Commit | Line | Data |
---|---|---|
183344e4 | 1 | <?PHP |
ca451761 | 2 | /* |
e20f7315 PM |
3 | ini_set('display_errors', 1); |
4 | ini_set('display_startup_errors', 1); | |
5 | error_reporting(E_ALL); | |
ca451761 PM |
6 | */ |
7 | include_once('/var/www/secure.php'); //outside webserver | |
8 | ||
9f5b3b38 | 9 | |
9f5b3b38 PM |
10 | function cut_part_out($start,$end,$whole){ |
11 | $parts = explode($start,$whole); | |
12 | $subparts = explode($end,$parts[1]); | |
13 | $out = $subparts[0]; | |
14 | return $out; | |
15 | } | |
16 | ||
6a816a4b | 17 | function MVgetPage($url,$cookie,$post){ |
4108c612 PM |
18 | // spoof https://topic.alibabacloud.com/a/php-curl-fake-ip-address-and-header-information-code-instance_1_34_10139121.html |
19 | $randIP = "".mt_rand(0,255).".".mt_rand(0,255).".".mt_rand(0,255).".".mt_rand(0,255); | |
20 | $headers['CLIENT-IP'] = $randIP; | |
21 | $headers['X-FORWARDED-FOR'] = $randIP; | |
22 | $headerArr = array(); | |
23 | foreach( $headers as $n => $v ) { | |
24 | $headerArr[] = $n .':' . $v; | |
25 | } | |
26 | // end | |
9f5b3b38 PM |
27 | $url = str_replace('[month]',date('F'),$url); // replace month January through December |
28 | $url = str_replace('[day]',date('j'),$url); // replace day 1 to 31 | |
29 | $url = str_replace('[yesterday]',date('j',strtotime('yesterday')),$url); // replace day 1 to 31 | |
30 | $url = str_replace('[year]',date('Y'),$url); // replace year Examples: 1999 or 2003 | |
31 | $curl = curl_init(); | |
32 | curl_setopt ($curl, CURLOPT_URL, $url); | |
33 | curl_setopt ($curl, CURLOPT_USERAGENT, sprintf("McGuire MEPS https://www.md-petition.com/ /%d.0",rand(4,50))); | |
34 | curl_setopt ($curl, CURLOPT_RETURNTRANSFER, 1); | |
35 | curl_setopt ($curl, CURLOPT_HEADER, 1); | |
4108c612 PM |
36 | // spoof |
37 | curl_setopt ($curl, CURLOPT_HTTPHEADER , $headerArr ); //Structure IP | |
38 | curl_setopt ($curl, CURLOPT_REFERER, $url); //Structure | |
39 | // end | |
9f5b3b38 PM |
40 | curl_setopt ($curl, CURLOPT_SSL_VERIFYPEER, 0); |
41 | curl_setopt ($curl, CURLOPT_FOLLOWLOCATION, true); | |
42 | if ($cookie != ''){ | |
43 | curl_setopt ($curl, CURLOPT_HTTPHEADER, array("Cookie: ASP.NET_SessionId=$cookie")); // use cookies | |
44 | } | |
45 | /* | |
46 | $postfields = array( | |
47 | 'upload_file' => '@file_to_upload.png', | |
48 | 'upload_text' => '@text_to_upload' | |
49 | ); | |
50 | */ | |
51 | if ($post != ''){ | |
52 | curl_setopt ($curl, CURLOPT_POSTFIELDS, $post); | |
53 | } | |
54 | $html = curl_exec ($curl); | |
55 | curl_close ($curl); | |
56 | return $html; | |
57 | } | |
58 | ||
79ab6eac | 59 | function md_voter_lookup($SearchFirstName,$SearchLastName,$DOBMonth,$DOBDay,$DOBYear,$SearchZipCode,$SearchHouseNumber,$SearchMiddleInitial){ |
ca451761 | 60 | global $petition; |
79ab6eac PM |
61 | $post['ctl00$MainContent$btnSearch'] = "Search"; |
62 | $post['btnSearch'] = "Search"; | |
63 | $post['ctl00$MainContent$listLanguages'] = "en"; | |
64 | $post['listLanguages'] = "en"; | |
54e8927c | 65 | if ($SearchFirstName == ''){ |
b09e085f | 66 | return 'MISSING NAME'; |
54e8927c | 67 | } |
79ab6eac | 68 | $post['ctl00$MainContent$txtSearchFirstName'] = $SearchFirstName; |
8eeb49e5 | 69 | $post['txtSearchFirstName'] = $SearchFirstName; |
79ab6eac PM |
70 | $post['ctl00$MainContent$txtSearchLastName'] = $SearchLastName; |
71 | $post['txtSearchLastName'] = $SearchLastName; | |
72 | $post['ctl00$MainContent$txtDOBMonth'] = $DOBMonth; | |
73 | $post['txtDOBMonth'] = $DOBMonth; | |
74 | $post['ctl00$MainContent$txtDOBDay'] = $DOBDay; | |
75 | $post['txtDOBDay'] = $DOBDay; | |
