Py Mechanize submit more data using the auth'ed user

Question

I'm trying to use Mechanize to login a website. Thanks to del for the corrections.

import re
import mechanize

login_url = 'login.aspx'

def login(id, username, password):
    br = mechanize.Browser()
    br.addheaders = [('User-agent', 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.1) Gecko/2008071615 Fedora/3.0.1-1.fc9 Firefox/3.0.1')]
    br.open("login.aspx")
    br.select_form(nr=0)
    br.form.set_all_readonly(False) # allow us to modify hidden form elements
    br["__EVENTTARGET"] = "TransactBtn"
    br["AccountID"] = id
    br["UserName"] = username
    br["Password"] = password   
    response = br.submit()

    print response.geturl()

def redirect(response.geturl())
    #i want to get the url of the redirect and submit it to see the main login page

def dostuff()
    #i want to do submit more data using the authenticated user.

login('id', 'user', 'pass')

This correctly logged in, but the return is now returning a redirect portal asking for another submit.
What do I do with this so I can return the real logged in site?

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>

</title></head>
<body>
    <form name="form1" method="post" action="tmp.aspx" id="form1">
<div>
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE2MTY2ODcyMjlkZCOgyU+AdP30f85W4DdUIV6LnCqa" />
</div>

    <script type="text/javascript">
        top.location.href = document.location.href;
        document.forms["form1"].submit();
    </script>
        &nbsp;&nbsp;</form>
    </body>
</html>

How to submit data within the already authenticated user?

Answer 1

You need to select the form before you can access it with Browser.form:

>>> import mechanize
>>> br = mechanize.Browser()
>>> response = br.open("default.aspx")
>>> print br.form
None
>>> br.select_form(nr=0)
>>> print br.form
<form1 POST default.aspx application/x-www-form-urlencoded
  <HiddenControl(__VIEWSTATE=/wEPDwUKLTcxNTg3NzEzMQ9kFgQCAQ9kFgICCA8WAh4EaHJlZgUJZ3JlZW4uY3NzZAIDD2QWBgIHDw8WAh4EVGV4dAUjWW91ciBJUCBBZGRyZXNzIGlzIDogMjAzLjI5LjE1OS4xMzRkZAIJDxBkZBYBZmQCCw8WAh4HVmlzaWJsZWgWEAIDDxYCHwJoZAIFDxYCHwJoZAIHDxYCHwJoZAIPDxYCHgV2YWx1ZQUKMTEvMjcvMjAxMmQCEQ8PFgIfAQVKPHNlbGVjdCBpZD0iUEwiIG5hbWU9IlBheWVlTGlzdCI+PG9wdGlvbiB2YWx1ZT0iYWxsIj5BbGw8L29wdGlvbj48L3NlbGVjdD5kZAITDxYCHwMFCjExLzI3LzIwMTJkAhUPFgIfAwUKMTEvMjcvMjAxMmQCFw8PFgIfAQVMPHNlbGVjdCBpZD0iUEwyIiBuYW1lPSJQYXllZUxpc3QyIj48b3B0aW9uIHZhbHVlPSJhbGwiPkFsbDwvb3B0aW9uPjwvc2VsZWN0PmRkZDTdDxIlMu2gUsdr7GPbmUOQ3xzg) (readonly)>
  <HiddenControl(__EVENTVALIDATION=/wEWBwKfnIxpAsCktrgLAr2x1tEIAubH1rAKAtWJze8HAvCR5qcGAsjWwOgISMYAcE5r11vGAeoqgWzW0JGk2e4=) (readonly)>
  <SelectControl(ThemeList=[*Green, Blue, Red, Orange, Yellow, Violet])>>

UPDATE

Regarding the edit to your question, there are two problems:

1. You need to set the User-Agent. The server seems to serve a different version of the page if you use the Mechanize default
2. The page uses Javascript to set the __EVENTTARGET field

The following works:

>>> import mechanize
>>> br = mechanize.Browser()
>>> br.addheaders = [('User-agent', 'Mozilla/5.0 (Windows NT 5.2; WOW64) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11')]
>>> br.open("login.aspx")
<response_seek_wrapper at 0x201c290 whose wrapped object = <closeable_response at 0x2017758 whose fp = <socket._fileobject object at 0x1fb4ad0>>>
>>> br.select_form(nr=0)
>>> br.form.set_all_readonly(False) # allow us to modify hidden form elements
>>> br["__EVENTTARGET"] = "TransactBtn"
>>> br["AccountID"] = "id"
>>> br["UserName"] = "user"
>>> br["Password"] = "pass"
>>> response = br.submit()
>>> [line for line in response.readlines() if 'ErrorMsg' in line]
['                <span id="ErrorMsg">Account ID is numeric.</span></span></div>\r\n']

You can see that it has output the error message "Account ID is numeric".