Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Form Submit

Posted on 2003-03-18
Medium Priority
Last Modified: 2008-03-06
  we need to make an ammendment to our mail system
but im stuck with the login.

At the moment all users go to the same internal site.
enter the email addres and click next. this looks the
user up in the database and stores the user id as a hidden
value and change the form tag to represent the correct server
for this user. They then enter the password and log in.

What they want is everyone goes to the same page and
enters the email address and password on one page
i.e hotmail and the login straight in.

The problem is our mail systems are on different urls
ie server1.mail.com server2.mail.com ...

Is there any way of posting this data safley.???
Question by:tsPHP
  • 3
  • 2

Expert Comment

ID: 8161028
Which version of PHP are you using?

Author Comment

ID: 8165207
& Register globals is ON

Would this make a major difference.

Expert Comment

ID: 8167294
You could have a second page take the username and password, determine the correct email server and then forward the user via HTTP headers. ie:

$uname = $_POST["username"];
$pword = $_POST["password"];
$emailserver = ##-= Code to get email server =- or "fail";
if ($emailserver != "fail"):
    header("Location: $emailserver /r/n");
    header("Locaion: $loginpage /r/n");

You'll need to brush up on HTTP headers (check the PHP documentation for some standard sets). The page -should- wind up being transparent to the user, as it will load, pass to a new page or fail back to the login page. Note that there may be security issues on non-secure pages.
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.


Author Comment

ID: 8167572
  I can now direct them towards the right mail server but
this script will not pass the username and password
to the new url which is one a different server. If i dont
pass the username and password it will not log the user in.

I mentioned security issues because i have a way of doing
this but its not safe.
It was similar to as above but used javascript to auto submit a for with hidden values for username and password.

I hope what ive said makes sense.
Im going to look at HTTP headers in more detail to see if i can pass values between pages using this.


Expert Comment

ID: 8168220
You need a database server that both web servers can access.  This way, you can create an encrypted login authorization record on the db server when the user logs in.  Then you can pass one of the fields (i.e. username) along with the HTTP header:

i.e.  header("Location: $emailserver?username=$uname");

When the receiving server gets the page, it could make a connection to the same MySQL server and select the authorization based on the username.

You would have to be careful to remove the auth record once it has been used.

Unfortunately, this is just a work-around, but it's the best i can think of.

Accepted Solution

Thunder27 earned 150 total points
ID: 8168268
Here's an example...  it's freeware, but is for PHP4 with PostgreSQL.  It's basically a session management program for doing exactly what you need to do... hope this helps.


Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this. Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it i…
Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
Suggested Courses

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question