HTTrack Website Copier
Free software offline browser - FORUM
Subject: php authentication and variable form fields
Author: Bandit
Date: 01/15/2010 21:40
Per the discussion in this thread:
it appears that the page
dynamically generates a unique form field value for the variable called
"form_build_id" each time the page is loaded.

Thus with CatchURL, the postfile contains the following POST data:

The form_build_id variable is the string "form-" followed by a 32-byte hex
e.g. form_build_id=form-0cd480514e54dcf1e8a027f23a1488ab

Apparently this prevents HTT from mirroring because that "form_build_id" will
change from the time that CatchURL runs and HTT loads a new /login page.

(Note that there are no cookies trapped by CatchURL except the
google-analytics ("__utm...") and PHP Session ID is the only cookie the server
sends *after* the login is successful.)

While I don't really care to personally mirror this site, I got sucked into
trying to figure it out because someone asked, and I *do* enjoy a challenge. 
lol  But I am just wondering why there isn't some way (maybe needs to be an
feature/enhancement request) for HTT to read the login page, and apply the
data (specifically form_build_id) to the POST data to make the login

Other than that, are there any thoughts on how to work around it?  Or am I
missing/misinterpreting what's going on?

All articles

Subject Author Date
php authentication and variable form fields

01/15/2010 21:40
Re: php authentication and variable form fields

01/16/2010 22:59
Re: php authentication and variable form fields

01/18/2010 20:52
Re: php authentication and variable form fields

01/19/2010 16:02


Created with FORUM 2.0.11