Updated PHP code to automatically bid/buy an eBay auction item

This code is now obsolete and has been updated again.

Updated code to automatically bid on an eBay item, I’m currently using it myself if a loop of searched items.

Most of the changes are improved return status checking. For testing use one cent items with free shipping.

// MAIN BIDDING FUNCTION
// this function performs no checking on the input variables
// $username  -  the eBay user name
// $password  -  the eBay user password
// $item      -  the eBay item number to bid on
// $bid       -  the bid amount in local currency i.e. 5.67
// $link      -  referral link, can leave empty i.e. '' or use 'http://ebay.com'
function place_bid($username, $password, $item, $bid, $link) {

	$cookies = dirname(__FILE__).'/cookies.txt';
	
	//set success as default false
	$success = false;
	$bid_success = false;

	$curl = curl_init();
	curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
	curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20100101 Firefox/15.0.1');
	curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
	curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
	curl_setopt($curl, CURLOPT_REFERER, $link);
	curl_setopt($curl, CURLOPT_COOKIEFILE, $cookies);
	curl_setopt($curl, CURLOPT_COOKIEJAR, $cookies);
	
	//query the referal link page and grab tracking part
	curl_setopt($curl, CURLOPT_URL, $link);
	$ret = curl_exec ($curl);
	
	//query the sign-out page
	//curl_setopt($curl, CURLOPT_URL, "http://signin.ebay.com/ws/eBayISAPI.dll?SignIn&lgout=1");
	//$ret = curl_exec ($curl);
	
	//IMPORTANT		
	//query the sign-in page to set the cookies
	curl_setopt($curl, CURLOPT_URL, 'http://signin.ebay.com/aw-cgi/eBayISAPI.dll?SignIn&campid=5337161990&customid=7');
	curl_exec ($curl);
	
	//sign-in
	curl_setopt($curl, CURLOPT_URL, "http://signin.ebay.com/aw-cgi/eBayISAPI.dll?MfcISAPICommand=SignInWelcome&siteid=0&co_partnerId=2&UsingSSL=0&ru=&pp=&pa1=&pa2=&pa3=&i1=-1&pageType=-1&userid={$username}&pass={$password}&campid=5337161990&customid=7");
	$ret = curl_exec ($curl);
	if(curl_errno($curl)){
		ebaylog('Curl error: ' . curl_error($curl));
	}
	if (!$ret) {
		$ret = curl_exec ($curl);
		if(curl_errno($curl)){
			ebaylog('Curl error: ' . curl_error($curl));
		}
		if (!$ret) {
			$ret = curl_exec ($curl);
			if(curl_errno($curl)){
				ebaylog('Curl error: ' . curl_error($curl));
			}
		}
	}
	
	if (strpos($ret, "Member id {$username}") === FALSE) {
		if (preg_match('%<b class="altTitle">(.*)</b>%', $ret, $regs)) {
			$err = $regs[1];
			ebaylog("\"{$err}\"");
			if (strpos($err, 'The alerts below') === 0) {
				ebaylog("{$item}: 'The alerts below' found, successful");
				//set it to succes
			}
		} else {
			ebaylog("{$item}: Failed signing in");
			if (preg_match('%<font face=".*?" size="3"><b>(.*?)</b></font>%', $ret, $regs)) {
				$err = $regs[1];
				ebaylog("\"{$err}\"");
			}
			
			test_write($ret);
			goto end;
		}
		
		
	} else {
		ebaylog("{$item}: Success signing in");
	}
	
	
	//place the inital bid
	curl_setopt($curl, CURLOPT_URL, "http://offer.ebay.com/ws/eBayISAPI.dll?MakeBid&item={$item}&maxbid={$bid}&campid=5337161990&customid=7");
	$ret = curl_exec ($curl);
	if(curl_errno($curl)){
		ebaylog('Curl error: ' . curl_error($curl));
	}
	if (!$ret) {
		$ret = curl_exec ($curl);
	}

	if (preg_match_all('/(?:value="([-0-9a-zA-Z]*)" *)?name="stok"(?: *value="([-0-9a-zA-Z]*)")?/', $ret, $regs)) {
		$stok = $regs[1][0];
	} else {
		//Failed to get 'stok' value
		//try and determine why
		if (preg_match('%
<div class="statusDiv">(.*?)</div>

