Reputation: 34116
Indy HTTP Client: sessions like in web browser
I'm making a program for registration on a website.
For this, I use C++Builder and Indy (TIdHTTP).
How it works:
- Program receives registration page via GET and extracts CAPTCHA picture address from it;
- downloads the CAPTCHA (GET) and serves it to user;
- sends the data provided by user to the website in POST request.
Problem: The CAPTCHA code is always incorrect. This must be because somewhere between these three calls to website the CAPTCHA challenge changes.
To prevent this, these requests have to be connected somehow
So I think, some kind of sessions support is needed here...
Please tell me how this can be achieved, in Delphi or C++Builder
EDIT:
I found out that Session ID is stored in a cookie thanks to Runner
Upvotes: 2
Views: 4349
Answers (4)
Reputation: 73
Let me to guess, hmm... I bet you register Yahoo :) Anyway with most popular mail providers it isn't so easy, there are some javascripts that protect from automatic signups. These scripts can generate cookies or POST fields dynamically.
Upvotes: -1
Reputation: 251
Use a IdCookieHandler and link it to the IdHTTP Object. Then all the cookie / session management stuff will automatically done by Indy.
This is the fast and cleanest solution if you want to work with real session support and web automation including signups.
Upvotes: 0
Reputation: 595837
If the PHP session ID is being sent by the server in a cookie, then make sure you are using an up-to-date version of Indy. Indy 10's cookie handling has been broken for awhile, but I recently checked in new code for Indy's cookie management to address a lot of issues.
If the PHP session ID is being sent by the server in a hidden field of the registration form, then you need to make sure you are including the ID in the POST data you send back.
Upvotes: 2
Reputation: 6111
To me sequence seems correct. Just check that when posting the CAPTCHA answer back, you provide the ID to tell which CAPTCHA that is.
To me it sounds like your POST is not recognized as a specific request. In other words you are probably not assocating the response with the specific user. When you first call GET and get the CAPTCHA back from the server, the server must provide you with the unique ID for the returned CAPTCHA. This can be a unique URL, a cookie, a field embeded in the HTML returned etc...
That is my guess from your description.
EDIT:
I have more info. It is obviously a PHP server. From the page provided by "BlaXpirit":
A visitor accessing your web site is assigned a unique id, the so-called session id. This is either stored in a cookie on the user side or is propagated in the URL.
So, if the ID is in the cookie, then I guess you are not sending the cookie back. You are the middle man here, It goes like this.
- You make a GET to the CAPTCHA server.
- You get back the response that contains the cookie
- You send the CAPTCHA back to the client, but do not send the cookie.
You should send the cookie to the client and then back to the CAPTCHA server, or have your own session management, store the CAPTCHA cookie, identify the client when he/she sends the response and send the cookie with the response back to the CAPTCHA server.
Upvotes: 2
Related Questions
- Indy 10 Http Server sample
- Indy http server session doesn't work well
- using indy for https with session/cookie
- Indy Http Server with resume support
- Get server data in Delphi 2010
- Using a cookie with Indy
- Session cookie with indy
- How can my program log in to a Web site programmatically with Indy?
- Delphi - Using Indy HTTP Client to send a response back to a server
- Delphi - Indy (IDHTTP) Keep Session