I was after an automated way to determine if payments had come into my nab.com.au account.
For some reason, nab makes it very difficult to login with PHP and CURL. The main issue is they perform some client side password encoding with JavaScript.
Here is the code below;
//the following function emulates the JavaScript password encoding function check($p, $k, $a) { for ($i = 0; $i < strlen($p); $i++) { $p_charAt = substr($p, $i, 1); $r[$i] = $p_charAt; $pi = strpos($a, $p_charAt); if (($pi >= 0 && $i < strlen($k)) && ($pi !== false)) { $k_charAt = substr($k, $i, 1); $ki = strpos($a, $k_charAt); if ($ki >= 0) { $pi -= $ki; if ($pi < 0) { $pi += strlen($a); } $a_charAt = substr($a, $pi, 1); $r[$i] = $a_charAt; } } } return implode($r); } //grab the login page $curl = curl_init(); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20100101 Firefox/15.0.1'); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false); curl_setopt($curl, CURLOPT_REFERER, 'http://www.nab.com.au/cgi-bin/ib/301_start.pl?browser=correct'); curl_setopt($curl, CURLOPT_COOKIEFILE, $cookies); curl_setopt($curl, CURLOPT_COOKIEJAR, $cookies); curl_setopt($curl, CURLOPT_URL, 'https://ib.nab.com.au/nabib/index.jsp'); $ret = curl_exec ($curl); curl_close ($curl); if (preg_match('/id="webKey"\s*value=\s*"(.*?)"/i', $ret, $regs)) { $webKey = $regs[1]; } if (preg_match('/id="webAlpha"\s*value=\s*"(.*?)"/i', $ret, $regs)) { $webAlpha = $regs[1]; } if (preg_match('/name="org\.apache\.struts\.taglib\.html\.TOKEN"\s*value=\s*"(.*?)"/i', $ret, $regs)) { $token = $regs[1]; } $password = urlencode(check($password, $webKey, $webAlpha)); //login page $curl = curl_init(); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20100101 Firefox/15.0.1'); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($curl, CURLOPT_REFERER, 'https://ib.nab.com.au/nabib/index.jsp'); curl_setopt($curl, CURLOPT_COOKIEFILE, $cookies); curl_setopt($curl, CURLOPT_COOKIEJAR, $cookies); curl_setopt($curl, CURLOPT_POST, 1); curl_setopt($curl, CURLOPT_POSTFIELDS, "org.apache.struts.taglib.html.TOKEN={$token}&userid={$userid}&password={$password}&charityId=&applyOffers=&applyMyOffers=&applyHomeLoan=&applyPersonalLoan=&applyAcctSavings=&applyAcctTran=&applyTermDeposits=&applyCreditCards=&applyCreditCardLimit=&statementSettings=&newBillPayment=&newInternationalPayment=&login=Login"); curl_setopt($curl, CURLOPT_URL, 'https://ib.nab.com.au/nabib/loginProcess.ctl'); $ret = curl_exec ($curl); curl_close ($curl);
Thanks for this page for pointing me in the right direction.
Leave a Reply