1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Python XenForo Module

Discussion in 'Off Topic' started by SteveMcGrath, Apr 28, 2011.

  1. SteveMcGrath

    SteveMcGrath New Member

    Hi everyone,

    I have been working on developing a application that needs to link to a XenForo forum. What I needed to do was send a PM to a user to validate they are who they said they are. As a result of which I have written the following python module. If there are any questions please feel free to ask ;)

    https://github.com/SteveMcGrath/pyxenforo

    [UPDATED: Removed the old wording as this now works \o/]
     
  2. SteveMcGrath

    SteveMcGrath New Member

    bump. If there is a moderator, can they move this to the proper forum? I am unfortunately not allowed to post anywhere but here.
     
  3. Brogan

    Brogan XenForo Moderator Staff Member

    If I move it to one of the customer forums you won't be able to reply.
     
  4. SteveMcGrath

    SteveMcGrath New Member

    gah! I'm sure my current problem is that the right people aren't viewing this thread. probably why it's sat.
     
  5. SteveMcGrath

    SteveMcGrath New Member

  6. Brogan

    Brogan XenForo Moderator Staff Member

    Presumably you have access to the XenForo source code?

    In which case are you writing this application for a XenForo customer?
    If so, ask them to add your forum account to their customer account and you will then have access to the customer forums.
     
  7. SteveMcGrath

    SteveMcGrath New Member

    I do not have access to the code. I am not writing this for a XenForo customer. I am simply trying to write a script that will PM a form user by mimicking the post/get requests needed to send a message. this is being done in order to validate that a user is who they say they are from the bukkit forums so that the repository system I am writing (http://bukget.org) doesnt get spammed with fake plugins.
     
  8. Brogan

    Brogan XenForo Moderator Staff Member

    Oh I see, so it has nothing to do with XenForo at all.
    I misunderstood the "I am trying to write an application external to XenForo" as it would interface with XenForo.

    I see what you're doing now.
     
  9. SteveMcGrath

    SteveMcGrath New Member

    Brogan: Yeah. honestly if I could just get some direction as to what XenForo is doing to handle these requests I could automate this process quite easily. All of my code will be sitting on a different server in a different location so trying to pull directly from the DB is a bad idea. I am using a legit user to perform the actions, its just a matter of walking through the steps.
     
  10. SteveMcGrath

    SteveMcGrath New Member

  11. Mike

    Mike XenForo Developer Staff Member

    We use an anti-CSRF token that basically prevents what you're trying to do. You can make requests and scrape it out; you can't generate it. For the most part, you should be able to watch the requests that are made in each step and reproduce them, modifying the bits that change.
     
  12. SteveMcGrath

    SteveMcGrath New Member

    Mike,

    interesting. I'm assuming this is being done in xenforo.js.

    Also I have been looking at the POSTs and GETs and in my examples, _xfToken is always ''. If there is another way to handle this that would be great.
     
  13. Mike

    Mike XenForo Developer Staff Member

    The token is generated server side and is different on every page view. You will have a token as a registered user.
     
  14. SteveMcGrath

    SteveMcGrath New Member

  15. Mike

    Mike XenForo Developer Staff Member

    You don't need the user cookie; you just need the session. But you don't get the user cookie without clicking the "remember me" button.
     
    avi likes this.
  16. SteveMcGrath

    SteveMcGrath New Member

  17. SteveMcGrath

    SteveMcGrath New Member

    Can the thread topic be changed to: Python XenForo Module.
     
  18. Lawrence

    Lawrence Well-Known Member

    As requested, :)
     
  19. SteveMcGrath

    SteveMcGrath New Member

    ty Lawrence!
     

Share This Page