admin@xxxxxxxxxxxxxxxxxxx wrote:
WHY! Would you even want to pull that data first off?
It would be out dated as of the next transaction anyway.
Secondly if you can curl the data from the server, and get your account
information! I suggest you change banks.
With that attitude you'll end up keeping your money under your bed.
Anything my browser can do curl can do.
Bad decision I think to make this attempt.
Why? If Ronald decides to access *his* account using a method other than
a browser, what is he doing wrong? The only downside to it is if he's
storing his authentication credentials somewhere so it can be an
automated process. Aside from that possibility I don't see the bad here.
You can bet I will be watching your networks for an attempt on
authentication failures.
Because that request does not sound RIGHT to me.
inetnum: 59.124.0.0 - 59.127.255.255
netname: HINET-NET
country: TW
descr: CHTD, Chunghwa Telecom Co.,Ltd.
descr: Data-Bldg.6F, No.21, Sec.21, Hsin-Yi Rd.
descr: Taipei Taiwan 100
Interland, Inc. MAXIM-NETBLK-1 (NET-216-65-0-0-1)
216.65.0.0 - 216.65.127.255
Poke Internet Services MAX-CUSTNET-348 (NET-216-65-86-0-1)
216.65.86.0 - 216.65.86.255
Wow. Look everyone, he knows how to look up the owner of an IP address.
Phear his mad sysadmin skillz!
Seriously, I highly doubt Ronald is going to try anything against your
systems. Just curious about something... what would you do if he did try
something? Call your mother and have a little cry?
-----Original Message-----
From: Ronald Wiplinger [mailto:ronald@xxxxxxxxx]
Sent: Friday, November 16, 2007 11:38 PM
To: PHP General list
Subject: bank query and curl
I have a bank account and would like to query the last transactions.
I can do that now via web and think that I can convert this procedure to
a list of curl requests and finally put the result into a database on my
server.
Fortunately this bank account does not allow transactions, just viewing
the account.
Is there a guide available how to start this project?
I would suggest the curl documentation. In order to duplicate what a
browser does you basically just need to make sure you persist cookies
between requests. Depending on what the site you're accessing does it
may not be particularly trivial to do this. You may end up needing to
parse each page that's returned to get the right URL to use for the next
request, but it shouldn't get any more complicated than that.
As I mentioned above I would strongly recommend that you do not store
your authentication credentials anywhere. If you need this to be an
automated system don't bother - it's not worth the risk.
Oh, and don't underestimate the damage that can be caused by someone
gaining access to this account. Just because you can't carry out
transactions through the site doesn't mean the information it gives you
access to can't be used for evil purposes.
One last thing... you may find yourself getting blocked from the banks
site if you make too many failed requests. You may want to pick another
site while you learn how curl works.
-Stut
--
http://stut.net/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
