Your Ad Here

advanced code snippet search

Posted By

uioreanu on 03/15/09


Tagged

curl download example csv Online Banking


Versions (?)

Hypovereinsbank CSV crawler - online banking statements downloader from Hypovereinsbank Munich, Germany using PHP & CURL

 / Published in: PHP
 

just replace the XXX fields with your own numbers. Then run this PHP Script from the command line (CLI mode). It will fetch the online statements from Hypovereinsbank direct banking.

The code works by tweaking CURL settings around the HTTPS connection.

The last update (2010-02-12) is because hypo now rotates the viewstate variable on every page (before they did it only once after login).

Expand | Embed | Plain Text 
  1. <?php
  2.  
  3. setlocale(LC_TIME, "de_DE");
  4. global $location; #keep track of location/redirects
  5. global $cookiearr; #store cookies here
  6. global $ch;
  7.  
  8. global $Betrag;
  9. $inputUsername = 'XXXXXXXXXX'; # place here the Direct banking number
  10. $inputPassword = 'XXXXXX';   # place here your pass
  11.  
  12. $outputCSV = '/tmp/Umsatzliste.csv';
  13.  
  14. require_once 'func/hypo_functions.php';
  15.  
  16. $step = 0;
  17. logF("fetch start");
  18.  
  19. define ('RND_LOW', 2);
  20. define ('RND_HIGH', 4);
  21. #define ('RND_LOW', 5);
  22. #define ('RND_HIGH', 10);
  23.  
  24.  
  25. $headers[] = 'Connection: Keep-Alive';
  26. $headers[] = 'Host: my.hypovereinsbank.de';
  27. $headers[] = 'Content-type: application/x-www-form-urlencoded';
  28. $headers[] = 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8';
  29. $headers[] = 'Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3';
  30. $headers[] = 'Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7';
  31. $headers[] = 'Keep-Alive: 300';
  32.  
  33.  
  34.  
  35.  
  36.  
  37.  
  38.  
  39. ###################################################################
  40.  
  41. logF($step."th sleeping for ". $secs = rand(RND_LOW, RND_HIGH)); sleep($secs);
  42.  
  43. $Url='https://my.hypovereinsbank.de/login?view=/privatkunden/login.jsp';
  44. $cookieFilenameLogin="/tmp/hypo_login.cookie";
  45. $cookieFilenameAuth="/tmp/hypo_auth.cookie";
  46.  
  47. # first HTTP session : retrieve tr_sid, setcookie etc
  48. $ch = curl_init();
  49. curl_setopt($ch, CURLOPT_URL,$Url);
  50. curl_setopt($ch, CURLOPT_COOKIEJAR, $cookieFilenameLogin);
  51. curl_setopt($ch, CURLOPT_COOKIEFILE, $cookieFilenameLogin);
  52. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5");
  53. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true ); 
  54. curl_setopt($ch, CURLOPT_HEADER,true);
  55. curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
  56. curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
  57. curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate');
  58. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
  59.  
  60.  
  61. $step++;
  62. logF($step."th $Url");
  63. $Html = curl_exec ($ch);
  64. $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
  65. curl_close ($ch); 
  66. unset($ch);
  67. logF($step."th ". strlen($Html));
  68. fWriteTo("$step.html", $Html);
  69.  
  70. $linesHtml = split ("\n", $Html);
  71. foreach ($linesHtml as $lineHtml) {
  72. 	if (strpos($lineHtml, '<a href="https://my.hypovereinsbank.de/login?view=/privatkunden/login.jsp&tr_sid=')!== false) {
  73. 		$tr_sid = substr($lineHtml, strpos($lineHtml, 'tr_sid=')+7, strlen('200806270805574786894478605040495919'));
  74. 	}
  75. 	if (strpos($lineHtml, 'id="javax.faces.ViewState" value="')!== false) {
  76. 		$lineHtml = substr($lineHtml, strpos($lineHtml, 'id="javax.faces.ViewState" value="')+34);
  77. 		$javax = substr($lineHtml, 0, strpos($lineHtml, '"'));
  78. #		$javax = substr($lineHtml, strpos($lineHtml, 'id="javax.faces.ViewState" value="')+34, 120);
  79. 	}
  80. }
  81. $tr_sid=str_replace('"', '', $tr_sid);
  82. if (!$tr_sid) {
  83. 	die (logF('no tr_sid'));
  84. }
  85. if (!$javax) {
  86. 	die (logF('no javax'));
  87. }
  88. logF("retrieved tr_sid(". strlen($tr_sid) .")=$tr_sid");
