Jump to content


Photo

HELP!!!!! Passing Parameters in the URL from website to website!


  • Please log in to reply
19 replies to this topic

#1 420blaze

420blaze
  • New Members
  • Pip
  • Newbie
  • 8 posts

Posted 07 August 2006 - 09:28 PM

Ok, I've been at this all day and I feel like  smashing my computer with a sledgehammer by now! PLEASE HELP!!!!!!!

It sounds simple: 

I am trying to log-in to a website by passing the  username and password through a URL parameter. The problem is that different people will have different user/pass so the login information is located on a database (mysql) and must be retrieved using php!

People will already be logged in to a session variable!
I am simply loading an external website through an iframe and trying to get it to log in automatically using this method:

> http://www.address.a...&password=yyyyy

I understand that the xxxx and the yyyyy must reference their corresponding fields in my database.

The problem is that MY database is on MY server and "address.aspx" is an external site.

How do I reference the external site AND my database AND the correct database field.

THANK YOU!!!!!

#2 dual_alliance

dual_alliance
  • Members
  • PipPipPip
  • Advanced Member
  • 140 posts
  • LocationNSW, Australia

Posted 07 August 2006 - 09:34 PM

Why are you posting an asp problem in a php forum?

#3 mewhocorrupts

mewhocorrupts
  • Members
  • PipPipPip
  • Advanced Member
  • 36 posts
  • LocationParker, CO

Posted 07 August 2006 - 09:42 PM

Correct me if I'm wrong, but the following should work.

PHP would be something similar to this.
<?php
.....

$iframe_loc = $remote_url . "?user=" . $_SESSION['user'] . "&pass=" . $_SESSION['pass'];

.....
?>

HTML should look something like this.
<iframe src="<?php echo($iframe_loc); ?>">
</iframe>

-mewhocorrupts

#4 420blaze

420blaze
  • New Members
  • Pip
  • Newbie
  • 8 posts

Posted 07 August 2006 - 09:43 PM

I am not using ASP. I am using PHP. The external website just happens to be an asp site.

So far, this is what I've come up with so far (but it doesnt include the database source website):

<iframe src="http://www.address.a...?username=<?php echo $row_rshandicapping['GSID']; ?>&password=<?php echo $row_rshandicapping['password']; ?>"

Im not sure if this is correct...
Your help would be greatly appreciated!!!



#5 corbin

corbin
  • Staff Alumni
  • Advanced Member
  • 8,129 posts

Posted 08 August 2006 - 05:16 AM

<iframe src="http://www.site.com/...?username=<?php echo $row_rshandicapping['GSID']; ?>&password=<?php echo $row_rshandicapping['password']; ?>

is what it should look like .aspx is not a domain thing... and also the site that youre tryin to do this with... does it scan the get variables for a username and password or use post?  Cause if its not GET then this isnt gonna work lol...
Why doesn't anyone ever say hi, hey, or whad up world?

#6 420blaze

420blaze
  • New Members
  • Pip
  • Newbie
  • 8 posts

Posted 08 August 2006 - 09:53 AM

Correct me if I'm wrong, but the following should work.

PHP would be something similar to this.

<?php
.....

$iframe_loc = $remote_url . "?user=" . $_SESSION['user'] . "&pass=" . $_SESSION['pass'];

.....
?>

HTML should look something like this.
<iframe src="<?php echo($iframe_loc); ?>">
</iframe>


mewhocorrupts, i got very close to solving my problem using your code...can you please elaborate a bit more???? Im almost there but im doing something wrong... THANKS!!!

#7 GingerRobot

GingerRobot
  • Staff Alumni
  • Advanced Member
  • 4,086 posts
  • LocationUK

Posted 08 August 2006 - 10:15 AM

Well what happens when you use the code that mewhocorrupts provided?

