Code: Select all

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://eu.wowarmory.com/login.xml");
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0(Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1(ax)");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "accountName=<account>&password=<password>&redirectUrl=/guild-bank-contents.xml%3Fr=Lightning%27s+Blade%26n=Parental+Advisory");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_REFERER, "http://eu.wowarmory.com/guild-bank-contents.xml?r=Lightning%27s+Blade&n=Parental+Advisory");
curl_setopt($ch, CURLOPT_COOKIEFILE, "\\");
curl_setopt($ch, CURLOPT_COOKIEJAR, "\\");
$result1 = curl_exec($ch);
curl_setopt($ch, CURLOPT_URL, "http://eu.wowarmory.com/guild-bank-contents.xml?r=Lightning%27s+Blade&n=Parental+Advisory");
$result2 = curl_exec($ch);
curl_close($ch);

We basically need to authenticate with the first curl_exec, and on the second one to get the data (XML), guild bank contents. Now issue is, on the first exec (echo $result1) it says "Redirecting in 10 sec" meaning it worked and it logged in. But on the second it wants me to login before showing the site. I tried to put both queries in one curl session but it didn't work.

Any ideas on this issue?

Oh yeah, if you got PHP and cURL you can check how the two responses look, use this on the bottom of the script:

Code: Select all

echo str_replace("window.location.href","//window.location.href",$result1)."<hr>".str_replace("window.location.href","//window.location.href",$result2);

I can not help you with CURL specific commands to obtian info from your Guild bank after being identified. Your question is a valid one, but IMHO it goes way beyond WoWRoster issues - it's needs heavy XML knowledge

The Armory addon has already enough 'troubles' enough to obtain info the non-protected pages.

I'll advise you to read the part in this forum that debates WHY no roster addon was writen that obtains Guild Vault Info from the Armory.
It's already a known case that your SQL credentials have to be present on your server (for logic reasons).
Putting also you own WoW login crendentials on your Web server is even worse When your web server is being hacked, your can say Good Buy to your WoW account !

Think about people that use your code.
YOU might be a responsable guy that protected your server enough so that YOU don't mind to hardcode your WoW codes onto your server (web pages or in SQL tables).
The thing is : many people just can't say that. They 'think' their server is save. Many are just plain wrong about that, and they will pay the price afterwards.

What I want to say is : don't be surprised that your code will NOT be made public here (not be allowed to), because it will really expose some WoW players to 'huge' risks.
And the press will say : "WoWRoster will give make your WoW credentails public..."
You and I know that this is not true - but that's not important at that very moment.

I do have the Guild vault in my roster (and the money, and the logs), and I never had to do anything for having it up to date (updated several times a day) - and I'm using already existing tools.

You might consider searching for Web pages that talk about substracting XML info from server pages. Some info is already present in this fourm, look into the Armory WoWRoster addon pages from from Poetter.