I wanted a better way of searching EAs’ FIFA Ultimate Team cards. Their online webapp allows you to do general searches based on Player formation, nationality, team and league but I wanted to search for Players with certain attributes and Inform Players.
I searched the internet for a way of doing this with only one result giving me any hope: http://pastebin.com/Zu5uDP7X this seems to be an autobuyer for FIFA 11 written by a guy called pmzipko.
I tried just updating the URLs to point at the new FIFA 12 links but this didn’t work and so I embarked on a mission to get this to work in PHP and for FIFA 12.
Here is the first file I’ve finished for the project it allows you to connect to the FIFA 12 web app in a future file I’ll add the search options and then possibly a buying function.
You need to supply your Username and Password for the EA website and the hash value of your security question (You may want to Google HTML Headers)
<?PHP /** * @llygoden * @author - Rob McGhee * @URL - www.robmcghee.com * @date - 28/05/12 * @version - 1.0 **/ //EA Web App Username & Password $user = "test@ea.com"; $password = "eapassword"; //Secret Question Hash Value $hash = "548894d5577c241102a85381b911d54d"; //displayname for auth string $dispname = "bot"; //locale for auth string $locale = "en-GB"; //Time now in milliseconds $time = time(); //The 4 EA URLs we need to call in this order $login = "https://www.ea.com/uk/football/services/authenticate/login"; $account = "http://www.ea.com/p/fut/a/card/l/en_GB/s/p/ut/game/ut12/user/accountinfo?timestamp=". $time; $auth = "http://www.ea.com/p/fut/a/card/l/en_GB/s/p/ut/auth"; $quest = "http://www.ea.com/p/fut/a/card/l/en_GB/s/p/ut/game/ut12/phishing/validate"; //HTML Headers to send to the login URL, includes Username and Password $opts = array( 'http'=>array( 'method'=>"POST", 'header'=>"Content-Type: application/x-www-form-urlencoded", 'content'=>"email=".$user."&password=".$password ) ); $context = stream_context_create($opts); //Contains the file returned from EA $EALOGIN = file_get_contents($login, false, $context); //The Headers returned from EA $r = $http_response_header; //EASW Key $s = explode(":", $r[7]); $t = explode(";", $s[1]); $EASW_KEY = $t[0]; //Session Key $m = explode(":", $r[8]); $n = explode(";", $m[1]); $EASF_SESS = $n[0]; //nuc $a = explode("<nucleusId>", $EALOGIN); $b = explode("</nucleusId>", $a[1]); $NUC = $b[0]; //display the keys that we've found echo $EASW_KEY. "<br />"; echo $EASF_SESS. "<br />"; echo "NUC: ".$NUC."<br />"; //unset the variables used in this section as we will use them again unset($opts, $context, $EALOGIN, $http_response_header, $r, $s, $t, $m, $n, $a, $b); //HTML Headers to send to the account info URL, includes the two keys from above $opts = array( 'http'=>array( 'method'=>"GET", 'header'=>"Content-Type: application/x-www-form-urlencoded\r\n". "Cookie: ".$EASW_KEY.";".$EASF_SESS ) ); $context = stream_context_create($opts); //Contains the file returned from EA $EAACCOUNT = file_get_contents($account, false, $context); //The Headers returned from EA $r = $http_response_header; //Get personaID and Platform $d = json_decode($EAACCOUNT); $personaID = $d->userAccountInfo->personas[0]->personaId; $platform = $d->userAccountInfo->personas[0]->userClubList[0]->platform; //display the variables we've got echo "personaId: ".$personaID."<br />"; echo "platform: " .$platform. "<br />"; //unset the variables used in this section as we will use them again unset($opts, $context, $EAACCOUNT, $http_response_header, $r, $d); //HTML Headers to send to the auth URL, includes Both Keys and General User Info $opts = array( 'http'=>array( 'method'=>"POST", 'header'=>"Content-Type: application/json\r\n". "Cookie: ".$EASW_KEY."; ".$EASF_SESS, 'content'=>'{ "isReadOnly": false, "sku": "499A0001", "clientVersion": 3, "nuc": '.$NUC.', "nucleusPersonaId": '.$personaID.', "nucleusPersonaDisplayName": "'.$dispname.'", "nucleusPersonaPlatform": "'.$platform.'", "locale": "'.$locale.'", "method": "idm", "priorityLevel":4, "identification": { "EASW-Token": "" } }' ) ); $context = stream_context_create($opts); //Contains the file returned from EA $EAAUTH = file_get_contents($auth, false, $context); //The Headers returned from EA $r = $http_response_header; //User Session ID $XSID = $r[4]; //Display the User Session ID echo $XSID. "<br />"; //unset the variables used in this section as we will use them again unset($opts, $context, $EAAUTH, $http_response_header, $r, $NUC, $personaID, $platform, $dispname, $locale); //HTML Headers to send to the Validation URL, includes Both Keys, Session ID and our Question Hash $opts = array( 'http'=>array( 'method'=>"POST", 'header'=>"Content-Type: application/x-www-form-urlencoded\r\n". "Cookie: ".$EASW_KEY."; ".$EASF_SESS ."\r\n". $XSID, 'content'=>"answer=".$hash ) ); $context = stream_context_create($opts); //Contains the file returned from EA $EAVALIDATE = file_get_contents($quest, false, $context); //The Headers returned from EA $r = $http_response_header; //Phishing Key $s = explode(":", $r[7]); $t = explode(";", $s[1]); $PHISHKEY = $t[0]; //Display the Phishing Key echo $PHISHKEY. "<br />"; unset($opts, $context, $EAAUTH, $http_response_header, $r, $s, $t); ?>
We now have all the information needed to carry out searches and trades based on pmzipkos code. I will get to these function soon
[…] Published Sign in to FIFA 12 Ultimate Team using PHP. […]
Hey Robert,
my name is Tim and i want to make an web application for fifa ultimate team, and im so happy i found your blog.
but i’am stuck in my project right now,
i got the $EASW_KEY and $EASF_SESS, but i cant get the phishing key, i have already tried to get the key for hours now and i hope you can help me.
my code http://pastebin.com/QrTf3gsA
i know what is wrong but i dont know what to do to get it right,
the code is using index 7 to get the line for the phishkey, but when i vardump the httpheaders there is no line 7
$context = stream_context_create($opts);
//Contains the file returned from EA
$EAVALIDATE = file_get_contents($quest, false, $context);
//The Headers returned from EA
$r = $http_response_header;
var_dump($r);
////Phishing Key
//$s = explode(“:”, $r[7]);
//$t = explode(“;”, $s[1]);
//$PHISHKEY = $t[0];
//http://www.ea.com/p/fut/a/card/l/en_GB/s/p/ut/game/ut12/phishing/validate header vardump
0 => string ‘HTTP/1.1 200 OK’ (length=15)
1 => string ‘Date: Mon, 23 Jul 2012 21:19:58 GMT’ (length=35)
2 => string ‘Server: EASW’ (length=12)
3 => string ‘X-Content-Length: -1’ (length=20)
4 => string ‘Content-Type: application/json;charset=utf-8’ (length=44)
5 => string ‘Content-Length: 103’ (length=19)
6 => string ‘Connection: close’ (length=17)
what did you do to get the phishkey?, i hope to hear from you.
Thanks in advance Tim.
Did you ever get this working? I’ve been interested in some better search options too. Found your article while searching “EA Ultimate Team API”.
Thanks for sharing, great work, i have written this in C++ but when i send my json to the auth url i get 404 response.