%', $ret, $regs)) {
			$err = $regs[1];
			ebaylog("'{$err}'");
			//if string starts with "Enter US $0.41 or more"
			if (stripos($err, 'Enter') === 0) {
				ebaylog("{$item}: 'Enter' found, aborting");
				//set it to success
				$success = true;
			} else if (stripos($err, 'To enter a') === 0) {
				ebaylog("{$item}: 'To enter a' found, aborting");
				//set it to success
				$success = true;
			} else if (stripos($err, 'Transaction Blocked') === 0) {
				ebaylog("{$item}: 'Transaction Blocked' found, aborting");
				//set it to success
				$success = true;
			}
			
		} else if (preg_match('%"\d*" - Invalid Item</div>

%', $subject)) {
			ebaylog("{$item}: 'Invalid Item' found, aborting");
			test_write($ret);
			//set it to success
			$success = true;
		} else if (preg_match('%
<div class="subTlt">
<ul class="errList">
<li>(.*?)</li>
</ul>
</div>

%', $subject)) {
			ebaylog("{$item}: 'no longer available' found, aborting");
			test_write($ret);
			//set it to success
			$success = true;
		} else if (preg_match('%id="w\d-\d-_msg".*?>(.*?)</span>%', $ret, $regs)) {
			ebaylog("'{$regs[1]}'");
		} else if (preg_match('%<div\s+class\s*=\s*"(?:errRed|errBlk|errTitle|statusDiv)"\s*>(.*?)</div>

%i', $ret, $regs)) {
			ebaylog("'{$regs[1]}'");
		} else {
			//don't know why so log the page
			ebaylog("{$item}: Failed to get 'stok' value");
			test_write($ret);
		}
		goto end;
	}
	
	if (preg_match_all('/(?:value="([-0-9a-zA-Z]*)" *)?name="uiid"(?: *value="([-0-9a-zA-Z]*)")?/', $ret, $regs)) {
		$uiid = $regs[1][0];
	} else {
		ebaylog("{$item}: Failed to get 'uiid' value");
		goto end;
	}
	

	if ($stok && $uiid) {
		ebaylog("{$item}: Success placing initial bid");
	} else {
		ebaylog("{$item}: Failed placing initial bid");
		goto end;
		
	}
	
	//confirm the bid
	curl_setopt($curl, CURLOPT_URL, "http://offer.ebay.com/ws/eBayISAPI.dll?MfcISAPICommand=MakeBid&maxbid={$bid}&quant=1&mode=1&stok={$stok}&uiid={$uiid}&co_partnerid=2&user={$username}&fb=0&item={$item}&campid=5337161990&customid=7");
	$ret = curl_exec ($curl);
	if(curl_errno($curl)){
		ebaylog('Curl error: ' . curl_error($curl));
	}
	if (!$ret) {
		$ret = curl_exec ($curl);
	}
	
	//perform a number of tests to determine if the bid was a success
	$bid_success = true;
	if (stripos($ret, "you're the first bidder") === FALSE) {
		if (stripos($ret, "you're the high bidder and currently in the lead") === FALSE) {
			if (stripos($ret, "you're currently the highest bidder") === FALSE) {
				$bid_success  = false;
				ebaylog("{$item}: Failed placing final bid");
				//try and determine why
				if (preg_match('%<div\s+class\s*=\s*"(?:errRed|errBlk|errTitle|statusDiv)"\s*>(.*?)</div>

%i', $ret, $regs)) {
					$err = $regs[1];
					ebaylog("'{$err}'");
					if (stripos($err, 'Enter') === 0) {
						ebaylog("{$item}: 'Enter' found, aborting");
						//set it to success
						$bid_success = true;
					} else if (stripos($err, "You've just been outbid") === 0) {
						ebaylog("{$item}: 'You've just been outbid' found, aborting");
						//set it to success
						$bid_success  = true;
					} else if (stripos($err, "You're currently the high bidder,") === 0) {
						ebaylog("{$item}: 'You're currently the high bidder, but the reserve hasn't been met.' found, aborting");
						//set it to success
						$bid_success  = true;
					}
				} else {
					//we don't know why it failed so write the data
					test_write($ret);
				}
			}
		}
	}
	
	if ($bid_success) {
		ebaylog("{$item}: Success placing final bid");
		$success = true;
	}
	
	end:
	