  89. logF("retrieved javax(". strlen($javax) .")=$javax");
  90. ###################################################################
  91.  
  92. $Url .= '&tr_sid='. $tr_sid;
  93. $postFields = array (
  94. #	'directBankingLoginForm:viewInitialized' => 'true',
  95. 	'username' => $inputUsername,
  96. 	'px2' => $inputPassword,
  97. 	'secP' => 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF',
  98. 	'directBankingLoginForm:loginPanel:loginCommand' => 'Anmelden',
  99. 	'directBankingLoginForm:_idcl' => '',
  100. 	'directBankingLoginForm:_link_hidden_' => '',
  101. 	'directBankingLoginForm_SUBMIT' => '1',
  102. 	'javax.faces.ViewState' => ($javax),
  103. );
  104. $postUrl = http_build_query_wrong($postFields);
  105.  
  106. # second HTTP session : effective login
  107. $ch = curl_init();
  108. curl_setopt($ch, CURLOPT_URL,$Url);
  109. curl_setopt($ch, CURLOPT_POST, 1);
  110. curl_setopt($ch, CURLOPT_POSTFIELDS, $postUrl);
  111. curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
  112. curl_setopt($ch, CURLOPT_COOKIEJAR, $cookieFilenameAuth);
  113. curl_setopt($ch, CURLOPT_COOKIEFILE, $cookieFilenameLogin);
  114. #curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE);
  115. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5");
  116. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true ); 
  117. curl_setopt($ch, CURLOPT_HEADER,true);
  118. curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
  119. curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate');
  120. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
  121. #curl_setopt($ch, CURLOPT_VERBOSE, 2);
  122. curl_setopt($ch, CURLOPT_HEADERFUNCTION, 'read_header');
  123.  
  124. $step++;
  125. logF($step."th $Url");
  126. $Html = curl_exec ($ch);
  127. $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
  128. curl_close ($ch); 
  129. unset($ch);
  130. logF($step."th ". strlen($Html));
  131. fWriteTo("$step.html", $Html);
  132. logF($step."th sleeping for ". $secs = rand(RND_LOW, RND_HIGH)); sleep($secs);
  133. ###################################################################
  134.  
  135.  
  136.  
  137.  
  138.  
  139.  
  140.  
  141. ###################################################################
  142.  
  143. logF($step."th sleeping for ". $secs = rand(RND_LOW, RND_HIGH)); sleep($secs);
  144.  
  145. $Url='https://my.hypovereinsbank.de/login?view=/privatkunden/login.jsp';
  146. $cookieFilenameLogin="/tmp/hypo_login.cookie";
  147. $cookieFilenameAuth="/tmp/hypo_auth.cookie";
  148.  
  149. # first HTTP session : retrieve tr_sid, setcookie etc
  150. $ch = curl_init();
  151. curl_setopt($ch, CURLOPT_URL,$Url);
  152. curl_setopt($ch, CURLOPT_COOKIEJAR, $cookieFilenameLogin);
  153. curl_setopt($ch, CURLOPT_COOKIEFILE, $cookieFilenameLogin);
  154. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5");
  155. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true ); 
  156. curl_setopt($ch, CURLOPT_HEADER,true);
  157. curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
  158. curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
  159. curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate');
  160. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
  161.  
  162.  
  163. $step++;
  164. logF($step."th $Url");
  165. $Html = curl_exec ($ch);
  166. $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
  167. curl_close ($ch); 
  168. unset($ch);
  169. logF($step."th ". strlen($Html));
  170. fWriteTo("$step.html", $Html);
  171.  
  172. $linesHtml = split ("\n", $Html);
  173. foreach ($linesHtml as $lineHtml) {
  174. 	if (strpos($lineHtml, '<a href="https://my.hypovereinsbank.de/login?view=/privatkunden/login.jsp&tr_sid=')!== false) {
  175. 		$tr_sid = substr($lineHtml, strpos($lineHtml, 'tr_sid=')+7, strlen('200806270805574786894478605040495919'));
  176. 	}
  177. 	if (strpos($lineHtml, 'id="javax.faces.ViewState" value="')!== false) {
  178. 		$lineHtml = substr($lineHtml, strpos($lineHtml, 'id="javax.faces.ViewState" value="')+34);
  179. 		$javax = substr($lineHtml, 0, strpos($lineHtml, '"'));
