<?php
  $user="xxx";
  $pass="xxx";
  $url="xxx";
  $threadf="xxx";

  $md5Pass = md5($pass);
    
  $ch = curl_init();
  curl_setopt($ch , CURLOPT_URL , $url);
  curl_setopt($ch , CURLOPT_RETURNTRANSFER , 1);
  curl_setopt($ch , CURLOPT_FOLLOWLOCATION , 1);
  curl_setopt($ch , CURLOPT_REFERER , "http://www.google.com");
  curl_setopt($ch , CURLOPT_USERAGENT , $_SERVER['HTTP_USERAGENT']);
  curl_setopt($ch , CURLOPT_COOKIEFILE, dirname(__FILE__).'/cookies.txt');
  curl_setopt($ch , CURLOPT_COOKIEJAR, dirname(__FILE__).'/cookies.txt');
  $data=curl_exec($ch);    
  
  preg_match('/securitytoken" value="(.*?)"/',$data,$securitytoken);
  curl_setopt($ch , CURLOPT_URL, "".$url."login.php");
  curl_setopt($ch , CURLOPT_POST , TRUE);
  curl_setopt($ch , CURLOPT_POSTFIELDS, 'do=login&url=%2Findex.php&vb_login_md5password='.$md5Pass.'&vb_login_username='.$user.'&cookieuser=1&s=&securitytoken='.$securitytoken[1]);
  $data2=curl_exec($ch);  
  
  $subject="selam selam";                
  $message="merhaba merhaba merhaba";
  curl_setopt($ch , CURLOPT_URL , "".$url."newthread.php?do=newthread&f=".$threadf."");
  preg_match('/securitytoken" value="(.*?)"/',$data,$securitytoken);
  curl_setopt($ch , CURLOPT_POST , TRUE);
  curl_setopt($ch , CURLOPT_POSTFIELDS, 'subject='.$subject.'&message='.$message.'&s=&f='.$threadf.'&securitytoken='.$securitytoken[1].'&do=postthread');
  $data3=curl_exec($ch);
  echo $data3;
?>