Automated esniper bug report.
esniper version 2.31.0
libcurl/7.43.0 OpenSSL/1.0.2d zlib/1.2.8 libidn/1.28 librtmp/2.3
Error encountered in function ebayLogin in auction.c line 489
auction = 161897120811, price = 25, remain = 0
latency = 0, result = -1, error = 19
buf = 0x7f044ec40010, size = 175032, read = 0x7f044ec40010
time = 1448484217, offset = 0
pagename = "Black Friday Deals Now On!", pageid = "(null)", srcid = "(null)"
specified options or config values:
1 x username(u) =
1 x password() =
1 x seconds(s) = 5
1 x quantity(q) = 1
1 x (f) = "kreisschneider"
1 x reduce() = 1
1 x bid() = 1
1 x debug(d) = 1
1 x batch(b) = 0
1 x logdir(l) = "/home/me/esniper/log"
unknown pageinfo
I've started the same auction file yesterday without any problems. However today some other auctions failed with the same error.
I'm able to log in manually without any notice whatsoever.
The attached page seems to show special offers after successful login. I guess it indicates successful login because it shows"Hi Lars!" in the top line.
It seems difficult to check for successful login with this change. (A detailed analysis is necessary.)
Probably it is a temporary change (because of "black friday").
As a workaround: Stop bidding on auctions for a few days. Maybe try again on Saturday.
Last edit: Bodo 2015-11-25
Hi,
since this mornig, I have the same problem like Brainbug02. Same error on different machines
Strange
Let's see if this is a temporary change. If not we need a modified login method.
Ebay used to present certain pages like "My Ebay Summary" after successful login. Currently esniper gets a page that is difficult to recognize as a successful login.
I've tried to change the server to ebay.de where no black Friday page is displayed - without any changes. The dumped html file was the regular ebay landing page (after login).
I have also recompiled the source and changed login page to#define DEFAULT_LOGIN_HOST "signin.ebay.de", which redirects to the login page.
The result is just a german pagename in error output log:
pagename = "Elektronik, Autos, Mode, Sammlerst ?cke, Gutscheine und mehr Online-Shopping | eBay", pageid = "(null)", srcid = "(null)"
So, something went realy wrong during login
Last edit: ticketack 2015-11-26
The login itself seems to be okay. In the detailed log files I have found this line.
2015-11-26 16:55:14.149157 https://signin.ebay.de/ws/eBayISAPI.dll?SignInWelcome&userid=MYLOGINNAME&pass=**&keepMeSignInOption=1
MYLOGINNAME was replaced by my real login name.
I have copied this to the addressline of my browser and replaced the five stars (*) with my real password, The "#" in my password I have substituted by "%23" and this works fine fine for signin.ebay.de and for signin.ebay.com as well.
I will check the logs later, I have to leave now. The log for one failed bid/login is > 22k lines - wow.
I agree that the login is successful, but esniper does not recognize the resulting page. Some years ago Ebay's HTML pages used to have machine-readable page IDs in the Javascript code, but currently we have to check the page title or even check other strings in the document text.
After login esniper accepts a page title starting with "Electronics" (English page from default server) but not with "Elektronik" (German server) or any other languages. It also accepts several spelling variants of the myEbay page.
To accept the German page, a check for the corresponding text has to be added to the source code. The same applies to other languages.
BTW: In order to use different servers it is not necessary to change the default host names in the source code, you can use config file options "loginHost" etc at run time.
My idea for an improved login mechanism is to use the existing login URLs and check for known page titles that indicate a login failure but ignore other pages. After this try to get the myEbay page and check its page title. With manual tests I get a login page instead of the myEbay page when I'm not logged in.
Bodo, you are right. esniper expects a page with a proper string.
I have modified the appropriate "if" routine in auction.c, line 474, in that way, that it will pass always, independent if login was correctly or not.
It works.
Good night
One thing that I noticed is that nearly all ebay pages contain a JS line of the following format
were USER and FIRSTNAME are the user's username and firstname respectively. Other config strings can be included as well.
When you are not logged in, the line looks like this
So by checking the value of id and fn one could check if the user is logged in. Maybe this method is more reliable than checking the page titles.
However I haven't checked yet if this kind of check can be done in auction.c.
Yeah, this seems to be a good method to verify succeed of login.
I am not familiar with the code, but I believe a simple string compare function of
is no problem.
The way I had made esniper working again was a dirty hack to bring the tool back to life for coming weekend.
I've changed the function to check for the id. This is how it could look like:
This patch worked for me using ebay.com. However as I've tried some wrong passwords ebay forces me to solve captchas ;-) So I can't try ebay.de or ebay.co.uk by now...
I would prefer to add the search for the id string to getPageInfo() and return the login flag as part of the page info structure. I suggest to check for some more text because the short search string ",id:'" looks a bit dangerous to me.
Can't we x-check / use an ebay cookie? IIRC it's possible to auto-login when accessing an ebay page.
I would be interested in a detailed description.
AFAIK ebay login is not permanent. The server asks for the password from time to time. (Don't know details about timeout or conditions.) That's why esniper has a mechanism to renew the login regularly and to make sure to be logged in some time (10min?) before bidding.
I can't remember if this is in the right direction: http://stackoverflow.com/questions/24921029/are-ebay-user-tokens-permanent-fetch-user-token-api
IIRC these tokens can be used to work against the API.
And here is one more, someone using curl to do it:
http://stackoverflow.com/questions/16611362/curl-login-into-ebay-co-uk
Last edit: Robert M. Münch 2015-11-27
It's dangerous, for sure ;-) However I've checked quite a few pages and ",id:'" was unique. One could extend the string to "sin:NUMBER,id:'',fn:''" which makes it even more unique but error-prone if ebay adds attributes inbetween.
In the end every mechanism can fail if ebay changes the page layout... ;-(
This patch worked for me on ebay.de as well. Great stuff!!
But, can the repro of this project be moved to GitHub SF is just crap...
...very detailed problem description about SF...
I tried to move from CVS to Git but did not yet finish to adapt the release script and instructions. We have a partially automated release mechanism that calls CVS commands. This needs to be changed for a transition to Git. (I prefer Git over CVS or SVN, but for me it's not worth the effort.)
Hey Bodo, what if someone else would make the move for you and transfer the newly created project over to you? I see that there is not much to gain from the switch to GitHub for you if no one else steps up and shows that there is indeed interest from other parties.
If time is no issue, I would step up and volunteer to transfer the project to GitHub in the coming months and hand it over to you when I am done. If you are interessted, let's discuss the details at [feature-requests:#31].
Related
Feature Requests: #31
Christian, are you still interested to drive such a transfer to github/gitlab?
It looks to me as if nobody would stop you and a number of people would very much welcome it. But please don't underestimate the needed work. It isn't only to upload the git repo to github.com and call it done. The migration will take some time and effort. Please continue discussion in feature request #31 if you want to volunteer.
I continue the discussion about Git at [feature-requests:#31]
Related
Feature Requests: #31