Closed 0dayCTF closed 5 years ago
Same.
It's prob just an issue with how he's scraping the giveaway data from https://www.giveawaylisting.com/index2.html
That's my guess, hopefully he replies soon!
Not sure if it's helpful or not, but when I attempt to interrupt with ctrl+c in IDLE, I get the following message on loop:
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "I:\Working\Amazon Bot\amazoncontest.py", line 24, in amazon_bot
response = get("view-source:https://www.giveawaylisting.com/index2.html")
File "C:\Program Files (x86)\Python37-32\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "C:\Program Files (x86)\Python37-32\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "C:\Program Files (x86)\Python37-32\lib\site-packages\requests\sessions.py", line 533, in request
resp = self.send(prep, **send_kwargs)
File "C:\Program Files (x86)\Python37-32\lib\site-packages\requests\sessions.py", line 640, in send
adapter = self.get_adapter(url=request.url)
File "C:\Program Files (x86)\Python37-32\lib\site-packages\requests\sessions.py", line 731, in get_adapter
raise InvalidSchema("No connection adapters were found for '%s'" % url)
requests.exceptions.InvalidSchema: No connection adapters were found for 'view-source:https://www.giveawaylisting.com/index2.html'
Oh my bad i should update the readme. Try installing lxml package on pip.
pip install lxml
See if that is the problem, might be having an issue parsing the data
Oh my bad i should update the readme. Try installing lxml package on pip.
pip install lxml
See if that is the problem, might be having an issue parsing the data
Installed LXML, and it did get rid of the Could not load items message. However, it seems the SQL statement to clean up your URLs is bugged.
Loading prizes
100% complete...
Removing prizes that you have already entered into
Traceback (most recent call last):
File "amazoncontest.py", line 381, in <module>
load_login_info()
File "amazoncontest.py", line 372, in load_login_info
amazon_bot(email, password, name, want_follow)
File "amazoncontest.py", line 69, in amazon_bot
cursor.execute("DELETE FROM enteredurls WHERE url=", (row[1],))
sqlite3.OperationalError: incomplete input
The code block with the problem is included below:
for row in entered_urls_database:
time_since = datetime.date.today() - row[2] #Compare date of url
if time_since.days >= 7: #If url is older than a week delete it
cursor.execute("DELETE FROM enteredurls WHERE url=", (row[1],))
Not sure if you mean to append the row to your SQL command, but that's what it looks like you want to do.
One thing you need to look out for is NOT using concatenation to send SQL commands. A person running your program can attack your database (access restricted data and delete your stuff) using SQL injection, which they can do by putting a malicious parameter in the submitted string or putting another command on the end of your command, so it ends up sending "DELETE FROM " + rest of expected command + dangerous command that deletes your whole database.
Better info here: w3schools
It is not as dangerous here, since this is a local SQLite db, so it's only going to hurt the user attacking the database (LOL) but you need to use the official way (passing tuples into a function that performs the SQL query and looks for malicious patterns) for any queries directed to your server. Links and details below:
Example:
AUSTRIA = u"\xd6sterreich"
# by default, rows are returned as Unicode
cur.execute("select ?", (AUSTRIA,))
In this example, AUSTRIA is a string (all caps naming is used to indicate constant, but it is still technically mutable). the cur.execute statement has a ? where it will substitute the value, and this substitution will be santitized. Now I get the idea that you just forgot to include a ? where you wanted your variable inserted. My bad.
@andrewelick : Submitted a patch.
I created a Firefox profile, I installed all requirements but am having some issues loading items, would love to see this work!
Loading prizes Could not load items
Loading prizes Could not load items
Loading prizes Could not load items
Loading prizes Could not load items
Loading prizes Could not load items
Loading prizes