[Ebayagent-users] [PATCH] make eBayAgent work again...

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi,

The attached patch makes eBayAgent work again. I tested it only in
the '.com' locale, someone need to verify the .de locale.

(BTW, I did a test on the .de locale, trying to bid 11 euros on
a item and ebayagent put a bid of 1100 (!!!) euros on that item.
Fortunately I was able to retract that bid but someone needs to
look into this, a quick analysis seemed to show that this was because
of the bidvalue_locale() function replacing '.' with ','. Maybe this
is not needed anymore ?)

Back to my patch.

What I did is modify the bidding process to work in 3 steps instead
of the original 2 (just like you do in a browser):
	* step 1: input your bid amount
	* step 2: input your user/pass
	* step 3: click on confirm
The page loaded in the 1st step gives the URL for the SignInWelcome
POST (with the ru="" pointing to the bid). The page loaded in the 2nd
step gives the bidding key and a new password (maybe a hash on the
real password ?). The key and the new password are then use to confirm
the bidding in the third step.

Remark: the $bidurl/$bidurl2 used by eBayAgent are not the correct ones
(a real browser would use different urls), for example in the first
step eBayAgent requests:
    http://offer.ebay.com/ws3/eBayISAPI.dll?MfcISAPICommand=MakeBid&item=5118290506&maxbid=11.00&quant=1
but the browser asks for:
    http://signin.ebay.com/ws1/eBayISAPI.dll?MfcISAPICommand=MakeBid&fb=2&co_partnerid=&item=5118290506&maxbid=4

However, eBayAgent works even with the wrong URL so I haven't changed
those. For corectness this should however be corrected, by extracting
the URL from the form and not with a *offer* regexp...

I am not a perl expert, neither a web programming expert, even less an
eBay scripting guru, so please be extra careful before using/accepting
this patch. I don't wanna be responsible for your misplaced bids :)

Stelian.

Index: eBayAgent.pl
===================================================================
RCS file: /cvsroot/ebayagent/eBayAgent/eBayAgent.pl,v
retrieving revision 1.109
diff -u -r1.109 eBayAgent.pl

--- eBayAgent.pl	20 Aug 2004 16:31:30 -0000	1.109
+++ eBayAgent.pl	26 Aug 2004 12:19:44 -0000
@@ -1589,17 +1589,29 @@
 
 	my $req;
 	my $post = &bidpost1_locale($item, $ubid);
-        dprint("POST(1/2): ", crypturl($post));
-	$req = new HTTP::Request POST => $bidurl;
-	$req->content_type ('application/x-www-form-urlencoded');
-	$req->content ($post);
+        dprint("BID(1/3): ", crypturl($post));
+	my $res = getpage($bidurl . "?" . $post);
 	
-	my $res = response($req);
 	checkbadhttp_bid();
         
-	my $res_tmp = uri_unescape($res->content);
+        my ($tmp, %all) = getallhiddeninput($res, "SignInWelcome");
+
+        error_exit("Could not get 'Referring URL' information, quitting\n")
+                if (! exists $all{"ru"});
+
+        $all{"ru"} =~ s/\&amp\;/&/g;
+
+	$req = new HTTP::Request POST =>'http://signin.ebay.com/ws/eBayISAPI.dll';
+	$req->content_type ('application/x-www-form-urlencoded');
+		
+	$post = "MfcISAPICommand=SignInWelcome&UsingSSL=0&ru=" . uri_escape($all{"ru"}) . "&userid=$user&pass=$pass";
+        dprint("BID(2/3): ", crypturl($post));
+	$req->content ($post);
+	$res = response($req);
+	checkbadhttp_bid();
 
         # Bidding key extraction (2 possibilities)
+	my $res_tmp = uri_unescape($res->content);
 	my $tkey = "";
 	if ($res_tmp =~ m/"key" value="(.*?)"/)
         {
@@ -1616,6 +1628,10 @@
                 error_exit();
         }
 
+        my ($tmp, %all) = getallhiddeninput($res, "Submit");
+        error_exit("Could not get 'New password' information, quitting\n")
+                if (! exists $all{"pass"});
+
         if ($debug_donotbid)
         {
                 dprint("SKIPPING BIDDING PROCESS (Bid key: \'$tkey\')\n");
@@ -1623,10 +1639,12 @@
         else
         {
                 dprint("Bid key: \'$tkey\'");
+                $pass = $all{"pass"};
+                dprint("New password: \'$pass\'");
                 my $req = new HTTP::Request POST => $bidurl2;
                 $req->content_type ('application/x-www-form-urlencoded');
                 $post = &bidpost2_locale($item, $tkey, $ubid, $user, $pass);
-                dprint("POST(2/2): ", crypturl($post));
+                dprint("BID(3/3): ", crypturl($post));
                 $req->content ($post);
                 $res = response($req);
                 checkbadhttp_bid();
@@ -2246,6 +2264,8 @@
 
         while (
                ($tmp2 =~ s/input\s+type=\"?hidden\"?\s+name=\"?(\S+?)\"?\s+value=\"([^\"]+?)\"\>//i)
+	       ||
+               ($tmp2 =~ s/input\s+type=\"?hidden\"?\s+name=\"?(\S+?)\"?\s+value=\"([^\"]+?)\"\s//i)
                ||
                ($tmp2 =~ s/input\s+type=\"?hidden\"?\s+name=\"?(\S+?)\"?\s+value=\"?(\S*?)\"?\>//i)
               )
-- 
Stelian Pop <st...@po...>    


