Solved

ASP.Net / C# - How to pass HTML form variables to a Login page

Posted on 2007-11-13
12
7,353 Views
Last Modified: 2010-08-05
I need to pass HTML form variables to a Login ...
the format is like this... how in C# can i do this so the 'target' page is submitted? What's the best approach?
Thanks

<html>
<form name="Login" METHOD="POST"  ACTION="https://www.Website/LoginControl.asp">
<input type="hidden" name="user" VALUE="ABC" size="15" maxlength="15">
<input type="hidden" name="password" VALUE="12345" size="15" maxlength="15">
<input type="submit" name="B1" value="SUBMIT">
</form>
</html>
0
Comment
Question by:JElster
12 Comments
 
LVL 17

Expert Comment

by:xDJR1875
Comment Utility
in the page load event of the target page, grab the values you are passing like so...

if (null != Request["user"] )
{string sUser = Request["user"].ToString();}
else
{ return; }  // no value so don't attempt to parse
if (null != Request["password"] )
{string sPassword = Request["password"].ToString();}
else
{ return; }  // no value so don't attempt to parse

If you are able to fill these values, you can then process them the same as if you had hit the login button on the form.
so...if you have values do something like the following to check the user
validateLogin(sUser, sPassword);

of course you need to have created the validateLogin() routine

hth

0
 
LVL 1

Author Comment

by:JElster
Comment Utility
Hi.. I don't have 'access' to the target login page code... it's a commerical app.
thanks
0
 
LVL 35

Expert Comment

by:mrichmon
Comment Utility
I am not sure what you are looking for.

In .NET in general you would use

<asp:textbox id="user" />
for a visible input or

<asp:hiddenfield id="user" />
for a hidden field.

Then on the page code behind you would use

user.Text or user.Value to get the results (depending on which method you used)

That way you avoid using the Request object.

In general asp.net pages post to themselves unless you enable cross-page posting.  but there is often not a need for this in a login page.
0
 
LVL 16

Expert Comment

by:anoyes
Comment Utility
I assume there's an existing login page that you're trying to replace?  Is the existing page a .html page, or a .aspx page?  If it's a .aspx page it may not be as easy to replace as just making a new .html page and pointing to that instead.  Can you give me some more info about what you're doing and how you're trying to go about doing it?
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 1

Author Comment

by:JElster
Comment Utility
I'm trying to implement a 'silent login' that accepts the enclosed html form values...
I have no control over the 'target' login page... it just accepts   username, & password...
I want to automate the login from another page... pass the user and password to the login page and 'hit' submit... thanks
0
 
LVL 16

Expert Comment

by:anoyes
Comment Utility
I can't think of any way to do that without modifying the 'target' login page somewhat based on how you've described it.  I would imagine this may have something to do with security so that a page can't make a user 'click' on something they did not intend to.  Is the target login page a .aspx page?
0
 
LVL 1

Author Comment

by:JElster
Comment Utility
Please refund my points.. thanks
0
 
LVL 1

Accepted Solution

by:
JElster earned 0 total points
Comment Utility
It's an asp page.. it's a commecial application / login in page.
I was able to do it with the following code...


            RemotePost myremotepost = new RemotePost();
            myremotepost.Url = "https://www.Website/LoginControl.asp";
            myremotepost.Add("LoginKey", "xyz");
             myremotepost.Add("usercode", _usercode);
            myremotepost.Add("password", _Password);
           
            myremotepost.Post();



 public class RemotePost
    {
        private System.Collections.Specialized.NameValueCollection Inputs = new System.Collections.Specialized.NameValueCollection();
        public string Url = "";
        public string Method = "post";
        public string FormName = "signinForm";
        public void Add(string name, string value)
        {
            Inputs.Add(name, value);
        }
        public void Post()
        {
            System.Web.HttpContext.Current.Response.Clear();

            System.Web.HttpContext.Current.Response.Write("<html><head>");

            System.Web.HttpContext.Current.Response.Write(string.Format("</head><body onload=\"document.{0}.submit()\">", FormName));
            System.Web.HttpContext.Current.Response.Write(string.Format("<form name=\"{0}\" method=\"{1}\" action=\"{2}\" >", FormName, Method, Url));
            for (int i = 0; i < Inputs.Keys.Count; i++)
            {
                System.Web.HttpContext.Current.Response.Write(string.Format("<input name=\"{0}\" type=\"hidden\" value=\"{1}\">", Inputs.Keys[i], Inputs[Inputs.Keys[i]]));
            }
            System.Web.HttpContext.Current.Response.Write("</form>");
            System.Web.HttpContext.Current.Response.Write("</body></html>");

            System.Web.HttpContext.Current.Response.End();
        }
    }
0
 
LVL 1

Expert Comment

by:Vee_Mod
Comment Utility
Closed, 350 points refunded.
Vee_Mod
Community Support Moderator
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

This article introduced a TextBox that supports transparent background.   Introduction TextBox is the most widely used control component in GUI design. Most GUI controls do not support transparent background and more or less do not have the…
Calculating holidays and working days is a function that is often needed yet it is not one found within the Framework. This article presents one approach to building a working-day calculator for use in .NET.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now