• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 278
  • Last Modified:

copy content of the "userid" field

Hi, I have 2 html pages, the first page(http://www.example.com/page1.html) on my website is using this php code and then goes to www.page2.com:
<?
  $userid = $_POST['userid'] ;
  $pass = $_POST['pass'] ;
   header( "Location: http://www.members.com/page2.html" );
?>
If the user complete the steps and the password is incorrect he will be redirected to another page hosted on a different domain but has the same form and same fields eg: http://www.members.com/page2.html (different domain)
How do I make that the input from userid field (from the first page) to be automatically filled in the second page on the userid field there after error ocured?
0
loopax
Asked:
loopax
  • 3
  • 3
  • 2
  • +1
1 Solution
 
psimationCommented:
Add the variables into the URL of the header() function [ http://www.members.com/page2.html?userid=xxx&pass=yyy], and then access the variables in the $_GET[] array
0
 
Steve BinkCommented:
Oh my...I wouldn't do that.  That exposes the userid and password on the URL, which could compromise your system.  Suppose someone is standing behind me as I log in, but I mistype my password.  The plain-text typo would be visible in the URL after the first attempt.  Granted, it isn't my real password, but it could serve as the base platform from which to launch brute-force or dictionary attack.  

A better option would be to use a session variable.  That should allow the server to track the information, and keep it hidden from prying eyes.

With either option, be aware of the possibilities for attack using this as a vector.  As always, make sure you properly encode (real_escape_string() or htmlentities()) the data before displaying or hitting a database.

0
 
frinCommented:
This page contains solution to your answer:

http://www.experts-exchange.com/Web/Web_Languages/PHP/Q_20781687.html
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
psimationCommented:
Security will be an issue; but it can be "solved" easily by simply hashing the username and password.

Will sessions work accross different domains - never tried it before?
0
 
Steve BinkCommented:
>>> Will sessions work accross different domains - never tried it before?

Not unless the two domains have a way to sync 'em up.  For that, you'd use the method found in frin's link.  It uses a thunker to recreate a form post to the site, grab the session cookie, then forward the client there with that session id.  Even so, that only works if the remote site allows sessions in the URLs.

I suppose hashing the postvars (frin's link has an example of that also, btw) would provide the necessary security, but I'm naturally wary of any information being posted to the URL.  I conceded using it for page index variables and search terms after a long fight, but I still wouldn't use it for anything 'important' like authentication tokens.

@loopax: do you control the remote domain whose form you need to populate?  If so, by what mechanism does it populate the fields on its own?  If not, this may not even be an option for you.
0
 
loopaxAuthor Commented:
@routinet , I control only the first domain
0
 
Steve BinkCommented:
Definitely take a look at frin's link...that might be the only this could happen.  Since you don't control the other domain, you can not make it do anything.  But if you know how it works, you can take advantage of that knowledge to build something seamless.

Just so you know, the example in that link is essentially a session hijack done on purpose.  Your server starts a session by posting the form fields to the remote.  It receives back a session id, which it then passes to your client in the form of a redirection URL.  The session id appears in the URL - this method is seamless, but not transparent, and it does present its own vulnerabilities.
0
 
loopaxAuthor Commented:
Ok, I manage to do something I think, It seems that I can use the header location like this :
header( "Location: http://www.site_registered_to?&userid=$userid&pass=$pass");
The problem now seems to be the cookie, because I am getting browser rejecting cookies error after trying to submit. What I saw is that there if u try to log in normally to the second site using their forms but with any userid and pass even incorrect ones, and right after the error you go and use your forms and try to log in from there it works! So practically you have their cookie which can be used to log in anytime ? What can be done about this ? I was thinking to do somehow to get that login error first(on the second domain to get the cookie) then try to submit the form from my domain.
I want to do it using most simple method no matter security, because I am like a beginer in php js etc.. any ideeas? Thanks
0
 
loopaxAuthor Commented:
I'll write a new question because I think the part I needed i solved and now is the cookie part which I need to get solved. Thanks for help everyone
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

  • 3
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now