loopax
asked on
copy content of the "userid" field
Hi, I have 2 html pages, the first page(http://www.example.com/page1.html) on my website is using this php code and then goes to www.page2.com:
<?
$userid = $_POST['userid'] ;
$pass = $_POST['pass'] ;
header( "Location: http://www.members.com/page2.html" );
?>
If the user complete the steps and the password is incorrect he will be redirected to another page hosted on a different domain but has the same form and same fields eg: http://www.members.com/page2.html (different domain)
How do I make that the input from userid field (from the first page) to be automatically filled in the second page on the userid field there after error ocured?
<?
$userid = $_POST['userid'] ;
$pass = $_POST['pass'] ;
header( "Location: http://www.members.com/page2.html" );
?>
If the user complete the steps and the password is incorrect he will be redirected to another page hosted on a different domain but has the same form and same fields eg: http://www.members.com/page2.html (different domain)
How do I make that the input from userid field (from the first page) to be automatically filled in the second page on the userid field there after error ocured?
psimation
Add the variables into the URL of the header() function [ http://www.members.com/page2.html?userid=xxx&pass=yyy], and then access the variables in the $_GET[] array
Oh my...I wouldn't do that. That exposes the userid and password on the URL, which could compromise your system. Suppose someone is standing behind me as I log in, but I mistype my password. The plain-text typo would be visible in the URL after the first attempt. Granted, it isn't my real password, but it could serve as the base platform from which to launch brute-force or dictionary attack.
A better option would be to use a session variable. That should allow the server to track the information, and keep it hidden from prying eyes.
With either option, be aware of the possibilities for attack using this as a vector. As always, make sure you properly encode (real_escape_string() or htmlentities()) the data before displaying or hitting a database.
A better option would be to use a session variable. That should allow the server to track the information, and keep it hidden from prying eyes.
With either option, be aware of the possibilities for attack using this as a vector. As always, make sure you properly encode (real_escape_string() or htmlentities()) the data before displaying or hitting a database.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Security will be an issue; but it can be "solved" easily by simply hashing the username and password.
Will sessions work accross different domains - never tried it before?
Will sessions work accross different domains - never tried it before?
>>> Will sessions work accross different domains - never tried it before?
Not unless the two domains have a way to sync 'em up. For that, you'd use the method found in frin's link. It uses a thunker to recreate a form post to the site, grab the session cookie, then forward the client there with that session id. Even so, that only works if the remote site allows sessions in the URLs.
I suppose hashing the postvars (frin's link has an example of that also, btw) would provide the necessary security, but I'm naturally wary of any information being posted to the URL. I conceded using it for page index variables and search terms after a long fight, but I still wouldn't use it for anything 'important' like authentication tokens.
@loopax: do you control the remote domain whose form you need to populate? If so, by what mechanism does it populate the fields on its own? If not, this may not even be an option for you.
Not unless the two domains have a way to sync 'em up. For that, you'd use the method found in frin's link. It uses a thunker to recreate a form post to the site, grab the session cookie, then forward the client there with that session id. Even so, that only works if the remote site allows sessions in the URLs.
I suppose hashing the postvars (frin's link has an example of that also, btw) would provide the necessary security, but I'm naturally wary of any information being posted to the URL. I conceded using it for page index variables and search terms after a long fight, but I still wouldn't use it for anything 'important' like authentication tokens.
@loopax: do you control the remote domain whose form you need to populate? If so, by what mechanism does it populate the fields on its own? If not, this may not even be an option for you.
ASKER
@routinet , I control only the first domain
Definitely take a look at frin's link...that might be the only this could happen. Since you don't control the other domain, you can not make it do anything. But if you know how it works, you can take advantage of that knowledge to build something seamless.
Just so you know, the example in that link is essentially a session hijack done on purpose. Your server starts a session by posting the form fields to the remote. It receives back a session id, which it then passes to your client in the form of a redirection URL. The session id appears in the URL - this method is seamless, but not transparent, and it does present its own vulnerabilities.
Just so you know, the example in that link is essentially a session hijack done on purpose. Your server starts a session by posting the form fields to the remote. It receives back a session id, which it then passes to your client in the form of a redirection URL. The session id appears in the URL - this method is seamless, but not transparent, and it does present its own vulnerabilities.
ASKER
Ok, I manage to do something I think, It seems that I can use the header location like this :
header( "Location: http://www.site_registered_to?&userid=$userid&pass=$pass");
The problem now seems to be the cookie, because I am getting browser rejecting cookies error after trying to submit. What I saw is that there if u try to log in normally to the second site using their forms but with any userid and pass even incorrect ones, and right after the error you go and use your forms and try to log in from there it works! So practically you have their cookie which can be used to log in anytime ? What can be done about this ? I was thinking to do somehow to get that login error first(on the second domain to get the cookie) then try to submit the form from my domain.
I want to do it using most simple method no matter security, because I am like a beginer in php js etc.. any ideeas? Thanks
header( "Location: http://www.site_registered_to?&userid=$userid&pass=$pass");
The problem now seems to be the cookie, because I am getting browser rejecting cookies error after trying to submit. What I saw is that there if u try to log in normally to the second site using their forms but with any userid and pass even incorrect ones, and right after the error you go and use your forms and try to log in from there it works! So practically you have their cookie which can be used to log in anytime ? What can be done about this ? I was thinking to do somehow to get that login error first(on the second domain to get the cookie) then try to submit the form from my domain.
I want to do it using most simple method no matter security, because I am like a beginer in php js etc.. any ideeas? Thanks
ASKER
I'll write a new question because I think the part I needed i solved and now is the cookie part which I need to get solved. Thanks for help everyone