Login to a forum with socket... can't stay logged in


I'm hoping someone can help me with this problem that has me banging my head against the keyboard.

I'm writing a script that connects via socket to a vbulletin forum, POSTS the login form, and then /should/ (once logged in) just GET a page to be parsed.

The forum seems to create a session upon your first visit to a page if you aren't logged in, so I GET the home page, snatch the session id out of it and post it with the login form just like the site does. The login is successful and the server returns the "you are logged in, you will be redirected to blah blah blah" page.

But the problem is no matter what I do after that I can't stay logged in! The site does set a sessionhash cookie and some other cookies which I AM reading and sending back to the server in my final GET request (I made sure by watching it with wireshark) but that doesn't do it...

I've compared my script's conversation with the server against the same conversation using lynx with wireshark and I can't find anything different except lynx stays logged in, and my script doesn't.

I'm wondering if anyone has any ideas. I could attach some code if necessary but I think I'm just missing something.

Thanks in advance!


  • Since you are using wireshark, do you notice any resets?
    Have you tried WWW::Mechanize?
  • Thanks for the reply!

    No there don't seem to be any resets coming. It's actually starting to look like the server won't take the session id cookie the script sends for some reason...

    The SID actually gets sent to the login.php page as part of the login form which would explain why it allows me to get to the "login success" page. The login success page tells me to set a cookie with that same SID which I believe must be the only way it checks if I'm logged in.

    Maybe I'm not sending the cookie properly but according to wireshark, my script's cookie is identical to the one lynx sends. I don't get it.

    I've come to this conclusion after discovering that if I append "?s=theSessionId" to the url of the page I'm trying to access it does in fact think I'm logged in.

    Do you see anything wrong with this cookie line? I sure don't...
    "Cookie: bblastvisit=1231815759, bblastactivity=0, IDstack=%2C137742%2C, bbsessionhash=blahblahblah

Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!