76 | $post['ctl00$MainContent$txtDOBYear'] = $DOBYear; | |
77 | $post['txtDOBYear'] = $DOBYear; | |
78 | $post['ctl00$MainContent$txtSearchZipCode'] = $SearchZipCode; | |
79 | $post['txtSearchZipCode'] = $SearchZipCode; | |
80 | $post['ctl00$MainContent$txtSearchHouseNumber'] = $SearchHouseNumber; | |
81 | $post['txtSearchHouseNumber'] = $SearchHouseNumber; | |
82 | $post['ctl00$MainContent$txtSearchMiddleInitial'] = $SearchMiddleInitial; | |
83 | $post['txtSearchMiddleInitial'] = $SearchMiddleInitial; | |
84 | // start a session to get a cookie | |
85 | $form['url'] = 'https://voterservices.elections.maryland.gov/VoterSearch'; | |
6a816a4b | 86 | $form['html'] = MVgetPage($form['url'],'',''); |
79ab6eac PM |
87 | // extract the cookie from the header (see CURLOPT_HEADER) |
88 | $cookie = cut_part_out('ASP.NET_SessionId=',';',$form['html']); | |
89 | // extract the form elements we will need to post with our data | |
90 | $post['__VIEWSTATE'] = cut_part_out('id="__VIEWSTATE" value="','"',$form['html']); | |
91 | $post['__VIEWSTATEGENERATOR'] = cut_part_out('id="__VIEWSTATEGENERATOR" value="','"',$form['html']); | |
92 | $post['__VIEWSTATEENCRYPTED'] = cut_part_out('id="__VIEWSTATEENCRYPTED" value="','"',$form['html']); | |
93 | $post['__EVENTVALIDATION'] = cut_part_out('id="__EVENTVALIDATION" value="','"',$form['html']); | |
6a816a4b | 94 | $result['html'] = MVgetPage($form['url'],$cookie,$post); |
79ab6eac PM |
95 | //echo "<h1>STEP 2: SBE RESULTS</h1>"; |
96 | $return['debug'] = htmlspecialchars($result['html']); | |
97 | $return['html'] = $result['html']; | |
29c736a0 | 98 | $html = $petition->real_escape_string($result['html']); |
ca451761 PM |
99 | $petition->query("INSERT INTO `RemoteVoterList` (`date_validated`, `txtSearchFirstName`, `txtSearchLastName`, `txtDOBMonth`, `txtDOBDay`, `txtDOBYear`, `txtSearchZipCode`, `txtSearchHouseNumber`, `txtSearchMiddleInitial`, `sbe_response`) |
100 | VALUES (now(), '$SearchFirstName', '$SearchLastName', '$DOBMonth', '$DOBDay', '$DOBYear', '$SearchZipCode', '$SearchHouseNumber', '$SearchMiddleInitial', '$html')"); | |
5b251e46 | 101 | return $result['html']; |
79ab6eac | 102 | } |
6a816a4b | 103 | /* |
79ab6eac | 104 | if (isset($_POST['SearchFirstName'])){ |
5738f45e | 105 | $voter = md_voter_lookup($_POST['SearchFirstName'],$_POST['SearchLastName'],$_POST['DOBMonth'],$_POST['DOBDay'],$_POST['DOBYear'],$_POST['SearchZipCode'],$_POST['SearchHouseNumber'],$_POST['SearchMiddleInitial']); |
79ab6eac | 106 | echo $voter['html']; |
6a5ac174 PM |
107 | } |
108 | ?> | |
79ab6eac PM |
109 | <form method='POST'> |
110 | <table> | |
111 | <tr> | |
112 | <td>SearchFirstName</td><td><input name='SearchFirstName'></td> | |
113 | </tr> | |
114 | <tr> | |
115 | <td>SearchLastName</td><td><input name='SearchLastName'></td> | |
116 | </tr> | |
117 | <tr> | |
118 | <td>DOBMonth</td><td><input name='DOBMonth'></td> | |
119 | </tr> | |
120 | <tr> | |
121 | <td>DOBDay</td><td><input name='DOBDay'></td> | |
122 | </tr> | |
123 | <tr> | |
124 | <td>DOBYear</td><td><input name='DOBYear'></td> | |
125 | </tr> | |
126 | <tr> | |
127 | <td>SearchZipCode</td><td><input name='SearchZipCode'></td> | |
128 | </tr> | |
129 | <tr> | |
130 | <td>SearchHouseNumber*</td><td><input name='SearchHouseNumber'></td> | |
131 | </tr> | |
132 | <tr> | |
133 | <td>SearchMiddleInitial*</td><td><input name='SearchMiddleInitial'></td> | |
134 | </tr> | |
135 | <tr> | |
136 | <td>*Optional</td><td><input type='submit'></td> | |
137 | </tr> | |
138 | </table> | |
139 | </form> | |
6a816a4b PM |
140 | */ |
141 |