Python to PHP Login System (HTTP Post)

[test]

Hi everyone,

I'm creating a desktop Python application that requires web-based
authentication for accessing additional application features.

HTTP GET is really simple.
HTTP POST is not (at least for me anyway)

I have tried a few different sources, but I cannot get HTTP POST to
successfully log in. I can login using FireFox at
http://www.magnetshare.com/main.php

I suggest you register a dummy login to see what I mean (don't enter
your real e-mail address).

Now here's some code:
------------------------------------------------------------------------------
msparams = urllib.urlencode({'user': self.components.User.text,
'pass': self.components.MagnetSharePassword.text, 'sublogin': '1'})
try:
f = urllib() ***What should go here?***
fc = f.read()
fc.close()
except:
self.statusBar.text = "Disconnected"
result = dialog.alertDialog(self, 'Couldn\'t connect to
MagnetShare.com! Please check your Internet connection, and then try
again.')
else:
print fc
-------------------------------------------------------------------------------

Also, could you let us know what modules we should import?
Thanks for checking this out!

By the way, the PHP system I'm using is super easy to set up:

http://www.evolt.org/article/PHP_Login_System_with_Admin_Features/17/60384/index.html

 

[Jeethu Rao]

You need to use httplib.
http://docs.python.org/lib/httplib-examples.html

Jeethu Rao

 

[Justin Azoff]

You need to use httplib.
http://docs.python.org/lib/httplib-examples.html

Jeethu Rao

Not at all. They need to read the documentation for urrlib:

http://docs.python.org/lib/module-urllib.html
http://docs.python.org/lib/node483.html
"The following example uses the "POST" method instead:"....

Additionally, they probably need to use cookielib, otherwise the logged
in state will not be persistant.

 

[test]

Not at all. They need to read the documentation for urrlib:

http://docs.python.org/lib/module-urllib.html
http://docs.python.org/lib/node483.html
"The following example uses the "POST" method instead:"....

Additionally, they probably need to use cookielib, otherwise the logged
in state will not be persistant.

Here's what's strange... I tried using urllib like this:
----------------------------------------------------------------------------------
try:
msparams = urllib.urlencode({'user':
self.components.User.text, 'pass':
self.components.MagnetSharePassword.text, 'sublogin': 1})
f = urllib.urlopen("http://www.magnetshare.com/process.php",
msparams)
fc = f.read()
fc.close()
print fc
except:
self.statusBar.text = "Disconnected"
result = dialog.alertDialog(self, 'Couldn\'t connect to
MagnetShare.com! Please check your Internet connection, and then try
again.')
else:
print fc
-----------------------------------------------------------------------------------
....and then I visited http://www.magnetshare.com/main.php to see if I
was logged in. Sure enough I was logged in, but the exception was
thrown anyway. I commented out the urlopen, f, and fc lines and
tested it again. This time I made it to "else:"

I'm stumped. I'm glad that the user can log in; however, the
MagnetShare application needs to read in the response from the server,
and then decide what to do with the information.

 

[John J. Lee]

Or you may not be able to log in at all, for an everyday meaning of
"log in".

Here's what's strange... I tried using urllib like this:
----------------------------------------------------------------------------------
try:
msparams = urllib.urlencode({'user':
self.components.User.text, 'pass':
self.components.MagnetSharePassword.text, 'sublogin': 1})
f = urllib.urlopen("http://www.magnetshare.com/process.php",
msparams)
fc = f.read()
fc.close()
print fc
except:
self.statusBar.text = "Disconnected"
result = dialog.alertDialog(self, 'Couldn\'t connect to
MagnetShare.com! Please check your Internet connection, and then try
again.')
else:
print fc

That's not how it works (assuming you visited that URL in a browser,
not using Python). The "logged-in-ness" comes from a "session ID"
cookie that is stored in your browser (or in your Python code). The
server sends a cookie when you log in (and usually stores your cookie
in a database). The browser keeps the cookie. When you come back
later using the same browser (maybe even after you've closed the
browser, if it's the right kind of cookie), your browser sends the
cookie back and the server looks up the session ID from that cookie in
the database, and sees it's you.

If you come back using a different browser (and your Python program is
effectively just a different browser than your copy of Firefox or IE
or whatever), then the server won't remember who you are, so you're
not logged in *in that browser session*, even if the server has you
recorded in its database as logged in from a different browser
session.

So, the fact that you saw yourself as logged in when you looked using
your web browser doesn't really help your Python program -- it's still
out in the cold.

thrown anyway. I commented out the urlopen, f, and fc lines and
tested it again. This time I made it to "else:"

I'm stumped. I'm glad that the user can log in; however, the
MagnetShare application needs to read in the response from the server,
and then decide what to do with the information.