  180. #		$javax = substr($lineHtml, strpos($lineHtml, 'id="javax.faces.ViewState" value="')+34, 120);
  181. 	}
  182. }
  183. $tr_sid=str_replace('"', '', $tr_sid);
  184. if (!$tr_sid) {
  185. 	die (logF('no tr_sid'));
  186. }
  187. if (!$javax) {
  188. 	die (logF('no javax'));
  189. }
  190. logF("retrieved tr_sid(". strlen($tr_sid) .")=$tr_sid");
  191. logF("retrieved javax(". strlen($javax) .")=$javax");
  192. ###################################################################
  193.  
  194. $Url .= '&tr_sid='. $tr_sid;
  195. $postFields = array (
  196. #	'directBankingLoginForm:viewInitialized' => 'true',
  197. 	'username' => $inputUsername,
  198. 	'px2' => $inputPassword,
  199. 	'secP' => 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF',
  200. 	'directBankingLoginForm:loginPanel:loginCommand' => 'Anmelden',
  201. 	'directBankingLoginForm:_idcl' => '',
  202. 	'directBankingLoginForm:_link_hidden_' => '',
  203. 	'directBankingLoginForm_SUBMIT' => '1',
  204. 	'javax.faces.ViewState' => ($javax),
  205. );
  206. $postUrl = http_build_query_urlencode($postFields);
  207.  
  208. # second HTTP session : effective login
  209. $ch = curl_init();
  210. curl_setopt($ch, CURLOPT_URL,$Url);
  211. curl_setopt($ch, CURLOPT_POST, 1);
  212. curl_setopt($ch, CURLOPT_POSTFIELDS, $postUrl);
  213. curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
  214. curl_setopt($ch, CURLOPT_COOKIEJAR, $cookieFilenameAuth);
  215. curl_setopt($ch, CURLOPT_COOKIEFILE, $cookieFilenameLogin);
  216. #curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE);
  217. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5");
  218. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true ); 
  219. curl_setopt($ch, CURLOPT_HEADER,true);
  220. curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
  221. curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate');
  222. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
  223. #curl_setopt($ch, CURLOPT_VERBOSE, 2);
  224. curl_setopt($ch, CURLOPT_HEADERFUNCTION, 'read_header');
  225.  
  226. $step++;
  227. logF($step."th $Url");
  228. $Html = curl_exec ($ch);
  229. $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
  230. curl_close ($ch); 
  231. unset($ch);
  232. logF($step."th ". strlen($Html));
  233. fWriteTo("$step.html", $Html);
  234. logF($step."th sleeping for ". $secs = rand(RND_LOW, RND_HIGH)); sleep($secs);
  235.  
  236. $lines = split ("\n", $Html);
  237. foreach ($lines as $line) {
  238. 	if (strpos($line, 'mystartpage_finanzstatus')!== false) {
  239. 		$pieces = explode('\'', $line);
  240. 		$Var_idcl = $pieces[3];
  241. 	}
  242. }
  243. if (!$Var_idcl) {
  244. 	print "ERROR: Cannot fetch idcl";
  245. #	exit;
  246. }
  247. logF($step ."th idcl: $Var_idcl");
  248. $cookieStr = '';
  249. print_r($cookiearr);
  250. foreach ($cookiearr as $cookieName => $cookieVal) {
  251. 	$cookieStr.=$cookieName.'='.$cookieVal.'; ';
  252. }
  253. $cookieStr = substr($cookieStr, 0, -2);
  254. ###################################################################
  255.  
  256.  
  257. ###################################################################
  258. # go to account
  259. $Url='https://my.hypovereinsbank.de/portal?view=/banking/accountManagement.jsp';
  260.  
  261. $ch = curl_init();
  262. curl_setopt($ch, CURLOPT_URL,$Url);
  263. curl_setopt($ch, CURLOPT_COOKIE,  $cookieStr);
  264. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5");
  265. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true ); 
  266. curl_setopt($ch, CURLOPT_HEADER,true);
  267. curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
  268. curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
  269. curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate');
  270. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
  271. #curl_setopt($ch, CURLOPT_VERBOSE, 2);
  272.  
  273. $step++;
  274. logF($step."th $Url");
  275. $Html = curl_exec ($ch);
  276. $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
  277. curl_close ($ch); 
  278. unset($ch);
