could be many reasons, i’ll cover a couple (hard to say without testing this on the actual url)

Idea 1: Incorrect Array Pointer:
It looks like your regexExtract() function is not assigning a value to the $viewstate var – this could be because your calling regexExtract() with $nthValue as 1 – this would imply that when the $regs array is populated by preg_match() you are extracting the 2nd item in the array (dont forget php array pointers are 0 based.)

Idea 2: Logic problem in regular expressions
Your regular expressions are not matching any content due to a logic error – again, i cant help with this unless we can see the content being returned from curl_exec() – those regular expressions are designed for sites using asp.net native authentication system – are you definitly logging into an asp.net site?

Also, please remove the asp-classic tag from your question, i dont think it applies?

EDIT: ok, i have done some testing & got the $viewstate and $eventval vars to populate & prove the regular expressions are working OK, (and to check “1” is the correct pointer). My testing proves that the curl is correctly extracting the viewstate and posting it to the login page.

I tested this by creating the following php file (echopost.php):

<?
foreach($_GET as $name => $value) {
    print "QueryString: $name : $value<br>";
}
foreach($_POST as $name => $value) {
    print "POST: $name : $value<br>";
}
$cookie=$_COOKIE;
foreach ($cookie as $name=>$value) {
    print "Cookie: $name : $value<br>";
}
?>

I then changed this line 99~ to submit the login information to echopost & output the results (to prove that the regular expressions had correctly populated $viewstate and $eventval:

line 99~

curl_setOpt($ch, CURLOPT_POST, TRUE); 
curl_setopt($ch, CURLOPT_POSTFIELDS, $postData); 
curl_setopt($ch, CURLOPT_URL, "http://www.heavencore.co.uk/so/echopost.php"); //#### Note this line that changes 
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookieFile);     

$data = curl_exec($ch); 
echo "Response from echopost.php (login): <hr />" . $data; 

as you can see, the echopage is returning to curl the correct values from the regular expressions meaning that $viewstateand $eventval are now populated and working.

Demo: http://www.heavencore.co.uk/so/login.php
based on the dummy login page http://www.heavencore.co.uk/so/login.htm

I Changed this line:

function regexExtract($text, $regex, $regs, $nthValue) 

to this:

function regexExtract($text, $regex, $nthValue)

& Changed these lines:

$viewstate = regexExtract($data,$regexViewstate,$regs,1); 
$eventval = regexExtract($data,$regexEventVal,$regs,1); 

to this:

$viewstate = regexExtract($data,$regexViewstate,1); 
$eventval = regexExtract($data,$regexEventVal,1); 

EDIT 2:

OK, This is working fine:

http://www.heavencore.co.uk/so/login.php

Note that login.php outputs the “Welcome to /../, HeavenCore!” page – meaning curl logged in OK.

My Source:

<?php 
/************************************************ 
* ASP.NET web site scraping script; 
* Developed by MishaInTheCloud.com 
* Copyright 2009 MishaInTheCloud.com. All rights reserved. 
* The use of this script is governed by the CodeProject Open License 
* See the following link for full details on use and restrictions. 
*   http://www.codeproject.com/info/cpol10.aspx 
* 
* The above copyright notice must be included in any reproductions of 
this script. 
************************************************/ 
error_reporting(E_ALL); 
/************************************************ 
* values used throughout the script 
************************************************/ 
// urls to call - the login page and the secured page 
$urlLogin = "http://www.website.com/Default.aspx"; 
$urlSecuredPage = "http://www.website.com/Default.aspx"; 

// POST names and values to support login 
$nameUsername=rawurlencode('ctl00$txtLoginName');       // the name of the username textbox on the login form 
$namePassword=rawurlencode('ctl00$txtPassword');       // the name of the password textbox on the login form 
$nameLoginBtn=rawurlencode('ctl00$btnLogin');          // the name of the login button (submit) on the login form 
$valUsername ='HeavenCore';        // the value to submit for the username 
$valPassword ='password';        // the value to submit for the password 
$valLoginBtn ='Login';             // the text value of the login button itself 

// the path to a file we can read/write; this will 
// store cookies we need for accessing secured pages 
$cookieFile = 'cookie.txt'; 

// regular expressions to parse out the special ASP.NET 
// values for __VIEWSTATE and __EVENTVALIDATION 
$regexViewstate = "/__VIEWSTATE\" value=\"(.*)\"/i"; 
$regexEventVal  = "/__EVENTVALIDATION\" value=\"(.*)\"/i"; 

/************************************************ 
* utility function: regexExtract 
*    use the given regular expression to extract 
*    a value from the given text;  $regs will 
*    be set to an array of all group values 
*    (assuming a match) and the nthValue item 
*    from the array is returned as a string 
************************************************/ 
function regexExtract($text, $regex, $nthValue) 
{ 

if (preg_match($regex, $text, $regs)) { 
 $result = $regs[$nthValue]; 
} 
else { 
 $result = ""; 
} 
return $result; 
} 


/************************************************ 
* initialize a curl handle; we'll use this 
*   handle throughout the script 
************************************************/ 
$ch = curl_init(); 


/************************************************ 
* first, issue a GET call to the ASP.NET login 
*   page.  This is necessary to retrieve the 
*   __VIEWSTATE and __EVENTVALIDATION values 
*   that the server issues 
************************************************/ 
curl_setopt($ch, CURLOPT_URL, $urlLogin); 
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:11.0) Gecko/20100101 Firefox/11.0' ); 
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); 
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE); 
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); 
$data=curl_exec($ch); 
echo curl_error($ch); 
// from the returned html, parse out the __VIEWSTATE and 
// __EVENTVALIDATION values 
$viewstate = regexExtract($data,$regexViewstate,1); 
$eventval = regexExtract($data,$regexEventVal,1); 
/************************************************ 
* now issue a second call to the Login page; 
*   this time, it will be a POST; we'll send back 
*   as post data the __VIEWSTATE and __EVENTVALIDATION 
*   values the server previously sent us, as well as the 
*   username/password.  We'll also set up a cookie 
*   jar to retrieve the authentication cookie that 
*   the server will generate and send us upon login. 
************************************************/ 
$postData = '__VIEWSTATE='.rawurlencode($viewstate) 
          .'&__EVENTVALIDATION='.rawurlencode($eventval) 
          .'&'.$nameUsername.'='.$valUsername 
          .'&'.$namePassword.'='.$valPassword 
          .'&'.$nameLoginBtn.'='.$valLoginBtn 
          ; 

curl_setOpt($ch, CURLOPT_POST, TRUE); 
curl_setopt($ch, CURLOPT_POSTFIELDS, $postData); 
curl_setopt($ch, CURLOPT_URL, $urlLogin);   
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookieFile);     

$data = curl_exec($ch); 
 echo "Response from echopost.php (login): <hr />" . $data; 

/************************************************ 
* with the authentication cookie in the jar, 
* we'll now issue a GET to the secured page; 
* we set curl's COOKIEFILE option to the same 
* file we used for the jar before to ensure the 
* authentication cookie is sent back to the 
* server 
************************************************/ 
curl_setOpt($ch, CURLOPT_POST, FALSE); 
curl_setopt($ch, CURLOPT_URL, $urlSecuredPage);   
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookieFile);     

$data = curl_exec($ch); 

// at this point the secured page may be parsed for 
// values, or additional POSTS made to submit parameters 
// and retrieve data.  For this sample, we'll just 
// echo the results. 



/************************************************ 
* that's it! Close the curl handle 
************************************************/ 
curl_close($ch); 
?>