#-  Description:
#--   This script logs onto a particular Yahoo! Geocities WebSite 
#--   account 
#--
#--   A description of the process of the script is as
#--   follows:
#--    1) Get the Yahoo! Geocities Login Form from http://www.geocities.com
#--    2) Put the user account information into the form
#--       (user-name & password)
#--    3) Reformat the 'input' fields in the form so that
#--       they can be used by the curl -d switch
#--       (i.e. strip html tags, url encode fields, remove
#--        newline characters etc)
#--    4) Post (submit) this information to the Form's target
#--       and save any cookies and headers which the server
#--       sends. Also follow any redirects which the server
#--       specifies. Save these cookies into a file called headers.txt or 
#         maybe something else
#--
#--
#-- NOTES:
#--   This appears to be succesfully logging in to the geocities server.
#     (august 2003)
#
#--   The script needs to overcome several devices used
#--   by yahoo.
#--     a) The use of cookies
#--     b) The use of automatic redirects of the web-client
#--        (using the LOCATION http header field)
#--     c) The use of ssl to encrypt the logon process
#--     d) The use of hidden fields with random numbers within
#--        the Yahoo! Mail Log-in Form to discourage automatic logins
#--
#--   These things can all be overcome because of the
#--   capabilities of the 'curl' non-interactive web client.
#--
#--   This script has been got to work on Linux (Redhat), and an older version
#     worked on the cygwin shell on Microsoft Windows
#
#-- NOTE TO YAHOO ENGINEERS:
#--   This script was not written out of malicious-ness
#--   towards yahoo but because I am not able to get
#--   a credit card since I dont have a job currently
#--   and therefore I am not able to pay for a 'premium'
#--   package which includes pop forwarding of mail (or ftp access to yahoo 
#--   geocities).
#--   
#-- Revisions:
#--   may 2002, I created the script 'getYMail.txt' which was the antecedent to this
#       one
#--   august 2003, Barcelona, I am revising this script in order to adapt it
#--    to uploading a file to a free geocities account. Also I would like to 
#--    rewrite this as a java application, (even an applet, although that is a little
#--    optimistic) so that it could be used from an internet cafe or from some
#--    other somewhat 'hostile' location. 
#   See Also:
#     upload-geocities.sh
#
#
# Dependencies:
#    
#    A reasonable Bash shell, a good 'sed'
# Author:  mj bishop (matth3wbishop@yahoo.com)
#--
#--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*

sTargetUrl=""              #-- The initial target of the login form                                                           
sInitialUrl="http://www.geocities.com"
sAccountPassword=""
sAccountName="matth3wbishop"
sResultPage="other-side.html"
sFormDataFile="form-data.txt"
#- The path below is useful for running under the cygwin shell which for
#- some reason mounts the hard drives on this path (cygdrive)
# -- sCookieFileName="/cygdrive/c/mjb/headers.txt"
# sCookieFileName="/tools/geoftp/headers.txt"


sCookieFileName="headers.txt"
 
#- This file will contain a set of headers which the yahoo geocities server
#- sends back to the users browser during the login process. These headers contain
#- the necessary cookies required to 'maintain' the yahoo geocities session.


#-- Extract the form fields from the html
#--

 #- Here are few example user agent strings to disguise ourselves with
 sUserAgent='Lynx/2.7.1 libwww-FM/2.14'
 sUserAgent='Lynx (Linux; U; Redhat Linux; en-US;'
 sUserAgent='Mozilla/4.05 [en] (X11; U; Linux 2.0.32 i586)'     



 if [ "$1" = "" ]
 then
   echo "usage: $0 accountPassword accountName "
   cat $0 | sed -n "/^[ ]*#/p" 
   exit 1;
 else
   sAccountPassword="$1"
 fi

 if [ "$2" != "" ]
 then
   sAccountName="$2"
 fi

curl -L -A "$sUserAgent" http://www.geocities.com > login-form.html


sTargetUrl=$(uexpand login-form.html | sed -n '/<form.*name=login_form/s/.*action= *\([^ ]\+\) .*/\1/p')