  279. logF($step."th ". strlen($Html));
  280. fWriteTo("$step.html", $Html);
  281. ###################################################################
  282.  
  283. $lines = split ("\n", $Html);
  284. $liveStart = false;
  285. foreach ($lines as $line) {
  286. 	if (strpos($line, 'Aktueller Kontosaldo')!== false) {
  287. 		$liveStart = true;
  288. 	}
  289. 	if (strpos($line, '</fieldset>')!== false) {
  290. 		$liveStart = false;
  291. 	}
  292. 	if ($liveStart && trim($line) == trim(strip_tags($line)) && strpos($line, 'EUR')!== false) {
  293. 		$Betrag[0] = trim(str_replace('EUR', '', $line));
  294. 	}
  295. 	if ($liveStart && strpos($line, 'negbal')!==false && strpos($line, 'EUR')!== false) {
  296. 		$Betrag[0] = trim(str_replace('EUR', '', strip_tags($line)));
  297. 	}
  298.  
  299. 	if (strpos($line, 'Kontostand am')!== false) {
  300. 		$linePart = strip_Tags(substr($line, strpos($line, 'Kontostand am')));
  301. 		$lineParts = explode(date('Y'), $linePart);
  302. 		$lineParts2 = explode(' ', trim(str_replace('EUR', '', $lineParts[1])));
  303. 		if ($lineParts2[1]) {
  304. 			$Betrag[1] = $lineParts2[1];
  305. 		} else {
  306. 			$Betrag[1] = trim(str_replace('EUR', '', $lineParts[1]));
  307. 		}
  308. 	}
  309. }
  310. logF("Kontostand live ... " . $Betrag[0] ." EUR");
  311. logF("Kontostand old ...  " . $Betrag[1] ." EUR");
  312. if (!$Betrag) {
  313. 	die (print 'no Betrag in step: '. $step);
  314. }
  315.  
  316.  
  317. $linesHtml = split ("\n", $Html);
  318. foreach ($linesHtml as $lineHtml) {
  319. 	if (strpos($lineHtml, '<a href="https://my.hypovereinsbank.de/login?view=/privatkunden/login.jsp&tr_sid=')!== false) {
  320. 		$tr_sid = substr($lineHtml, strpos($lineHtml, 'tr_sid=')+7, strlen('200806270805574786894478605040495919'));
  321. 	}
  322. 	if (strpos($lineHtml, 'id="javax.faces.ViewState" value="')!== false) {
  323. 		$lineHtml = substr($lineHtml, strpos($lineHtml, 'id="javax.faces.ViewState" value="')+34);
  324. 		$javax = substr($lineHtml, 0, strpos($lineHtml, '"'));
  325. #		$javax = substr($lineHtml, strpos($lineHtml, 'id="javax.faces.ViewState" value="')+34, 120);
  326. 	}
  327. }
  328. $tr_sid=str_replace('"', '', $tr_sid);
  329. if (!$tr_sid) {
  330. 	die (logF('no tr_sid'));
  331. }
  332. if (!$javax) {
  333. 	die (logF('no javax'));
  334. }
  335. logF("retrieved tr_sid(". strlen($tr_sid) .")=$tr_sid");
  336. logF("retrieved javax(". strlen($javax) .")=$javax");
  337.  
  338. #var_dump($Betrag);
  339. ###################################################################
  340. $Url = 'https://my.hypovereinsbank.de/portal?view=/banking/accountManagement.jsp';
  341. $postFields = array (
  342. 	'accountManagement:dayFrom' => '1',
  343. 	'accountManagement:monthFrom' => strftime("%B %Y", time() - 31*24*3600),
  344. 	'accountManagement:dayTo' => date('d'),
  345. 	'accountManagement:monthTo' => strftime("%B %Y"),
  346. 	'accountManagement:numberOfTurnovers' => '9999',
  347. 	'accountManagement:refresh' => 'Anzeigen',
  348. #	'accountManagement:buttonNavigation:j_id_id142' => 'Download Kontoums�¤tze ',
  349. 	'accountManagement:_link_hidden_' => '',
  350. 	'accountManagement:_idcl' => '',
  351. 	'accountManagement_SUBMIT' => '1',
  352. 	'javax.faces.ViewState' => ($javax),
  353. );
  354.  
  355. $postUrl = http_build_query_urlencode($postFields);
  356.  
  357. # post-login steps
  358. $ch = curl_init();
  359. curl_setopt($ch, CURLOPT_URL,$Url);
  360. curl_setopt($ch, CURLOPT_BINARYTRANSFER, 1);
  361. curl_setopt($ch, CURLOPT_POST, 1);
  362. curl_setopt($ch, CURLOPT_POSTFIELDS, $postUrl);
  363. curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
  364. curl_setopt($ch, CURLOPT_COOKIE,  $cookieStr);
  365. #curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE);
  366. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5");
  367. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true ); 
  368. curl_setopt($ch, CURLOPT_HEADER,true);
  369. curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
