Server Form Post

[pinster]

Hi, I remember the old days, we can do form posting using INET or Winsock. Switching to ASP.NET, the server-side form is working in a different way... eg. post back, view state, etc.

 

I'm trying to programatically login to the website, http://mawar.www.gov.my/eGA.NET/aca.aspx?Target=UserMain&LANG=1

 

but I'm not getting the desire result page although i had submitted the correct username and password...

 

My code goes like this: (It's a custom control which is used in a web form)

       Dim _ResponseData As String, _ViewState As String
       Dim _FormParam As String, oWebRequest As HttpWebRequest, oWebResponse As HttpWebResponse
       Dim ResponseReader As StreamReader, RequestWriter As StreamWriter
       Dim cookies As New CookieContainer, _target As String
       Dim _EventTarget As String, _EventArg As String

       'Download HTML
       oWebRequest = HttpWebRequest.Create("http://mawar.www.gov.my/eGA.NET/aca.aspx?Target=UserMain&LANG=1")
       ResponseReader = New StreamReader(oWebRequest.GetResponse.GetResponseStream)
       _ResponseData = ResponseReader.ReadToEnd
       ResponseReader.Close()

       'Extract ViewState
       _ResponseData = _ResponseData.Replace("name=""__VIEWSTATE"" value=""", "~")

       '_ViewState = _ResponseData.Substring(_ResponseData.IndexOf("~") + 1, (_ResponseData.IndexOf(""" />", _ResponseData.IndexOf("~")) - 1) - _ResponseData.IndexOf("~"))
       _ViewState = Web.HttpUtility.UrlEncodeUnicode(_ResponseData.Substring(_ResponseData.IndexOf("~") + 1, (_ResponseData.IndexOf(""" />", _ResponseData.IndexOf("~")) - 1) - _ResponseData.IndexOf("~")))

       _target = "Login"
       _EventTarget = ""
       _EventArg = ""
       _FormParam = String.Format("target={0}&__EVENTTARGET={1}&__EVENTARGUMENT={2}&__VIEWSTATE={3}&txtUser={4}&txtPassword={5}", _target, _EventTarget, _EventArg, _ViewState, "user", "pwd")

       oWebRequest = HttpWebRequest.Create("http://mawar.www.gov.my/eGA.NET/aca.aspx?target=Login&p=http://mawar.www.gov.my/eGA.NET/aca.aspx?target=UserMain")
       oWebRequest.Method = "POST"
       oWebRequest.ContentType = "application/x-www-form-urlencoded"
       oWebRequest.ContentLength = _FormParam.Length
       'oWebRequest.CookieContainer = cookies

       RequestWriter = New StreamWriter(oWebRequest.GetRequestStream)
       RequestWriter.Write(_FormParam)
       RequestWriter.Close()

       'oWebRequest.GetResponse.Close()

       oWebResponse = oWebRequest.GetResponse 'HttpWebRequest.Create("http://mawar.www.gov.my/eGA.NET/aca.aspx?Target=UserMain&LANG=1")
       'oWebRequest.CookieContainer = cookies
       ResponseReader = New StreamReader(oWebResponse.GetResponseStream)
       _text = ResponseReader.ReadToEnd
       ResponseReader.Close()

 

Basically, I'm requesting for the login.aspx, get the viewstate, post my username and password, then get the protected page. In this example, if it's login failed, we should get back to the same login page with an error message 'Invalid Login. Please enter a valid User Name and Password'. Otherwise, if successful, we should get to another page with the word 'My Profile' inside the page.

 

I'm really stucked with this.. I hope there is any expert who can help or guide me. Thank you!

[Derek Stone]

Have a look at the following code in the Web page:

 

<script language="javascript">
<!--
function __doPostBack(eventTarget, eventArgument) {
	var theform = document.Form1;
	theform.__EVENTTARGET.value = eventTarget;
	theform.__EVENTARGUMENT.value = eventArgument;
	theform.submit();
}
// -->
</script>

 

Perhaps that'll give you a hint as to what you're missing. :)

[HJB417]

Last time I had to do something similar to you, I just used Mozilla with LiveHTTPHeaders to 1st look at what was sent and receiving, and them perform the same thing in code using HttpRequests/HttpResponse, sort of like what you're doing.

[pinster]

Yeah! I figured it out now! I was using HTTPWatch to see what was sent and received in a browser, then discovered that it was cookies problem.

 

Thanks!