Develop Reference

How to log in a web server with esp8266 client?

I am struggling to use ESP8266 client to log into my web server (which is running in a PC host in local network). The ESP must login in order to see weather it must activate the sensor connected to it or not. Users can change the state of sensor activation (on/off) by logging in their portal. Therefore the esp8266 must be always aware of that. The way that comes to my mind is that the ESP8266 must log in like other browser clients. First, it should enter the login page through the following code:
client.print(String("GET /public_html/login.php") + " HTTP/1.1\r\n" +
"Host: " + host + "\r\n" +
"Connection: close\r\n" +
"\r\n"
);
Then I should post the username and password to the server. Normal human users who log in through a browser log in through the form below:
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
<div class="form-group <?php echo (!empty($username_err)) ? 'has-error' : ''; ?>">
<label>username</label>
<input type="text" name="username" class="form-control" value="<?php echo $username; >">
</div>
<div class="form-group <?php echo (!empty($password_err)) ? 'has-error' : ''; ?>">
<label>password</label>
<input type="password" name="password" class="form-control">
</div>
<div class="form-group">
<input type="submit" class="btn btn-primary" value="Login">
</div>
</form>
How can I do the same thing implemented above in ESP8266?

First you have to define a post route at server which can listen to esp post requests.
And you can send a json string from esp with post method which contains encrypted credentials.
Depending on credentials received at server end you can decide whether to authenticate or not the device and respond the same result back to device.

How to match payload in POST request

I've got a GET request like this:
<FORM action='vieweto0.php' method='POST'>
<SELECT name='ID_Profil'>
<OPTION value=3> blank3</OPTION>
<OPTION value=2> blank2</OPTION>
<OPTION value=4>blank4</OPTION>
</SELECT>
<br><input type='submit' type=hidden name='OK' value='choose this one'>
</FORM>
How my POST request should look like if I want to choose OPTION 'blank4'?
Where I can read more about POST request like this?

If you use python requests:
import requests
res = requests.post("http://hostaddress/vieweto0.php", data={"ID_Profil":4})
POST or GET requests are basically sending key-value pairs to the server.
Learn more about http POST on https://www.w3schools.com/html/default.asp and how requests work on this: http://docs.python-requests.org/en/master/user/quickstart/. If you are interested in the details of POST, you can read this: https://www.rfc-editor.org/rfc/rfc7231#section-4.3.3.

You can use this $_POST['ID_Profil'];

Fetch data from HTTP POST with CURL

i'm new with curl
I want to try fetch simple text from html input using curl and send it to another website using simple JSON
this is the simple html code i make
<form action="http:test.com" method="post">
<input type="text" id="text">
<input type="submit" value="submit">
</form>
is there a way to do it?
Thank you!

Since you need to fetch the data from Slack, the nice way is to use AJAX to post the data. The following JS codes are modified based on achavez's gist: Post to Slack using javascript and use jQuery.ajax.
<form action="http:test.com" method="post" id="the-form">
<input type="text" id="text">
<input type="submit" value="submit">
</form>
<script type="text/javascript" src="https://code.jquery.com/jquery-3.2.1.min.js"></script>
<script type="text/javascript">
$('#the-form').submit(function(e) {
e.preventDefault();
var url = "http:test.com"; // Webhook URL
var text = $('#text').text(); // Text to post, get from your form
$.ajax({
data: 'payload=' + JSON.stringify({
"text": text
}),
dataType: 'json',
processData: false,
type: 'POST',
url: url
}).done(function(data) {
// do whatever you want with `data`, `data` is the response
});;
});
</script>

Can't convert form data to URL

I'm trying to send a POST request to get a file downloaded, but I'm having problem complete this operation using URL.
The form looks like this:
<FORM action='download.php' method='post' encType='multipart/form-data'>
<TD bgcolor="white" valign="top" style="padding:10px;">
<TABLE cellspacing=0 cellpadding=0 width='100%'>
<TR>
<TD width='30%' align='center'>
Uploaded torrent code (date+hash):<BR>
<INPUT size=58 name="ref" value="1333f4f84bb41d5adc0f61e8f5a4658460da70b2737" style="font-size:10px;"><INPUT TYPE="hidden" NAME="reff" value="MTM3OTU2Mjk4OQ=="><BR>
downloaded: 27988<BR>
<INPUT type="submit" height=27 width=174 value=download border=0 name=submit valign="bottom" onclick="setpos(1);">
</TD>
</TR>
</TABLE>
</TD>
</FORM>
So I tried to use URL:
www.site.com/download.php?ref=1333f4f84bb41d5adc0f61e8f5a4658460da70b2737
but that doesn't work. Chrome seems to show me a browser based form data:
------WebKitFormBoundaryeqA3pQupG0ndfLMZ
Content-Disposition: form-data; name="ref"
1333f4f84bb41d5adc0f61e8f5a4658460da70b2737
------WebKitFormBoundaryeqA3pQupG0ndfLMZ
Content-Disposition: form-data; name="reff"
MTM3OTQ4NzQwMQ==
------WebKitFormBoundaryeqA3pQupG0ndfLMZ
Content-Disposition: form-data; name="submit"
download
------WebKitFormBoundaryeqA3pQupG0ndfLMZ--
What should I do now?

