Jump to content

HELP!!!!! Passing Parameters in the URL from website to website!


420blaze

Recommended Posts

Ok, I've been at this all day and I feel like  smashing my computer with a sledgehammer by now! PLEASE HELP!!!!!!!

It sounds simple: 

I am trying to log-in to a website by passing the  username and password through a URL parameter. The problem is that different people will have different user/pass so the login information is located on a database (mysql) and must be retrieved using php!

People will already be logged in to a session variable!
I am simply loading an external website through an iframe and trying to get it to log in automatically using this method:

> http://www.address.aspx?username=xxxx&password=yyyyy

I understand that the xxxx and the yyyyy must reference their corresponding fields in my database.

The problem is that MY database is on MY server and "address.aspx" is an external site.

How do I reference the external site AND my database AND the correct database field.

THANK YOU!!!!!
Link to comment
Share on other sites

Correct me if I'm wrong, but the following should work.

PHP would be something similar to this.
[code]
<?php
.....

$iframe_loc = $remote_url . "?user=" . $_SESSION['user'] . "&pass=" . $_SESSION['pass'];

.....
?>
[/code]

HTML should look something like this.
[code]
<iframe src="<?php echo($iframe_loc); ?>">
</iframe>
[/code]
Link to comment
Share on other sites

I am not using ASP. I am using PHP. The external website just happens to be an asp site.

So far, this is what I've come up with so far (but it doesnt include the database source website):

<iframe src="http://www.address.aspx?username=<?php echo $row_rshandicapping['GSID']; ?>&password=<?php echo $row_rshandicapping['password']; ?>"

Im not sure if this is correct...
Your help would be greatly appreciated!!!

Link to comment
Share on other sites

<iframe src="http://www.site.com/page.aspx?username=<?php echo $row_rshandicapping['GSID']; ?>&password=<?php echo $row_rshandicapping['password']; ?>

is what it should look like .aspx is not a domain thing... and also the site that youre tryin to do this with... does it scan the get variables for a username and password or use post?  Cause if its not GET then this isnt gonna work lol...
Link to comment
Share on other sites

[quote author=mewhocorrupts link=topic=103330.msg411392#msg411392 date=1154986946]
Correct me if I'm wrong, but the following should work.

PHP would be something similar to this.
[code]
<?php
.....

$iframe_loc = $remote_url . "?user=" . $_SESSION['user'] . "&pass=" . $_SESSION['pass'];

.....
?>
[/code]

HTML should look something like this.
[code]
<iframe src="<?php echo($iframe_loc); ?>">
</iframe>
[/code]

[/quote]

mewhocorrupts, i got very close to solving my problem using your code...can you please elaborate a bit more???? Im almost there but im doing something wrong... THANKS!!!
Link to comment
Share on other sites

you have to write the code to retrieve the username and password from your database.  Then you create the URL


//get username and password from db, assign these values to $user and $pass

//create the URL
$iframe_loc = $remote_url . "?user=" . $user . "&pass=" . $pass;

//load the page into your iframe
Link to comment
Share on other sites

You said that you're already getting the username and password from a database through PHP, right? All you really need to do now is assign those two things to $user and $pass variables. No need to change the code as it is, just need to clarify your own code a bit to connect what mewhocorrupts gave you to what you already have.
Link to comment
Share on other sites

I have the username and password stored in a database which has to be retrieved using php....

because there are different users with different passwords, entering a static value does me no good...

the point is  to retrieve the info dynamically... so i can't actually define a specific static value because then every users info is different.
Link to comment
Share on other sites

If I understand what's going on, when these guys are telling you to use $_SESSION['user'] and $_SESSION['pass'], those variables user and pass are the variables stored in the session... which is unique to everyone. So you've already gotten the info out of the database and you are now just looking at the session itself.
Link to comment
Share on other sites

so what exactly is to be done?

this is what i have sofar:

[code]

<?php
$iframe_loc = $remote_url="http://www.remotesite.aspx" . "?username=" . $_SESSION['username'] . "&password=" . $_SESSION['password']; ?>
<iframe src="<?php echo($iframe_loc); ?>"