  370. curl_setopt($ch, CURLOPT_REFERER, 'https://my.hypovereinsbank.de/portal?view=/banking/startpage.jsp');
  371. curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate');
  372. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
  373. #curl_setopt($ch, CURLOPT_VERBOSE, 2);
  374.  
  375. $step++;
  376. logF($step."th $Url");
  377. $Html = curl_exec ($ch);
  378. $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
  379. curl_close ($ch); 
  380. unset($ch);
  381. logF($step."th ". strlen($Html));
  382. fWriteTo("$step.html", $Html);
  383.  
  384. $linesHtml = split ("\n", $Html);
  385. foreach ($linesHtml as $lineHtml) {
  386. 	if (strpos($lineHtml, '<a href="https://my.hypovereinsbank.de/login?view=/privatkunden/login.jsp&tr_sid=')!== false) {
  387. 		$tr_sid = substr($lineHtml, strpos($lineHtml, 'tr_sid=')+7, strlen('200806270805574786894478605040495919'));
  388. 	}
  389. 	if (strpos($lineHtml, 'id="javax.faces.ViewState" value="')!== false) {
  390. 		$lineHtml = substr($lineHtml, strpos($lineHtml, 'id="javax.faces.ViewState" value="')+34);
  391. 		$javax = substr($lineHtml, 0, strpos($lineHtml, '"'));
  392. #		$javax = substr($lineHtml, strpos($lineHtml, 'id="javax.faces.ViewState" value="')+34, 120);
  393. 	}
  394. }
  395. $tr_sid=str_replace('"', '', $tr_sid);
  396. if (!$tr_sid) {
  397. 	die (logF('no tr_sid'));
  398. }
  399. if (!$javax) {
  400. 	die (logF('no javax'));
  401. }
  402. logF("retrieved tr_sid(". strlen($tr_sid) .")=$tr_sid");
  403. logF("retrieved javax(". strlen($javax) .")=$javax");
  404.  
  405. logF($step."th sleeping for ". $secs = rand(RND_LOW, RND_HIGH)); sleep($secs);
  406. ###################################################################
  407.  
  408. ###################################################################
  409. $Url = 'https://my.hypovereinsbank.de/portal?view=/banking/accountManagement.jsp';
  410. $postFields = array (
  411. 	'accountManagement:dayFrom' => max(date('d')-7, 1),
  412. 	'accountManagement:monthFrom' => strftime("%B %Y", time() - 31*24*3600),
  413. ##	'accountManagement:monthFrom' => strftime("%B %Y"),
  414. 	'accountManagement:dayTo' => date('d'),
  415. 	'accountManagement:monthTo' => strftime("%B %Y"),
  416. 	'accountManagement:numberOfTurnovers' => '9999',
  417. ##	'accountManagement:numberOfTurnovers' => '20',
  418. #	'accountManagement:refresh' => 'Anzeigen',
  419. 	'accountManagement:buttonNavigation:j_id_id147' => 'Download Kontoums'. substr(strftime("%B", strtotime('2001-03-01 00:00:00')), 1, 1) .'tze ',
  420. 	'accountManagement:_link_hidden_' => '',
  421. 	'accountManagement:_idcl' => '',
  422. 	'accountManagement_SUBMIT' => '1',
  423. 	'javax.faces.ViewState' => ($javax),
  424. );
  425. print_R($postFields);
  426. $postUrl = http_build_query_urlencode($postFields);
  427. print_R($postUrl);
  428.  
  429. # post-login steps
  430. $ch = curl_init();
  431. curl_setopt($ch, CURLOPT_URL,$Url);
  432. curl_setopt($ch, CURLOPT_BINARYTRANSFER, 1);
  433. curl_setopt($ch, CURLOPT_POST, 1);
  434. curl_setopt($ch, CURLOPT_POSTFIELDS, $postUrl);
  435. curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
  436. curl_setopt($ch, CURLOPT_COOKIE,  $cookieStr);
  437. #curl_setopt($ch, CURLOPT_VERBOSE, TRUE);    
  438.  
  439. #curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE);
  440. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.2) Gecko/20090729 Firefox/3.5.2 (.NET CLR 3.5.30729)");
  441. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true ); 
  442. #curl_setopt($ch, CURLOPT_HEADER,true);
  443. curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
  444. #curl_setopt($ch, CURLOPT_REFERER, 'https://my.hypovereinsbank.de/portal?view=/banking/startpage.jsp');
  445. curl_setopt($ch, CURLOPT_REFERER, $Url);
  446. curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate');
  447. #curl_setopt($ch, CURLOPT_FAILONERROR, 1);
  448. curl_setopt($ch, CURLOPT_VERBOSE, 2);
  449.  
  450. $step++;
  451. logF($step."th $Url");
  452. $Html = curl_exec ($ch);
  453. $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
