1

Topic: Auto Login

Is there a way that i can do something like login.php?username=Tyler&password=userspassword  or something like that in a link to auto login someone?

Re: Auto Login

Take a look in the login page: there should be a checkbox to log you in every time you go to the forum ;-)

Re: Auto Login

If you really must be able to provide the username and password via the URL, you can hack login.php to fetch the username and password from the PHP array $_REQUEST instead of $_POST.

"Programming is like sex: one mistake and you have to support it for the rest of your life."

4

Re: Auto Login

Rickard wrote:

If you really must be able to provide the username and password via the URL, you can hack login.php to fetch the username and password from the PHP array $_REQUEST instead of $_POST.

Will the login page still work as it does, and with the new way?

Re: Auto Login

Yes.

"Programming is like sex: one mistake and you have to support it for the rest of your life."

6

Re: Auto Login

Strange i cant get it to work, oh well.

Re: Auto Login

Here's how. Open up login.php and locate:

if (isset($_POST['form_sent']) && $action == 'in')
{
    $form_username = unescape(trim($_POST['req_username']));
    $form_password = unescape(trim($_POST['req_password']));

and replace it with

if (isset($_REQUEST['form_sent']) && $action == 'in')
{
    $form_username = unescape(trim($_REQUEST['req_username']));
    $form_password = unescape(trim($_REQUEST['req_password']));

Then, to login, you access the script via:

login.php?form_sent=1&action=in&req_username=USERNAME&req_password=PASSWORD

"Programming is like sex: one mistake and you have to support it for the rest of your life."

8

Re: Auto Login

Thanks.

Re: Auto Login

but  its wont be safe method know?

God wisely designed the human body so that we can neither pat our own backs nor kick ourselves too easily

Re: Auto Login

It will not be any less safe provided that people don't lose track of their "login URL".

"Programming is like sex: one mistake and you have to support it for the rest of your life."

11 (edited by StevenBullen 2006-09-05 13:48)

Re: Auto Login

Can someone tell me why this wont work now?


EDIT:I have taken unescape away and it works now.

Still any comments would be good.

Re: Auto Login

I would assume unescape was a PunBB function in an earlier version which no longer exists?

Re: Auto Login

Hello! I have a error whith this code.
when login
login.php?form_sent=1&action=in&req_username=MyUsername&req_password=MyPassword
I have

Fatal error: Call to undefined function: unescape() in /var/www/html/l/lesbizounours/forums/login.php on line 40

In login.php, I have

(ligne 38) if (isset($_REQUEST['form_sent']) && $action == 'in')
(ligne 39) {
(ligne 40) $form_username = unescape(trim($_REQUEST['req_username']));
(ligne 41) $form_password = unescape(trim($_REQUEST['req_password']));

Thank you in advance

Re: Auto Login

Pssychoz wrote:

Hello! I have a error whith this code.
when login
login.php?form_sent=1&action=in&req_username=MyUsername&req_password=MyPassword
I have

Fatal error: Call to undefined function: unescape() in /var/www/html/l/lesbizounours/forums/login.php on line 40

In login.php, I have

(ligne 38) if (isset($_REQUEST['form_sent']) && $action == 'in')
(ligne 39) {
(ligne 40) $form_username = unescape(trim($_REQUEST['req_username']));
(ligne 41) $form_password = unescape(trim($_REQUEST['req_password']));

Thank you in advance

I have no idea what unescape() does, but try replacing it with $db->escape()

Re: Auto Login

It works fine with "$db->escape()". Thanks!