Anyone managed to get data from my.secondlife.com with php?

[kellee Button]

I'm using the php transaction history downloading script as a basis, and I can get that to work, but using the same sort of methods to access my.secondlife.com through the openid login system seems not to work. I was curious whether or not anyone's been able to manage it yet.

If I could get past the openid login and access the my.secondlife.com pages I could parse out user UUIDs, for instance, and have a reliable name2key system that doesn't rely on a third party database, drag people's profile pictures for media-on-prim purposes, and similar valuable tasks.

[kellee Button]

Ugh. Thought I'd fixed it, but no.

For reference, this is the (user data sanitized) code I've worked out so far:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head/><body><?php$fname = "USERNAME";$pwd   = 'PASSWORD';function update_cookie($cookie,$newcookie){	$x=explode(";",$cookie);	$n=Array();	$returncookie="";		if ($cookie != "") {	foreach($x as $y)	{		$z=explode("=",$y);		$n[$z[0]]=$z[1];	}	}	$x=explode(";",$newcookie);	foreach($x as $y)	{		$z=explode("=",$y);		$n[$z[0]]=$z[1];	}	reset($n);	for($a=0;$a<count($n);$a++)	{		$returncookie.=rtrim(key($n))."=".$n[key($n)].";"; //($n[key($n)] ? "=".$n[key($n)].";" : '');		next($n);	}	return $returncookie;}function get_params($c){	preg_match_all('/type\="hidden" name\="([^"]+)" value\="([^"]+)"/',$c,$regs, PREG_SET_ORDER);	$params=Array();	foreach ($regs as $r) 		$params[$r[1]]=$r[2];	return $params;}/** * Send a POST requst using cURL * @param string $url to request * @param array $post values to send * @param array $options for cURL * @return string */function curl_post_head($url, array $post = NULL, array $options = array()){    $defaults = array(        CURLOPT_POST => 1,		CURLOPT_USERAGENT => "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)",        CURLOPT_HEADER => 1,        CURLOPT_URL => $url,        CURLOPT_FRESH_CONNECT => 1,        CURLOPT_RETURNTRANSFER => 1,        CURLOPT_FORBID_REUSE => 1,        CURLOPT_TIMEOUT => 4,		CURLOPT_SSL_VERIFYPEER => true,		CURLOPT_SSL_VERIFYHOST => 0,		CURLOPT_CAINFO =>  getcwd()."/cacert.pem",        CURLOPT_POSTFIELDS => http_build_query($post)    );    $ch = curl_init();    curl_setopt_array($ch, ($options + $defaults));    if( ! $result = curl_exec($ch))    {        $errstring = curl_error($ch) . "<br>" . $url . "<p>";        trigger_error($errstring);		return $errstring;    }    curl_close($ch);    return $result;}function curl_post($url, array $post = NULL, array $options = array()){    $defaults = array(        CURLOPT_POST => 1,		CURLOPT_USERAGENT => "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)",        CURLOPT_HEADER => 0,        CURLOPT_URL => $url,        CURLOPT_FRESH_CONNECT => 1,        CURLOPT_RETURNTRANSFER => 1,        CURLOPT_FORBID_REUSE => 1,        CURLOPT_TIMEOUT => 4,		CURLOPT_SSL_VERIFYPEER => true,		CURLOPT_SSL_VERIFYHOST => 0,		CURLOPT_CAINFO =>  getcwd()."/cacert.pem",        CURLOPT_POSTFIELDS => http_build_query($post)    );    $ch = curl_init();    curl_setopt_array($ch, ($options + $defaults));    if( ! $result = curl_exec($ch))    {        $errstring = curl_error($ch) . "<br>" . $url . "<p>";        trigger_error($errstring);		return $errstring;    }    curl_close($ch);    return $result;}/** * Send a GET requst using cURL * @param string $url to request * @param array $get values to send * @param array $options for cURL * @return string */function curl_get($url, array $get = NULL, array $options = array()){       $defaults = array(        CURLOPT_URL => $url. (strpos($url, '?') === FALSE ? '?' : ''). http_build_query($get),		CURLOPT_USERAGENT => "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)",        CURLOPT_HEADER => 0,		CURLOPT_SSL_VERIFYPEER => true,		CURLOPT_SSL_VERIFYHOST => 0,		CURLOPT_CAINFO =>  getcwd()."