	//close the curl session
	curl_close ($curl);
	
	if ($success) {
		ebaylog("{$item}: Success: {$username}");
	} else {
		ebaylog("{$item}: Failure: {$username}");
	}
	
	return $success;
}

//for testing
function test_write($out) {
	$fh = fopen(dirname(__FILE__).'/'.date('Y-m-d H-i-s').'.html', 'w');
	fwrite($fh, $out);
	fclose($fh);
}

//simple logging function
function ebaylog($msg) {
	$msg = "{$msg}\r\n";
	echo $msg;
	$fh = fopen(dirname(__FILE__).'/ebay-log.txt', 'a');
	fwrite($fh, date('Y-m-d H-i-s')." {$msg}");
	fclose($fh);
}

Posted

6 January 2014

eBay, PHP

MECTILE

Tags:

auction, automate, bid, bidding, buy, code, snipe

Comments

39 responses to “Updated PHP code to automatically bid/buy an eBay auction item”

pepe

7 January 2014

Hi, I’m getting the same cookies error, you script creates the cookies.txt, ebaylog and the “htmls” for testing in the same directory of script, opening the htmls the same browser is blocking cookies error appears

Reply
1. Travis h
  
  7 January 2014
  
  Are you using PHP 5?
  
  Reply
  1. pepe
    
    7 January 2014
    
    yes 5.3
    
    Reply
2. Travis h
  
  7 January 2014
  
  else, not really sure what the issue is.
  The above code I am currently using personally.
  
  one last thing you can try, copy this pre-populated cookie file to the location,
  http://mectile.com/downloads/cookies.txt
  
  Reply
  1. pepe
    
    7 January 2014
    
    after change with your cookie file the error persits but I cannot see the html file becuase the new files generated have 0 bites (empty files), and when I delete the your cookies file and let the script generate their own script the htmls come back with the cookies error
    
    Reply
    1. Travis h
      
      7 January 2014
      
      where are you reading the error from if the html file is empty?
      
      Reply
      1. pepe
        
        7 January 2014
        
        on the browser appears this error:,
        191023719989: Failed signing in
        191023719989: Failure: greatd******
      2. Travis h
        
        7 January 2014
        
        this is when you use my cookies.txt file as well?
        what does the outputted html file say?
      3. pepe
        
        7 January 2014
        
        the browser error is the same with one or the other cookies file, but. when I use your cookies file the html file generated have 0 bites, but when I use the self generated file of script the html have the cookies error,
      4. Travis h
        
        7 January 2014
        
        you can’t use what you see on the browsers to troubleshoot the errors. the only way is to return the curl output to a html file. If a file is being generated with 0 bytes something else is wrong. you need to investigate more, I can’t really help you.
        Like I said, I use the code exactly as it is myself.
3. Travis h
  
  22 August 2017
  
  pepe, updated here
  http://mectile.com/updated-2017-php-code-to-automatically-bidbuy-an-ebay-auction-item/
  
  Reply
The Tooz

10 January 2015

Hey Travis – having issues with this script too.

I can see the cookie.txt getting populated and I can also see the html files getting created which when I run them I get: “Your email/user ID or password is incorrect”. I can enter in the same username and password that is in the code on the html generated and it signs me in with no problem. Your thoughts.

Reply
1. MECTILE
  
  10 January 2015
  
  Hi Tooz
  
  I am really not sure what the issue is, works perfectly for me.
  
  Does your username or password contain any special characters that need to be escaped prior to pass to http://signin.ebay.com?
  
  Download ‘Live HTTP Headers’ for Firefox, manually login to eBay and see if the string in Live HTTP Header is the same as that used in the code to sign in.
  