#-- The unix expand program has been renameed to uexpand so that it
#-- will not interfer with the microsoft program of that name
#-- If this script runs on Unix the u infront of the expand command should
#-- be removed


   
#-- The code below wont work if the tags are upper case, unless sed 
#-- is working in a case insensitive way, which is unlikely
echo "sTargetUrl=$sTargetUrl";

uexpand login-form.html | \
  sed -n '/<form.*name=login_form/,/<\/form>/p' | \
  sed '/<input.*name=/!d' | \
  sed "s/.*\(<input[^>]\+>\).*/\1/g" | \
  sed 's/.*name="\([^"]*\)".*value="\([^"]*\)".*/\1=\2/g' | \
  sed 's/.*name="\([^"]*\)".*value=[ ]*\([^ >]\+\)[ >].*/\1=\2/g' | \
  sed 's/.*name=[ ]*\([^ >]\+\)[ >].*value="\([^"]*\)".*/\1=\2/g' | \
  sed "s/.*name=[ ]*\([^ >]\+\)[ >].*/\1=/g" | \
  sed "s/login=.*/login=$sAccountName/g" | \
  sed "s/passwd=.*/passwd=$sAccountPassword/g"  | \
  sed -e 's/ *$//g' -e 's/^ *//g' | sed 's/ /+/g' | \
  sed 's/$/\&/g' | tr -d '\012' > $sFormDataFile

 sManagerUrl="http://geocities.yahoo.com/filemanager"

 #-- The line below submits the form data gathered above and collects the 
 #-- cookies which the geocities server sends back in the file 'headers.txt'
 curl -L -A "$sUserAgent" -D $sCookieFileName -d @form-data.txt -L $sTargetUrl > $sResultPage 
 
 sInvalidPasswordFlag=""
 sInvalidPasswordFlag=$(cat other-side.html | grep -Ei "Invalid Password")

 if [ "$sInvalidPasswordFlag" != "" ]
 then
   echo "
    ERROR: [$sAccountName] Invalid Password
    The login process for the geocities account $sAccountName appeared to fail. 
    You probably entered an incorrect password for this account. Please check it and
    try again. 
    
    You can also check the files $sResultPage, $sCookieFileName and
    $sFormDataFile for the reason. The first shows the response returned by
    geocities. The second contains the cookies submitted to the geocities
    server, and the third contains the login data which was posted to the
    server."

    exit 1;
 fi


 #-- Lets just test that it worked OK
 curl -L -A "$sUserAgent" -b $sCookieFileName $sManagerUrl > $sResultPage 

sLoginBox=""
sLoginBox=$(cat other-side.html | grep -Ei "<input.*name=[\"']?passwd[\"']?")
sUploadHtml=""
sUploadHtml=$(cat other-side.html | grep -Ei "<input.*name=[\"']?op-uploadtodir[\"']?")

#- Used for debugging
if [ "x" = "y" ]
then
  echo "
    sLoginBox=$sLoginBox
    sUploadHtml=$sUploadHtml"
fi


if [ "$sUploadHtml" != "" ]
then
  echo "
    SUCCESS: [$sAccountName]
    The login process for the geocities account $sAccountName appeared to succeed.
    The cookies have been stored in a file called $sCookieFileName "
elif [ "$sLoginBox" != "" ]
then
  echo "
    ERROR: [$sAccountName]
    The login process for the geocities account $sAccountName appeared to fail. 
    Check the files $sResultPage, $sCookieFileName and $sFormDataFile for the
    reason. The first shows the response returned by geocities. The second
    contains the cookies submitted to the geocities server, and the third
    contains the login data which was posted to the server."
else
  echo "
    NOTE: [$sAccountName]
    The login process for the geocities account $sAccountName may have succeeded or failed.
    Check the file $sResultPage to see if the login succeeded or not. If not,
    check the files $sCookieFileName and $sFormDataFile."
fi


exit 1;