#8 420blaze

420blaze
  • New Members
  • Pip
  • Newbie
  • 8 posts

Posted 08 August 2006 - 05:43 PM

well, im not sure what to make of the feilds in red...i understand that they are database feilds but  what exactly is the syntax to be used there???

#9 GingerRobot

GingerRobot
  • Staff Alumni
  • Advanced Member
  • 4,086 posts
  • LocationUK

Posted 08 August 2006 - 05:48 PM

when you say the bits in red, do you mean ; "?user=" ?

If so, that is not a variable. That is plain text.

#10 420blaze

420blaze
  • New Members
  • Pip
  • Newbie
  • 8 posts

Posted 08 August 2006 - 05:52 PM

after the = sign, am i supposed to type the actual username or password? because the whole point is so that it retrieves the user/pass from a database

#11 bltesar

bltesar
  • Members
  • PipPipPip
  • Advanced Member
  • 109 posts

Posted 08 August 2006 - 06:18 PM

you have to write the code to retrieve the username and password from your database.  Then you create the URL


//get username and password from db, assign these values to $user and $pass

//create the URL
$iframe_loc = $remote_url . "?user=" . $user . "&pass=" . $pass;

//load the page into your iframe


#12 420blaze

420blaze
  • New Members
  • Pip
  • Newbie
  • 8 posts

Posted 08 August 2006 - 07:11 PM

The problem im having, is writing the actual code that retrieves the user name and passwordin  in those "$user=" & "&pass=" fields... can anyone give an example code of what goes in there??? sorry...im a big noob :(

#13 SephirGaine

SephirGaine
  • Members
  • PipPipPip
  • Advanced Member
  • 44 posts

Posted 08 August 2006 - 07:15 PM

You said that you're already getting the username and password from a database through PHP, right? All you really need to do now is assign those two things to $user and $pass variables. No need to change the code as it is, just need to clarify your own code a bit to connect what mewhocorrupts gave you to what you already have.

#14 420blaze

420blaze
  • New Members
  • Pip
  • Newbie
  • 8 posts

Posted 08 August 2006 - 07:24 PM

I have the username and password stored in a database which has to be retrieved using php....

because there are different users with different passwords, entering a static value does me no good...

the point is  to retrieve the info dynamically... so i can't actually define a specific static value because then every users info is different.

#15 bltesar

bltesar
  • Members
  • PipPipPip
  • Advanced Member
  • 109 posts

Posted 08 August 2006 - 07:27 PM

you must be getting some information from your user to determine their username/password. 

#16 bpops

bpops
  • Members
  • PipPipPip
  • Advanced Member
  • 232 posts

Posted 08 August 2006 - 08:03 PM

If I understand what's going on, when these guys are telling you to use $_SESSION['user'] and $_SESSION['pass'], those variables user and pass are the variables stored in the session... which is unique to everyone. So you've already gotten the info out of the database and you are now just looking at the session itself.

#17 420blaze

420blaze
  • New Members
  • Pip
  • Newbie
  • 8 posts

Posted 08 August 2006 - 09:32 PM

so what exactly is to be done?

this is what i have sofar:


<?php
$iframe_loc = $remote_url="http://www.remotesite.aspx" . "?username=" . $_SESSION['username'] . "&password=" . $_SESSION['password']; ?>
<iframe src="<?php echo($iframe_loc); ?>"

is this code correct? Because for some reason it is not working....
anyone??? your help is greatly appreciated

#18 corbin

corbin
  • Staff Alumni
  • Advanced Member
  • 8,129 posts

Posted 08 August 2006 - 09:34 PM

you forgot the > on your iframe tag... also the format of an iframe is
<iframe>error messege for if the browser cant display it</iframe>

also uhhh why
iframe_loc = $remote_url=
why not just
$iframe_loc="http://www.remotesite.aspx" . "?username=" . $_SESSION['username'] . "&password=" . $_SESSION['password'];

Also are you setting the SESSION variables?  Cause if not this is only gonna iframe http://remotesite.as...name=&password=
Why doesn't anyone ever say hi, hey, or whad up world?