  Maybe do an echo “http://signin.ebay.com/aw-cgi/eBayISAPI.dll?MfcISAPICommand=SignInWelcome&siteid=0&co_partnerId=2&UsingSSL=0&ru=&pp=&pa1=&pa2=&pa3=&i1=-1&pageType=-1&userid={$username}&pass={$password}&campid=5337161990&customid=7”
  
  Travis
  
  Reply
The Tooz

10 January 2015

does this need to be changed at all?
http://signin.ebay.com/aw-cgi/eBayISAPI.dll?SignIn&campid=5337161990&customid=7

Reply
1. MECTILE
  
  10 January 2015
  
  Tooz,
  
  That line is only there to initially set the cookies, I have found that it is an initial requirement, once the cookies are set you can comment this line out as long as you don’t delete you cookies.txt file.
  
  The ‘//sign-in’ code after it is what is used to actually sign in.
  
  You can remove ‘campid=5337161990&customid=7’ throughout as that is only my eBay Partner Network id.
  
  Travis
  
  Reply
Tooz

13 January 2015

Travis –

Thanks for the response back.

My username contains dashes and my password contains pound sign and exclamation mark.

I assumed it was not needed so removed your Ebay Partner Network id.

For special characters I used ascii and when I echo the url here is what I get

https://signin.ebay.com/aw-cgi/eBayISAPI.dll?MfcISAPICommand=SignInWelcome&siteid=0&co_partnerId=2&UsingSSL=1&ru=&pp=&pa1=&pa2=&pa3=&i1=-1&pageType=-1&userid=xxxxx-xxxxxxxxx&pass=#yyyyyyyyyyyyyyyyy!

so it appears correct. I remove my real username and password but the url echo is exactly what I place in it.

I downloaded the firefox add-on and have no clue what I am looking for.

Your thoughts. Thanks

Reply
Tooz

13 January 2015

Travis – found this in the Ebay log:

2015-01-12 21-20-35 : Failed signing in

2015-01-12 21-20-35 : Failure: xxxxx-xxxxxxxxxxx-

So I am going to assume it is the escaping special characters as the issue. Your thoughts?

Tooz

Reply
1. MECTILE
  
  13 January 2015
  
  hi Tooz
  
  I did a quick test on the pass word, if I have a password of “!@#$%^&*()”, then what needs to be sent is “%21%40%23%24%25%5E%26*%28%29”
  
  So try adding the line;
  $password = urlencode($password);
  
  Travis
  
  Reply
The Tooz

13 January 2015

Hey Travis –

Using the code from the top of this page… this is what I did:

I put this at the bottom of the page –
$bid = place_bid(‘my username’, ‘my password’, ”, ”, ‘http://www.ebay.com’);

Added this line:
$password = urlencode($password);

just after
function place_bid($username, $password, $item, $bid, $link){

have cookies.txt in the root (I can delete the data from it and it reappears the next time I run it so I know that works).

and I send everything to this url:

http://signin.ebay.com/aw-cgi/eBayISAPI.dll?MfcISAPICommand=SignInWelcome&siteid=0&co_partnerId=2&UsingSSL=0&ru=&pp=&pa1=&pa2=&pa3=&i1=-1&pageType=-1&userid={$username}&pass={$password}

I get the same error:

2015-01-12 23-46-29 : Failed signing in

NOTE – If I take the url and copy/paste it into the browser replace the {$username} with my username and replace the {$password} with my encoded password…. it logs on through the browser.

Your thoughts….

Reply
1. MECTILE
  
  13 January 2015
  
  try removing ‘$password = urlencode($password);’
  
  and for your my_password pass it the encoded password that you know works, this is what I am currently doing myself.
  
  Reply
The Tooz

13 January 2015

Hey Travis –

Nothing changed. Still getting the login error. I can not figure out why the url will work in the browser, but not through your script.

Reply
The Tooz

13 January 2015

Also to note I am now getting the blocking cookies issue. Both chrome and safari and when I check cookies are enabled.

Reply
The Tooz

14 January 2015

Hey Travis – Not sure what you have to get your’s to work, but I could not get this to login along with others that have posted here. I am going to give up on this approach. Invested 8 hours already and I am no closer than from the beginning.

Tooz

Reply
1. MECTILE
  
  14 January 2015
  
  I am also stuck for ideas, like I said, this is the code I am actively using.
  I use it with Hostgator, PHP 5.4.
  
