 300")
_WinHttpAddRequestHeaders($hRequest, "Connection: keep-alive")

; Send it
_WinHttpSendRequest($hRequest, -1, $sPostData)
; Wait for the response
_WinHttpReceiveResponse($hRequest)
; Check if there is a response
Global $sHeader, $sReturned
If _WinHttpQueryDataAvailable($hRequest) Then
    $sHeader = _WinHttpQueryHeaders($hRequest)
    MsgBox(64, "Header", $sHeader)
    Do
        $sReturned &= _WinHttpReadData($hRequest)
    Until @error
    ; Print returned
    ConsoleWrite($sReturned)
Else
    ConsoleWriteError("!No data available." & @CRLF)
    MsgBox(48, "Failure", "No data available.")
EndIf

; Close handles
_WinHttpCloseHandle($hRequest)
_WinHttpCloseHandle($hConnect)
_WinHttpCloseHandle($hOpen)

Tip: If you aren't connecting at a https:// site don't use $WINHTTP_FLAG_SECURE . Also you may not need to specify the header 'Cookie: '

if you get them from a previous request (generally a 'GET'). Don't send the 'Accept encoding : gzip' header as it caused trouble to me. Also, I don't see in that screen capture the 'action page' of the request (ie if the page is http://www.somesite.com/somesection.php www.somesite is the host -which is also returned in the index 2 of _WinHttpCrackUrl- and /somesection.php is the 'action page' -which is also returned in the index 6 and 7 (you have to concatenate them) of _WinHttpCrackUrl- I recommend you to use Live Http Headers plugin for firefox if you can.

Read also this thread were I had more or less the same doubts:

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...