Post request can't be made in browser url.
-> This is is first way to do this
Sample post request using curl:
curl -F param1=val1 -F param2=val2 -F param3=val3 http://host:port/abc.json
Hit this in terminal/console/cmd
curl -F ref=1333f4f84bb41d5adc0f61e8f5a4658460da70b2737 www.site.com/download.php
-> Or install RestConsole in chrome browser using Google Web Store. There you can handle every kind of request.

curl + jsecurity authentication

I have a grails app that is using jsecurity plugin for authentication.
How do I use curl to send my credentials? If I just do curl -u username mysite
I get a prompt for a password, then nothing.
I tried to do an anyauth command and this is what I got for the site. Any idea why it is returning a 302?
dcole#DCOLE-L /cygdrive/c/dev
$ curl --anyauth --verbose http://localhost:8080/SkillsDB
* About to connect() to localhost port 8080 (#0)
* Trying ::1... connected
* Connected to localhost (::1) port 8080 (#0)
> GET /SkillsDB HTTP/1.1
> User-Agent: curl/7.20.1 (i686-pc-cygwin) libcurl/7.20.1 OpenSSL/0.9.8o zlib/1.
2.5 libidn/1.18 libssh2/1.2.5
> Host: localhost:8080
> Accept: */*
>
< HTTP/1.1 302 Moved Temporarily
< Server: Apache-Coyote/1.1
< Location: http://localhost:8080/SkillsDB/
< Transfer-Encoding: chunked
< Date: Thu, 07 Oct 2010 14:32:32 GMT
<
* Connection #0 to host localhost left intact
* Closing connection #0
here is additional information:
Rob is correct that it is form based. When I go to the address
http://localhost:8080/SkillsDB/auth/initialLogin
This is the form code that is displayed:
<form action="/SkillsDB/auth/initialSignIn" method="post" name="logform" id="logform">
<input name="targetUri" value="" type="hidden">
<input value="" widgetid="username" tabindex="0" id="username" class="dijit dijitReset dijitLeft dijitTextBox" dojoattachpoint="textbox,focusNode" name="username" dojoattachevent="onmouseenter:_onMouse,onmouseleave:_onMouse,onfocus:_onMouse,onblur:_onMouse,onkeypress:_onKeyPress" autocomplete="off" type="text"></td>
<input value="" widgetid="password" tabindex="0" id="password" class="dijit dijitReset dijitLeft dijitTextBox" dojoattachpoint="textbox,focusNode" name="password" dojoattachevent="onmouseenter:_onMouse,onmouseleave:_onMouse,onfocus:_onMouse,onblur:_onMouse,onkeypress:_onKeyPress" autocomplete="off" type="password"></td>
<td style=""><span widgetid="dijit_form_Button_0" class="dijit dijitReset dijitLeft dijitInline dijitButton" dojoattachevent="ondijitclick:_onButtonClick,onmouseenter:_onMouse,onmouseleave:_onMouse,onmousedown:_onMouse"><span class="dijitReset dijitRight dijitInline"><span class="dijitReset dijitInline dijitButtonNode"><button style="-moz-user-select: none;" tabindex="0" value="Log In" id="dijit_form_Button_0" aria-labelledby="dijit_form_Button_0_label" role="button" class="dijitReset dijitStretch dijitButtonContents" dojoattachpoint="titleNode,focusNode" name="" type="submit" wairole="button" waistate="labelledby-dijit_form_Button_0_label"><span class="dijitReset dijitInline" dojoattachpoint="iconNode"><span class="dijitReset dijitToggleButtonIconChar">✓</span></span><span class="dijitReset dijitInline dijitButtonText" id="dijit_form_Button_0_label" dojoattachpoint="containerNode">Log In</span></button></span></span></span></td>
</form>

If you're using a form-based authentication method, it's likely you're going to have to make an HTTP POST request to your login form, something along the lines of:
curl --data="username=foo&password=bar" http://localhost:8080/SkillsDB/login/auth
# note that '--data' causes the request to be a POST
I can't remember what JSecurity's login action is, but you'll have to replace login/auth (in the curl command above) with it. Have a look at the action of the <form> that the login page submits to.
Note that you'll be passing the password as plain text here. You'll probably want to use HTTPS for this transaction, but that's a whole different question.
Unless JSecurity is extending its authentication to use HTTP Basic Authentication, using the --anyauth is not likely to work, as I would imagine curl uses that to determine the proper HTTP authentication method.
Regarding your question about the 302, what happens when you add --location to your curl arguments? That should make curl follow the Location header that comes back in the response.