  If you are getting blocked cookies when you are manually logging in, you need to load the signin page first, this will set the cookie file read for the login.
  
  Still try Live HTTP headers, basically when you have the plugin running and you login manually, you can see the string that is sent to eBay, you can use this a verification that the scripts string is the same.
  
  Reply
The Tooz

15 January 2015

Travis –

I have a godaddy vpn and also using 5.4

1) When I log in manually I have no issues.
2) When I copy the url from the script and paste it in the browser I have no issues.
3) When I run the script I get the cookies issue both in chrome and in firefox, but it will update my cookies.txt

Reply
The Tooz

15 January 2015

Travis – I am running Live HTTP Headers and you wrote ” you can see the string that is sent to eBay” …. which specific string should I be looking for? There is a lot.

Reply
The Tooz

15 January 2015

I ran Live HHTP Headers and I found a string starting with MfcISAPICommand=SignInWelcome followed by 1000 letters, numbers, characters.

I added http://signin.ebay.com/aw-cgi/eBayISAPI.dll? to the front of it…. and pasted it into the browser and it logs me in no problem. I added that in the script and called it $url_test

curl_setopt($curl, CURLOPT_URL, $url_test);

when I run the script I get the cookies issue.

I wonder since you have a ebay partner network id if maybe your site is registered so ebay does not block cookies.

Reply
The Tooz

15 January 2015

Travis – I suspect it is the cookies.txt

When I run the code and get cookies for the cookies.txt vs just looking at the cookies in Live HTTP Headers they are not even close to the same.

I looked at your cookies.txt that you attached as a link… you have a bunch of lines…. my cookies.txt has like maybe 5 or 6 and they do not even look like the one’s in Live HTTP so I am trying to figure out how to possibly rewrite the cookies.txt file to match what I see in Live HTTP.

Reply
MECTILE

15 January 2015

Hi Tooz

I realised something, have you been checking the output HTML or only the logs to check if it is signed in?

A while back eBay changed the page after you signin so that my checks didn’t work any more and I had to change it.

Can you try the following slightly modified;
http://mectile.com/downloads/ebay-v3.php.txt

Alternatively, look at the output HTML when it signs in, it might actually be working.

Travis

Reply
MECTILE

15 January 2015

Here is a bit of code that I tested locally to signin to eBay and then output the myebay page.

To know if it works the myebay page should show your username.

php code;
http://mectile.com/downloads/ebay-test.php.txt

Reply
The Tooz

15 January 2015

Travis – “To know if it works the myebay page should show your username.” Success!!!!

Testing the first txt that you sent me now…will update you.

The Tooz

Reply
The Tooz

15 January 2015

Travis –

ok I ran the new main script and I was able to sign in.

I ran it a second time and I get “Sorry, we couldn’t complete your request. Try again later.” No HTML file was created either.

so I tried your test script again, which ran through, but returned the same message “Sorry, we couldn’t complete your request. Try again later.”

Your thoughts….

Reply
MECTILE

15 January 2015

Where are you getting the ‘Sorry, we couldn’t complete your request. Try again later.’ message?

To me that sounds like a message you receive if JavaScript is disabled which naturally be if you are using curl.

Reply
The Tooz

15 January 2015

Travis – I am getting that on Ebay’s My Ebay page …. it logs in where I can see my username and that message appears in the middle of the page below the username.

Reply
MECTILE

16 January 2015

Tooz, that is normal, I think because the page uses JavaScript to fetch the items. Don’t worry about it.

Does the rest of the code work?

Reply
MECTILE

18 January 2015

Tooz, can you please let me know if you managed to get the code working. thanks

Reply
Trina McLaren

7 June 2017

Hello, any idea if this still works on eBay? I know they’ve been trying to make automatic bidding more difficult (even eBay developers have to go through a special application process to allow bidding).

I will install Apache just to use this script if it still works!

Reply
1. Travis h
  
  7 June 2017
  
  Hi Trina
  It stopped working when eBay defaulted to HTTPS, I’ll update once I get it working again.
  
  Reply
2. Travis h
  
  22 August 2017
  
  Trina, updated here http://mectile.com/updated-2017-php-code-to-automatically-bidbuy-an-ebay-auction-item/
  
  Reply