[/code]
is this code correct? Because for some reason it is not working....
anyone??? your help is greatly appreciated
Link to comment
Share on other sites

you forgot the > on your iframe tag... also the format of an iframe is
[code=php:0]<iframe>error messege for if the browser cant display it</iframe>[/code]

also uhhh why
[code]
iframe_loc = $remote_url=
[/code]
why not just
$iframe_loc="http://www.remotesite.aspx" . "?username=" . $_SESSION['username'] . "&password=" . $_SESSION['password'];

Also are you setting the SESSION variables?  Cause if not this is only gonna iframe http://remotesite.aspx?username=&password=
Link to comment
Share on other sites

The first thing you have to do is authenticate the user information on your end, so below is a basic form to do that:

[b]login.php[/b]
[code]
<?php

// Check if the login form was submitted
if($_POST['login']){
  // Get the username and password from the form submission
  $username = $_POST['username'];
  $password = $_POST['password'];

  // Query the database
  $sql = "SELECT * FROM 'users' WHERE 'username' = '$username' AND 'password' = '$password' LIMIT 1";
  $result = mysql_query($sql) or die("Error Retreiving Users: ".mysql_error());
  $row = mysql_fetch_array($result);

  // Check if any results were returned
  if($row > 0){
// If a match for the user information was found,
// start a session and register the username and password in the session
      session_start();
      $_SESSION['username'] = $username;
      $_SESSION['password'] = $password;
 
// Define the iframe
      $iframe_loc = "http://www.remotesite.aspx" . "?username=" . $_SESSION['username'] . "&password=" . $_SESSION['password'];

// Start showing the web page
      echo '<html>
    <body>';

/// Show the iframe
      echo '<iframe src="'.$iframe_loc.'">error messege for if the browser cant display it</iframe>';

        // Close the page
      echo '</body>
    </html>';

  } else {
// If no matches were found for the user information provided
// Go back to the login page with an error set
      Header("Location: login.php?error=1");
  }
} else {
  // Start the page
  echo '<html>
<body>';

  // Show any errors
  if($_GET['error'] = 1){
echo '<strong><font color="red">There was an error with your login information</font></strong>';

  // Show the login form:
  echo '<h1>Login</h1>
<form action="login.php" method="POST">
<input type="text" name="username"><br />
<input type="password" name="password"><br />
<input type="submit" name="login" value="Login!">
</form>';

  // Close the page
  echo "</body>
</html>";
}         

?>
[/code]

[b]NOTE: The code above is aimed to be a simple example only, I highly recommend you encrypt the password before you check it using md5() or similar[/b].

Once you've have the login information for the current user, then you can take that information and pass it to the remote site in the following line from above:

[code]
// Define the iframe
$iframe_loc = "http://www.remotesite.aspx" . "?username=" . $_SESSION['username'] . "&password=" . $_SESSION['password'];
[/code]

For this to work, the remote site has to accept login information through the $_GET variable array, and you will need to be sure that you're passing it variable names that it understands.

The only alternative would be to configure the remote site to query [b]YOUR[/b] database to check the login information.
Link to comment
Share on other sites

[quote author=420blaze link=topic=103330.msg411588#msg411588 date=1155030833]
[quote author=mewhocorrupts link=topic=103330.msg411392#msg411392 date=1154986946]
Correct me if I'm wrong, but the following should work.

PHP would be something similar to this.
[code]
<?php
.....

$iframe_loc = $remote_url . "?user=" . $_SESSION['user'] . "&pass=" . $_SESSION['pass'];

.....
?>
[/code]

HTML should look something like this.
[code]
<iframe src="<?php echo($iframe_loc); ?>">
</iframe>
[/code]

[/quote]

mewhocorrupts, i got very close to solving my problem using your code...can you please elaborate a bit more???? Im almost there but im doing something wrong... THANKS!!!
[/quote]

Your welcome.  And the bits in red, as far as the "?user=" are just portions of the parameter string.  They're posted to the remote script, exactly like a form would do, but manually here.  The bits of red that resemble "$_SESSION['user']" are variables being pulled from the user's session.  It's the same as $_POST or $_GET.  If you're pulling values out of a database, just plug in the corresponding variables in place of both mentions of "$_SESSION" and it'll be to the same end.

Like so:
[code]
<?php
.....

$iframe_loc = $remote_url . "?user=" . $var_that_holds_username . "&pass=" . $var_that_holds_user_password;

.....
?>
[/code]
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.