0

I'm building a login page from where I would like to connect to my salesforce.com account. The idea is that if the username/password is wrong, I leave the user on my website and otherwise I redirect him to the salesforce panel.

To check if the username password exists, I use the Salesforce PHP Toolkit. And when I see that the user has entered a legit account, I use cURL to post the username and password to the form that is supposedly handling the login.

Here's some bits of the code:

$url = 'https://login.salesforce.com/';
$fields = array(
      'username' => urlencode($username),
      'pw' => urlencode($pw),
      'un' => urlencode($username),
      'width' => urlencode($width),
      'height' => urlencode($height),
      'hasRememberUn' => urlencode(true),
      'startURL' => urlencode(''),
      'loginURL' => urlencode(''),
      'loginType' => urlencode(''),
      'useSecure' => urlencode(true),
      'local' => urlencode(''),
      'lt' => urlencode('standard'),
      'qs' => urlencode(''),
      'locale' => urlencode('uk'),
      'oauth_token' => urlencode(''),
      'login' => urlencode(''),
      'serverid' => urlencode(''),
      'display' => urlencode('page')
  );

  $fields_string =''; 
  foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
  rtrim($fields_string,'&');
  $ch = curl_init();

  /* Set the url, number of POST vars, POST data */
  curl_setopt($ch, CURLOPT_AUTOREFERER, true);
  curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
  curl_setopt($ch, CURLOPT_URL,$url);
  curl_setopt($ch, CURLOPT_FOLLOWLOCATION,true);
  curl_setopt($ch, CURLOPT_POST,count($fields));
  curl_setopt($ch,CURLOPT_POSTFIELDS,$fields_string);

  $result = curl_exec($ch);
  curl_close($ch);

I inspected the source of the login page of salesforce.com to see what post values it needs which I put it in the code above.

The problem is that whenever I input a valid account, it redirects me to the login page (so I am not logged in) of salesforce.com saying

You have attempted to access a page that requires a salesforce.com login. If you are already a user of the system, please login below.

Could anyone tell me what I'm doing wrong ?

Cheers !

Improve this question

2 Answers 2

Reset to default
1

urlencode() is not the proper method to encode your data with, since you're not passing the data in a URL.

CURL can take an array and automatically convert the data in it to a POST-able data set. You don't have to do the encoding yourself. Simply do

curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thank you for the tip ! But that doesn't solve my problem though.
0

CURLOPT_POST takes a bool, not the number of fields you're posting. 

curl_setopt($ch, CURLOPT_POST, 1);

Additionally, if the service uses cookies for session storage, you'll need to add a cookie jar. From http://curl.haxx.se/libcurl/php/examples/cookiejar.html

For the initial authentication request:

curl_setopt($ch, CURLOPT_COOKIEJAR, "/tmp/cookieFileName");

And for subsequent requests using it:

curl_setopt($ch, CURLOPT_COOKIEFILE, "/tmp/cookieFileName");
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.