  454. curl_close ($ch); 
  455. unset($ch);
  456. logF($step."th ". strlen($Html));
  457. fWriteTo("$step.html", $Html);
  458. logF($step."th sleeping for ". $secs = rand(RND_LOW, RND_HIGH)); sleep($secs);
  459. ###################################################################
  460.  
  461. unlink($outputCSV);
  462. copy("$step.html", $outputCSV);
  463.  
  464. ###################################################################
  465.  
  466. ###################################################################
  467. # party over, logout
  468. $Url='https://my.hypovereinsbank.de/login?view=/privatkunden/logout.jsp';
  469.  
  470. $ch = curl_init();
  471. curl_setopt($ch, CURLOPT_URL,$Url);
  472. curl_setopt($ch, CURLOPT_COOKIE,  $cookieStr);
  473. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5");
  474. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true ); 
  475. curl_setopt($ch, CURLOPT_HEADER,true);
  476. curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
  477. curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
  478. curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate');
  479. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
  480. curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate');
  481. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
  482. #curl_setopt($ch, CURLOPT_VERBOSE, 2);
  483.  
  484.  
  485. $step++;
  486. logF($step."th $Url");
  487. $Html = curl_exec ($ch);
  488. $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
  489. curl_close ($ch); 
  490. unset($ch);
  491. logF($step."th ". strlen($Html));
  492. fWriteTo("$step.html", $Html);
  493. ###################################################################
  494.  
  495.  
  496. ###################################################################
  497. function http_build_query_urlencode($postFields)
  498. {
  499. 	$postUrl = "";
  500. 	foreach ($postFields as $fName => $fValue) {
  501. 		$postUrl.=urlencode($fName).'='.urlencode($fValue)."&";
  502. #		$postUrl.=($fName).'='.rawurlencode($fValue)."&";
  503. 	}
  504. 	return substr($postUrl, 0, -1);
  505. } 
  506.  
  507. function http_build_query_wrong($postFields)
  508. {
  509. 	$postUrl = "";
  510. 	foreach ($postFields as $fName => $fValue) {
  511. 		$postUrl.=urlencode($fName).'='.utf8_encode($fValue)."&";
  512. #		$postUrl.=($fName).'='.rawurlencode($fValue)."&";
  513. 	}
  514. 	return substr($postUrl, 0, -1)."\n";
  515. } 
  516.  
  517.  
  518. function read_header($ch, $string)
  519. {
  520.     global $location; #keep track of location/redirects
  521.     global $cookiearr; #store cookies here
  522.     global $ch;
  523.        # ^overrides the function param $ch
  524.        # this is okay because we need to
  525.        # update the global $ch with
  526.        # new cookies
  527.  
  528.     $length = strlen($string);
  529.     if(!strncmp($string, "Location:", 9))
  530.     { #keep track of last redirect
  531.       $location = trim(substr($string, 9, -1));
  532.     }
  533.     if(!strncmp($string, "Set-Cookie:", 11))
  534.     { #get the cookie
  535.       $cookiestr = trim(substr($string, 11, -1));
  536.       $cookie = explode(';', $cookiestr);
  537.       $cookie = explode('=', $cookie[0]);
  538.       $cookiename = trim(array_shift($cookie));
  539.       $cookiearr[$cookiename] = trim(implode('=', $cookie));
  540.     }
  541.     $cookie = "";
  542.     if(trim($string) == "")
  543.     {  #execute only at end of header
  544.       foreach ($cookiearr as $key=>$value)
  545.       {
  546.         $cookie .= "$key=$value; ";
  547.       }
  548.       curl_setopt($ch, CURLOPT_COOKIE, $cookie);
  549.     }
  550.  
  551.     return $length;
  552. }
  553.  
  554. ?>

Report this snippet  

Comments

RSS Icon Subscribe to comments
Posted By: uioreanu on March 15, 2009

tested with PHP 4.4.0 and curl 7.14.0

Posted By: masterix on May 19, 2011

Does anyone know if this script still works? Can't test this because i don't have an HVB account yet.

You need to login to post a comment.