/cacert.pem",        CURLOPT_RETURNTRANSFER => TRUE,        CURLOPT_TIMEOUT => 4    );       $ch = curl_init();    curl_setopt_array($ch, ($options + $defaults));    if( ! $result = curl_exec($ch))    {		$errstring = curl_error($ch) . "<br>" . $url . "<p>";        trigger_error($errstring);		return $errstring;    }    curl_close($ch);    return $result;}function curl_get_head($url, array $get = NULL, array $options = array()){   	//echo $url . "<p>";    $defaults = array(        CURLOPT_URL => $url. (strpos($url, '?') === FALSE ? '?' : ''). http_build_query($get),		CURLOPT_USERAGENT => "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)",        CURLOPT_HEADER => 1,		CURLOPT_SSL_VERIFYPEER => true,		CURLOPT_SSL_VERIFYHOST => 0,		CURLOPT_CAINFO =>  getcwd()."/cacert.pem",        CURLOPT_RETURNTRANSFER => TRUE,        CURLOPT_TIMEOUT => 2    );    //echo "<p>" . $defaults[1] . "<p>";	    $ch = curl_init();    curl_setopt_array($ch, ($options + $defaults));    if( ! $result = curl_exec($ch))    {		//echo "ERROR: " . $url . "<p>";		$errstring = curl_error($ch) . "<br>" . $url . "<p>";        trigger_error($errstring);		return $errstring;    }    curl_close($ch);    return $result;}$mycookie="";$idcookie="";	$url="https://my.secondlife.com/philip.linden";	$c=curl_get_head($url, Array(), Array());		if(preg_match("/Set-Cookie: +(.+)/",$c,$regs))$mycookie=update_cookie($mycookie,$regs[1]);	preg_match("/([^<]+)/", $c, $header);	//echo $regs[1] . "<p>";		echo "L0: " . $url . "<br>";	echo "RESPONSE: " . $header[1] . "<br>";	echo "MY.SLC Cookie:	" . $mycookie . "<p>";    $url="https://id.secondlife.com/openid/login?return_to=https%3A%2F%2Fmy.secondlife.com%2Fopenid";    $c=curl_get_head($url,		Array(),		Array()	);		//echo $c . "<p>";		$url="https://id.secondlife.com/openid/loginsubmit";	$c=curl_post_head($url,		Array(			"username"=>$fname,			"password"=>$pwd,			"stay_logged_in"=>"stay_logged_in",			"language"=>'en_US',			"Submit"=>'',			"previous_language"=>'en_US',			"return_to"=>"https://my.secondlife.com/openid"		),		Array(			CURLOPT_REFERER => "https://id.secondlife.com/openid/login?return_to=https%3A%2F%2Fmy.secondlife.com%2Fopenid"		)	);		if(preg_match("/Set-Cookie: +(.+)/",$c,$regs))$idcookie=update_cookie($idcookie,$regs[1]);	//echo $regs[1] . "<p>";	$referer="https://id.secondlife.com/openid/loginsubmit";	preg_match("/Location: +(.+)/",$c,$regs);	$location=$regs[1];		echo "L1:	" . $url . "<br>";	echo "RESPONSE	" . $c . "<br>";	echo "ID.SLC Cookie:	" . $idcookie . "<p>";		echo "L2: " . $location . "<br>";	$c=curl_get_head($location,		Array(),		Array(			CURLOPT_COOKIE=>$idcookie,			CURLOPT_REFERER=>$referer		)	);			$referer=$location;		if(preg_match("/Set-Cookie: +(.+)/",$c,$regs))$idcookie=update_cookie($idcookie,$regs[1]);	preg_match("/Location: +(.+)/",$c,$regs);	$location=$regs[1];		echo "RESPONSE:	" . $c . "<br>";	echo "ID.SLC Cookie:	" . $idcookie . "<p>";			echo "L3: " . $location . "<br>";	$c=curl_get_head($location,		Array(),		Array(			CURLOPT_COOKIE=>$mycookie		)	);	$params=get_params($c);		if(preg_match("/Set-Cookie: +(.+)/",$c,$regs))$mycookie=update_cookie($mycookie,$regs[1]);	$referer=$location;	$location="https://id.secondlife.com/openid/openidserver";		$garbage = preg_match("/([^<]+)/",$c,$header);		echo "RESPONSE:    " . $header[1] . "<br>";	echo "MY.SLC Cookie: " . $mycookie . "<p>";		echo "L4:	" . $location . "<p>";	$c=curl_post_head($location,$params,Array(CURLOPT_COOKIE=>$idcookie));	preg_match("/Location: +(.+)/",$c,$regs);	$location=$regs[1];		echo "L5: " . $location . "<br>";		$c=curl_get_head($location,Array(),		Array(			CURLOPT_COOKIE=>$mycookie,			CURLOPT_REFERER=>$referer		)	);				if(preg_match("/Set-Cookie: +(.+)/",$c,$regs))$idcookie=update_cookie($idcookie,$regs[1]);	$location='https://my.secondlife.com/philip.linden';		echo "ID.SLC Cookie:	" . $idcookie . "<p>";		echo "L6: " . $location . "<p>";		$c=curl_get($location,		Array(),		Array(CURLOPT_COOKIE=>$mycookie)	);	echo $c;?></body></html>

