Redirect to wrong course

[gred0216]

log.txt

I tried to ls any one of the courses, and it would finally redirect to the front page and the wrong course.

[lantw44]

$ curl https://ceiba.ntu.edu.tw/1072CHIN1050_02
<!doctype html>
    <html>
<head>
    <title>NTU CEIBA - 國立臺灣大學 非同步課程：</title>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>

<frameset rows="0,*" frameborder="NO" border="0" framespacing="0"> 
  <frame name="tFrame" marginwidth="0" marginheight="0" noresize scrolling="NO" frameborder="NO" src="" >
  <frame name="Main" marginwidth="0" marginheight="0" noresize scrolling="YES" frameborder="NO" src="https://ceiba.ntu.edu.tw/modules/?csn=fe895c">
</frameset>
<noframes><body bgcolor="#FFFFFF" text="#000000">

</body></noframes>
</html>

Is it the same as what you see? Since I don't have access to the course shown in your log file, I cannot confirm myself. It seems that we will have to parse this HTML 4 frames to get csn.

[gred0216]

Hi, thanks for the reply. That's exactly what I saw using curl.
By the way, are the PHPSSID and user of API and web supposed to be the same one? I can log in and see the lesson using ls anyway.

[lantw44]

Sorry for the late reply. I admit that this project isn't well-maintained...
I just tried the same curl command as above, and it seems that the page has changed.

$ curl https://ceiba.ntu.edu.tw/1072CHIN1050_02
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://ceiba.ntu.edu.tw/login_test.php?csn=fe895c">here</a>.</p>
<hr>
<address>Apache/2.2.34 (FreeBSD) PHP/5.2.17 mod_ssl/2.2.34 OpenSSL/1.0.2k-freebsd DAV/2 Server at ceiba.ntu.edu.tw Port 443</address>
</body></html>

Since it redirected to a login_test.php page, which is a common pattern in CEIBA, it should no longer trigger the assertion failure. Can you check whether it works for you now?

By the way, are the PHPSSID and user of API and web supposed to be the same one? I can log in and see the lesson using ls anyway.

I have no access to the source code or the API documentation of CEIBA, so I can't really understand how it works. Everything below is just my observation.

Yes, PHPSESSID can be the same. A CEIBA seesion is created when you clicks the login button. It is created by https://ceiba.ntu.edu.tw/ChkSessLib.php using Set-Cookie header. A CEIBA session is initially an web-only session, meaning it has no access to CEIBA API. To use CEIBA API, you have to access a special URL: https://ceiba.ntu.edu.tw/course/f03067/app/info_web.php?api_version=2. After that, the session is allowed to send both API and web requests.

If I remember correctly, user isn't required at all. You can safely delete it from the configuration file without being logged out. It was added for testing purpose, but I never document it.