PHP Curl 携带Cookie 绕过图片验证码登录
![](https://img2023.cnblogs.com/blog/634529/202303/634529-20230313142451845-1148951554.png)
第一次访问登录页面, 记录下Cookie并保存, 同时去下载图片验证码到服务器, 利用<img>显示到页面, 等待人工识别后input 提交.
重点是携带Cookie,
View Code
![](https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif)
<?php @header("content-type:text/html;charset=UTF-8"); /** * 携带Cookie模拟登录 * 绕过图片验证码,人工识别后input提交 */ function json_to_array($data) { $data = json_decode($data,JSON_UNESCAPED_UNICODE); return $data; } function array_to_json($data) { $data = json_encode($data,JSON_UNESCAPED_UNICODE); return $data; } function http_json_data($postUrl, $postState, $curlPost, $cookiesState){ $cookie_file = dirname(__FILE__).'/cookie.txt'; $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $postUrl); if ($cookiesState==1){ curl_setopt($curl, CURLOPT_COOKIEJAR, $cookie_file); }else{ curl_setopt($curl, CURLOPT_COOKIEFILE, $cookie_file); } if ($postState==1){ curl_setopt($curl, CURLOPT_POSTFIELDS, $curlPost); } curl_setopt($curl, CURLOPT_HEADER, 0); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); $data = curl_exec($curl); curl_close($curl); return $data; } if(isset($_REQUEST['tongjiTime'])){ $chaxunTime = $_REQUEST ['tongjiTime']; }else{ $chaxunTime = date('Y-m-d',time()); } if(isset($_REQUEST['act'])){ $act = trim($_REQUEST['act']); }else{ $act = 'login'; } if(isset($_REQUEST['checkCode'])){ $checkCode = trim($_REQUEST['checkCode']); }else{ $checkCode = ''; } $host = 'http://www.xxx.com:8090'; switch($act){ case 'login': $postUrl = $host.'/EnergyTrack/user/login'; $login = http_json_data($postUrl, $postState = 0, $curlPost = '', $cookiesState = 1); //var_dump($login); $postUrl = $host.'/EnergyTrack/VerifyCodeServlet'; $img = http_json_data($postUrl, $postState=0, $curlPost='', $cookiesState = 0); $fp = fopen("verifyCode.jpg","w"); fwrite($fp,$img); fclose($fp); echo '<center style="margin: 100px 0px 0px 0px;">输入图片验证码:'; echo '<img src="verifyCode.jpg"></center>'; break; case 'authcode': $postUrl = $host.'/EnergyTrack/user/login'; //$code = file_get_contents('1code.txt'); $curlPost = 'account=账户&password=密码&checkCode='.$checkCode; $result = http_json_data($postUrl, $postState=1, $curlPost, $cookiesState=0); if(json_to_array($result)['success']==true){ echo '<center style="margin: 100px 0px 0px 0px;">登录成功 '; //跳转(注意cookie) echo '<a href="jiudian.php"> 统计</a></center>'; } if(json_to_array($result)['success']==false){ echo '<center style="margin: 100px 0px 0px 0px;"><a href="?act=login">返回登录</a></center>'; } exit; break; } ?> <center> <form> <input type="hidden" name="act" value="authcode"> <input type="text" name="checkCode" /> <input type="submit" name="submit" > </form> </center>