 

Those of you familiar with the php script posted here for downloading the XML/XLS transaction history files will recognize this. I've only modified it slightly to even get as far as I've got so far. I did a little housekeeping on the cookie processing to remove the leading =; from the return string, I've obviously modified the urls, and the login code since the username is no longer split into firstname and lastname fields, and I'm tracking two separate cookies, one for the id.secondlife.com domain, and one for the my.secondlife.com domain, since one domain sets and expects the agni session value, and the other expects the my.secondlife.com session value.

My modifications work on the transaction history file (And that code won't actually function without my mods because of changes to the SL sites (I also had to add an additional request to the script so that it would load the html transaction history display page before attempting the download, because the downloadable reports are only generated by the server when you hit the button to load the display page now--so the display page date range arguments must be exactly the same as the date range arguments on the XML download request as well).

But nothing I try seems to get me past the my.secondlife.com/openid request when attempting to gain logged in status on the my.secondlife.com domain. That request works fine on the secondlife.com domain, where it uses the id.secondlife.com cookie (agni-session), and of course the url for that one is different (secondlife.com/auth/oid_return). my.secondlife.com/openid seems to function in the same manner as secondlife.com/auth/oid_return, but using the same code to access it (With the my.secondlife.com session cookie, of course) only gets me a "service unavailable" message.

It's driving me up the wall, because from what I can see on my browser's web console log, I'm making all the right requests and setting and sending the right cookie data, yet I simply can't get that one request to work no matter how hard I try.

Anyone have any ideas?

 

PS: The code this is based on can be grabbed from here: http://community.secondlife.com/t5/Scripting/Downloading-transaction-history-automatically-using-PHP/m-p/288832#M7699

That rar file also has the certificate file necessary to connect through ssl.

[kellee Button]

Oh, and just so that you can see that the transaction history grabber works (And because I'm nice ), here's a working transaction history grabber script:

 

Just change the stuff at the top to your username and password, and the dates to whatever date range you want.

 