#19 HeyRay2

HeyRay2
  • Members
  • PipPipPip
  • Advanced Member
  • 223 posts

Posted 08 August 2006 - 10:29 PM

The first thing you have to do is authenticate the user information on your end, so below is a basic form to do that:

login.php
<?php

// Check if the login form was submitted
if($_POST['login']){
   // Get the username and password from the form submission
   $username = $_POST['username'];
   $password = $_POST['password'];

   // Query the database
   $sql = "SELECT * FROM 'users' WHERE 'username' = '$username' AND 'password' = '$password' LIMIT 1";
   $result = mysql_query($sql) or die("Error Retreiving Users: ".mysql_error());
   $row = mysql_fetch_array($result);

   // Check if any results were returned
   if($row > 0){
	// If a match for the user information was found,
	// start a session and register the username and password in the session
      session_start();
      $_SESSION['username'] = $username;
      $_SESSION['password'] = $password;
   
	// Define the iframe
      $iframe_loc = "http://www.remotesite.aspx" . "?username=" . $_SESSION['username'] . "&password=" . $_SESSION['password'];

	// Start showing the web page
      echo '<html>
	    <body>';

	/// Show the iframe
      echo '<iframe src="'.$iframe_loc.'">error messege for if the browser cant display it</iframe>';

        // Close the page
      echo '</body>
	    </html>';

   } else {
	// If no matches were found for the user information provided
	// Go back to the login page with an error set 
      Header("Location: login.php?error=1");
   }
} else {
   // Start the page
   echo '<html>
	 <body>';

   // Show any errors
   if($_GET['error'] = 1){
	echo '<strong><font color="red">There was an error with your login information</font></strong>';

   // Show the login form:
   echo '<h1>Login</h1>
	 <form action="login.php" method="POST">
	 <input type="text" name="username"><br />
	 <input type="password" name="password"><br />
	 <input type="submit" name="login" value="Login!">
	 </form>';

   // Close the page
   echo "</body>
	 </html>";
}           

?> 

NOTE: The code above is aimed to be a simple example only, I highly recommend you encrypt the password before you check it using md5() or similar.

Once you've have the login information for the current user, then you can take that information and pass it to the remote site in the following line from above:

// Define the iframe
$iframe_loc = "http://www.remotesite.aspx" . "?username=" . $_SESSION['username'] . "&password=" . $_SESSION['password'];

For this to work, the remote site has to accept login information through the $_GET variable array, and you will need to be sure that you're passing it variable names that it understands.

The only alternative would be to configure the remote site to query YOUR database to check the login information.

#20 mewhocorrupts

mewhocorrupts
  • Members
  • PipPipPip
  • Advanced Member
  • 36 posts
  • LocationParker, CO

Posted 08 August 2006 - 11:02 PM

Correct me if I'm wrong, but the following should work.

PHP would be something similar to this.

<?php
.....

$iframe_loc = $remote_url . "?user=" . $_SESSION['user'] . "&pass=" . $_SESSION['pass'];

.....
?>

HTML should look something like this.
<iframe src="<?php echo($iframe_loc); ?>">
</iframe>


mewhocorrupts, i got very close to solving my problem using your code...can you please elaborate a bit more???? Im almost there but im doing something wrong... THANKS!!!


Your welcome.  And the bits in red, as far as the "?user=" are just portions of the parameter string.  They're posted to the remote script, exactly like a form would do, but manually here.  The bits of red that resemble "$_SESSION['user']" are variables being pulled from the user's session.  It's the same as $_POST or $_GET.  If you're pulling values out of a database, just plug in the corresponding variables in place of both mentions of "$_SESSION" and it'll be to the same end.

Like so:
<?php
.....

$iframe_loc = $remote_url . "?user=" . $var_that_holds_username . "&pass=" . $var_that_holds_user_password;

.....
?>

-mewhocorrupts




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users