php session

[june_c21]

in my website i create a link to a web page, but when click it will prompt for username and password . how to use session to embedded the username and password ? so that when other user click on the link , it will automatically redirect them to the page without prompt for username and password ?

 

<p><strong>RCA DATABASE</strong></p>
<p>
  <?php
include './includes/header.php';
$id = $_GET['id'];

?>
</p>
<form enctype="multipart/form-data"  method="post" action="nerc1.php?id=<?php echo $id ?>">
  <p>NERC CODE 
    <label>
    <input name="nerc" type="text" id="nerc" />
    </label>
    <a href="http://135.27.130.204/stat123_01/nerc_1.php">Lookup</a></p>
  
  <p> </p>
  <label>

    <input type="submit" name="Submit" value="Submit">
  </label>
  </p>
</form>

 

session_start();
#
$_SESSION['username'] = 'produce';
$_SESSION['password'] = 'perform';

[trq]

Is nerc_1.php uner your control? What does it contain? Sessions do not persist across domains.

[worldly]

It sounds like the best way to do what you want would be to use a form with hidden fields and a link in place of a submit button. Be sure to submit the form using POST instead of GET so the the username and password won't be visible in the query string. The inputs would look like this:

<input type="hidden" name="username" value="someuser">
<input type="hidden" name="password" value="apswd">

For the Submit link, you could use:

<input type="submit" value="Submit" style="border: none; background: none">

[june_c21]

It sounds like the best way to do what you want would be to use a form with hidden fields and a link in place of a submit button. Be sure to submit the form using POST instead of GET so the the username and password won't be visible in the query string. The inputs would look like this:

<input type="hidden" name="username" value="someuser">
<input type="hidden" name="password" value="apswd">

For the Submit link, you could use:

<input type="submit" value="Submit" style="border: none; background: none">

 

still cannot . when i click on submit , it will still prompt me for username and password .

[june_c21]

Kindly look at my attachment and let me know how to auto input the username and password and redirect to the desire page.

 

[attachment deleted by admin]

[trq]

Read my first response.

[june_c21]

Read my first response.

this is what nerc_1.php contain

<?php
include './includes/header.php';

$id = $_GET ['id'];

$nerc = $_POST ['nerc'];

$query1= "UPDATE event SET nerc= '$nerc' where id=$id ";
$result1 = mysql_query($query1,$dblink);



?>

[kenrbnsn]

The only way to get around that username/password box is to use curl.

 

Ken

[june_c21]

how to write with curl () ? i not familiar with curl ()

[trq]

Did you look at the examples Ken linked you?

[june_c21]

Did you look at the examples Ken linked you?

 

yes ,

i try this code

 

<?php

//$redirect = 'http://135.27.130.204/stat123_01/nerc_1.php';
//header ("location: $redirect"); 


class mycurl {
     protected $_useragent = 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1';
     protected $_url;
     protected $_followlocation;
     protected $_timeout;
     protected $_maxRedirects;
     protected $_cookieFileLocation = './cookie.txt';
     protected $_post;
     protected $_postFields;
     protected $_referer ="http://135.27.130.204/stat123_01/nerc_1.php';";

     protected $_session;
     protected $_webpage;
     protected $_includeHeader;
     protected $_noBody;
     protected $_status;
     protected $_binaryTransfer;
     public    $authentication = 0;
     public    $auth_name      = 'produce';
     public    $auth_pass      = 'perform';

     public function useAuth($use){
       $this->authentication = 0;
       if($use == true) $this->authentication = 1;
     }

     public function setName($name){
       $this->auth_name = $name;
     }
     public function setPass($pass){
       $this->auth_pass = $pass;
     }

     public function __construct($url,$followlocation = true,$timeOut = 30,$maxRedirecs = 4,$binaryTransfer = false,$includeHeader = false,$noBody = false)
     {
         $this->_url = $url;
         $this->_followlocation = $followlocation;
         $this->_timeout = $timeOut;
         $this->_maxRedirects = $maxRedirecs;
         $this->_noBody = $noBody;
         $this->_includeHeader = $includeHeader;
         $this->_binaryTransfer = $binaryTransfer;

         $this->_cookieFileLocation = dirname(__FILE__).'/cookie.txt';

     }

     public function setReferer($referer){
       $this->_referer = $referer;
     }

     public function setCookiFileLocation($path)
     {
         $this->_cookieFileLocation = $path;
     }

     public function setPost ($postFields)
     {
        $this->_post = true;
        $this->_postFields = $postFields;
     }

     public function setUserAgent($userAgent)
     {
         $this->_useragent = $userAgent;
     }

     public function createCurl($url = 'nul')
     {
        if($url != 'nul'){
          $this->_url = $url;
        }

         $s = curl_init();

         curl_setopt($s,CURLOPT_URL,$this->_url);
         curl_setopt($s,CURLOPT_HTTPHEADER,array('Expect:'));
         curl_setopt($s,CURLOPT_TIMEOUT,$this->_timeout);
         curl_setopt($s,CURLOPT_MAXREDIRS,$this->_maxRedirects);
         curl_setopt($s,CURLOPT_RETURNTRANSFER,true);
         curl_setopt($s,CURLOPT_FOLLOWLOCATION,$this->_followlocation);
         curl_setopt($s,CURLOPT_COOKIEJAR,$this->_cookieFileLocation);
         curl_setopt($s,CURLOPT_COOKIEFILE,$this->_cookieFileLocation);

         if($this->authentication == 1){
           curl_setopt($s, CURLOPT_USERPWD, $this->auth_name.':'.$this->auth_pass);
         }
         if($this->_post)
         {
             curl_setopt($s,CURLOPT_POST,true);
             curl_setopt($s,CURLOPT_POSTFIELDS,$this->_postFields);

         }

         if($this->_includeHeader)
         {
               curl_setopt($s,CURLOPT_HEADER,true);
         }

         if($this->_noBody)
         {
             curl_setopt($s,CURLOPT_NOBODY,true);
         }
        
         curl_setopt($s,CURLOPT_USERAGENT,$this->_useragent);
         curl_setopt($s,CURLOPT_REFERER,$this->_referer);

         $this->_webpage = curl_exec($s);
                   $this->_status = curl_getinfo($s,CURLINFO_HTTP_CODE);
         curl_close($s);

     }

   public function getHttpStatus()
   {
       return $this->_status;
   }

   public function __tostring(){
      return $this->_webpage;
   }
}
$cc = new mycurl();

?> 

 

but got error Missing argument 1 for mycurl::__construct(), called in C:\wamp\www\test.php on line 134 and defined in C:\wamp\www\test.php on line 40

[june_c21]

i try this code but still failed to login . Authorization Required.

 

<?php
//extract data from the post
$ch = curl_init();

curl_setopt($ch, CURLOPT_URL,"http://135.27.130.204/stat123_01/nerc_1.php");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS.array ('username'=>'produce','password'=>'perform'));

curl_exec ($ch);
curl_close ($ch);
?>

[PFMaBiSmAd]

A) The image you posted is using Basic HTTP Authentication.

B) Using curl on your server to log in won't allow the visitor to -

automatically redirect them to the page without prompt for username and password ?

 

Which, I am guessing is why you are still getting the "Authorization Required" prompt. Using curl logs your server in. It does not log in the visitor. You could log in using curl, retrieve the data, and directly output it to the visitor.

 

You can however, put the username password in the URL (when using Basic HTTP Authentication) and it will log them in when they are redirected to that page. This does however expose the username and password, which you might not want to do.