<?php$fname = "USERNAME";$pwd   = 'PASSWORD';$start_date = '2011-12-25';$end_date 	= '2012-01-05';function update_cookie($cookie,$newcookie){	$x=explode(";",$cookie);	$n=Array();	$returncookie="";		if($cookie!="")	{		foreach($x as $y)		{			$z=explode("=",$y);			$n[$z[0]]=$z[1];		}	}		$x=explode(";",$newcookie);	foreach($x as $y)	{		$z=explode("=",$y);		$n[$z[0]]=$z[1];	}	reset($n);	for($a=0;$a<count($n);$a++)	{		$returncookie.=key($n)."=".$n[key($n)].";";		next($n);	}	return $returncookie;}function get_params($c){	preg_match_all('/type\="hidden" name\="([^"]+)" value\="([^"]+)"/',$c,$regs, PREG_SET_ORDER);	$params=Array();	foreach ($regs as $r) 		$params[$r[1]]=$r[2];	return $params;}/** * Send a POST requst using cURL * @param string $url to request * @param array $post values to send * @param array $options for cURL * @return string */function curl_post_head($url, array $post = NULL, array $options = array()){    $defaults = array(        CURLOPT_POST => 1,        CURLOPT_HEADER => 1,        CURLOPT_URL => $url,        CURLOPT_FRESH_CONNECT => 1,        CURLOPT_RETURNTRANSFER => 1,        CURLOPT_FORBID_REUSE => 1,        CURLOPT_TIMEOUT => 4,		CURLOPT_SSL_VERIFYPEER => true,		CURLOPT_SSL_VERIFYHOST => 0,		CURLOPT_CAINFO =>  getcwd()."/cacert.pem",        CURLOPT_POSTFIELDS => http_build_query($post)    );    $ch = curl_init();    curl_setopt_array($ch, ($options + $defaults));    if( ! $result = curl_exec($ch))    {        trigger_error(curl_error($ch));    }    curl_close($ch);    return $result;}function curl_post($url, array $post = NULL, array $options = array()){    $defaults = array(        CURLOPT_POST => 1,        CURLOPT_HEADER => 0,        CURLOPT_URL => $url,        CURLOPT_FRESH_CONNECT => 1,        CURLOPT_RETURNTRANSFER => 1,        CURLOPT_FORBID_REUSE => 1,        CURLOPT_TIMEOUT => 4,		CURLOPT_SSL_VERIFYPEER => true,		CURLOPT_SSL_VERIFYHOST => 0,		CURLOPT_CAINFO =>  getcwd()."/cacert.pem",        CURLOPT_POSTFIELDS => http_build_query($post)    );    $ch = curl_init();    curl_setopt_array($ch, ($options + $defaults));    if( ! $result = curl_exec($ch))    {        trigger_error(curl_error($ch));    }    curl_close($ch);    return $result;}/** * Send a GET requst using cURL * @param string $url to request * @param array $get values to send * @param array $options for cURL * @return string */function curl_get($url, array $get = NULL, array $options = array()){       $defaults = array(        CURLOPT_URL => $url. (strpos($url, '?') === FALSE ? '?' : ''). http_build_query($get),        CURLOPT_HEADER => 0,		CURLOPT_SSL_VERIFYPEER => true,		CURLOPT_SSL_VERIFYHOST => 0,		CURLOPT_CAINFO =>  getcwd()."/cacert.pem",        CURLOPT_RETURNTRANSFER => TRUE,        CURLOPT_TIMEOUT => 4    );       $ch = curl_init();    curl_setopt_array($ch, ($options + $defaults));    if( ! $result = curl_exec($ch))    {        trigger_error(curl_error($ch));    }    curl_close($ch);    return $result;}function curl_get_head($url, array $get = NULL, array $options = array()){       $defaults = array(        CURLOPT_URL => $url. (strpos($url, '?') === FALSE ? '?' : ''). http_build_query($get),        CURLOPT_HEADER => 1,		CURLOPT_SSL_VERIFYPEER => true,		CURLOPT_SSL_VERIFYHOST => 0,		CURLOPT_CAINFO =>  getcwd()."/cacert.pem",        CURLOPT_RETURNTRANSFER => TRUE,        CURLOPT_TIMEOUT => 4    );       $ch = curl_init();    curl_setopt_array($ch, ($options + $defaults));    if( ! $result = curl_exec($ch))    {        trigger_error(curl_error($ch));    }    curl_close($ch);    return $result;}    $url="https://id.secondlife.com/openid/loginsubmit";    $c=curl_post_head($url,	Array(		"username"=>$fname,		//"last_name"=>$lname,		"password"=>$pwd,		"language"=>'en_US',		"Submit"=>'',		"previous_language"=>'en_US',		"return_to"=>"https://secondlife.com/auth/oid_return.php"		)	);	$cookie="";	if(preg_match("/Set-Cookie: +(.+)/",$c,$regs))$cookie=update_cookie($cookie,$regs[1]);		preg_match("/Location: +(.+)/",$c,$regs);	$location=$regs[1];			$c=curl_get_head($location,Array(),		Array(CURLOPT_COOKIE=>$cookie)		);				if(preg_match("/Set-Cookie: +(.+)/",$c,$regs))$cookie=update_cookie($cookie,$regs[1]);	preg_match("/Location: +(.+)/",$c,$regs);	$location=$regs[1];		$c=curl_get_head($location,		Array(),		Array(CURLOPT_COOKIE=>$cookie)		);	$params=get_params($c);		//echo $c . "<p>";	//echo $params . "<p>";	if(preg_match("/Set-Cookie: +(.+)/",$c,$regs))$cookie=update_cookie($cookie,$regs[1]);	$location="https://id.secondlife.com/openid/openidserver";	$c=curl_post_head($location,$params,Array(CURLOPT_COOKIE=>$cookie));	preg_match("/Location: +(.+)/",$c,$regs);	$location=$regs[1];	$c=curl_get_head($location,Array(),		Array(CURLOPT_COOKIE=>$cookie)		);				if(preg_match("/Set-Cookie: +(.+)/",$c,$regs))$cookie=update_cookie($cookie,$regs[1]);	$location='https://secondlife.com/my/account/transactions.php?date_start=' . $start_date  . '&date_end=' . $end_date . '&include_zero=yes〈=en&submit=View++%28up+to+500%29';	$c=curl_get_head($location,		Array(),		Array(CURLOPT_COOKIE=>$cookie)	);		$location='https://secondlife.com/my/account/download_transactions.php?date_start=' . $start_date . '&date_end=' . $end_date . '&type=xml&include_zero=yes';	$c=curl_get($location,		Array(),		Array(CURLOPT_COOKIE=>$cookie)		);	file_put_contents("/var/www/htdocs/_SLDB_1.02/results.xml",$c);	//echo $c;?>