Here's one way:

easy_install mechanize

(install easy_install first if you don't have that:

http://peak.telecommunity.com/DevCenter/EasyInstall#installing-easy-install

)

#-------------------------------
import mechanize

SHOW_COOKIES = True

br = mechanize.Browser()
if SHOW_COOKIES:
cj = mechanize.CookieJar()
br.set_cookiejar(cj)
br.open("http://www.magnetshare.com/main.php")
br.select_form(nr=0)
br["user"] = "joe"
br["pass"] = "password"
r = br.submit()
assert "Logged In" in r.get_data()
if SHOW_COOKIES:
for cookie in cj:
print cj
#-------------------------------


(note the cookiejar is always there; you only need to create one and
pass it in in order to get at it to e.g. print out the cookies you've
collected)


John

 

[test]

Or you may not be able to log in at all, for an everyday meaning of
"log in".

Here's what's strange... I tried using urllib like this:
----------------------------------------------------------------------------------
try:
msparams = urllib.urlencode({'user':
self.components.User.text, 'pass':
self.components.MagnetSharePassword.text, 'sublogin': 1})
f = urllib.urlopen("http://www.magnetshare.com/process.php",
msparams)
fc = f.read()
fc.close()
print fc
except:
self.statusBar.text = "Disconnected"
result = dialog.alertDialog(self, 'Couldn\'t connect to
MagnetShare.com! Please check your Internet connection, and then try
again.')
else:
print fc

That's not how it works (assuming you visited that URL in a browser,
not using Python). The "logged-in-ness" comes from a "session ID"
cookie that is stored in your browser (or in your Python code). The
server sends a cookie when you log in (and usually stores your cookie
in a database). The browser keeps the cookie. When you come back
later using the same browser (maybe even after you've closed the
browser, if it's the right kind of cookie), your browser sends the
cookie back and the server looks up the session ID from that cookie in
the database, and sees it's you.

If you come back using a different browser (and your Python program is
effectively just a different browser than your copy of Firefox or IE
or whatever), then the server won't remember who you are, so you're
not logged in *in that browser session*, even if the server has you
recorded in its database as logged in from a different browser
session.

So, the fact that you saw yourself as logged in when you looked using
your web browser doesn't really help your Python program -- it's still
out in the cold.

thrown anyway. I commented out the urlopen, f, and fc lines and
tested it again. This time I made it to "else:"

I'm stumped. I'm glad that the user can log in; however, the
MagnetShare application needs to read in the response from the server,
and then decide what to do with the information.

Here's one way:

easy_install mechanize

(install easy_install first if you don't have that:

http://peak.telecommunity.com/DevCenter/EasyInstall#installing-easy-install

)

#-------------------------------
import mechanize

SHOW_COOKIES = True

br = mechanize.Browser()
if SHOW_COOKIES:
cj = mechanize.CookieJar()
br.set_cookiejar(cj)
br.open("http://www.magnetshare.com/main.php")
br.select_form(nr=0)
br["user"] = "joe"
br["pass"] = "password"
r = br.submit()
assert "Logged In" in r.get_data()
if SHOW_COOKIES:
for cookie in cj:
print cj
#-------------------------------


(note the cookiejar is always there; you only need to create one and
pass it in in order to get at it to e.g. print out the cookies you've
collected)


John

Thanks a lot John! This "mechanize" was exactly what I was looking
for. There are some key improvements over urllib2 and also, cookies
are turned on by default.

Just an FYI for others, PHP can set $SESSIONID when the user refuses
cookies. I haven't decided whether the application will use cookies or
not, but luckily I got the login page response I was looking for. Now,
I just parse the HTML using Python, and then go to the next screen in
the MagnetShare application.

Here's the test code I used.
---------------------------------------------------------------------------------------
import mechanize

br = mechanize.Browser()
br.open("http://www.magnetshare.com/main.php")
br.select_form(nr=0)
br["user"] = "test2"
br["pass"] = "test2"
response1 = br.submit()
fc = response1.read()
print fc

 

[John J. Lee]

#-------------------------------
import mechanize

SHOW_COOKIES = True

br = mechanize.Browser()
if SHOW_COOKIES:
cj = mechanize.CookieJar()
br.set_cookiejar(cj)
br.open("http://www.magnetshare.com/main.php")
br.select_form(nr=0)
br["user"] = "joe"
br["pass"] = "password"
r = br.submit()
assert "Logged In" in r.get_data()
if SHOW_COOKIES:
for cookie in cj:
print cj
#-------------------------------

That last line should of course have been:

print cookie

and not:

print cj


John