Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Association between website

Posted on 2011-09-26
5
Medium Priority
?
199 Views
Last Modified: 2012-05-12
Hi,

I need to link from mysite to another website when a user is logged in, I'm wondering what the best way of doing this would be.

One thought that comes to mind would be to hold a identical SALT on both servers and pass as MD5 hash between via a link with a url, passing the user name too.

So somthing like:

$userid = "tom"
define('SALT','654gf4t5g6GTDY');
$hash = md5(SALT.$userid);

then on other end

define('SALT','654gf4t5g6GTDY');

if md5(SALT.$passedid) == $passedhash){
echo "link ok";
}

Open in new window


Is this the best way of doing it.

Darren
0
Comment
Question by:darren-w-
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 111

Accepted Solution

by:
Ray Paseur earned 2000 total points
ID: 36598481
This kind of cross-site authentication makes some sense to me.  You might want to put it behind HTTPS just in case.
0
 
LVL 13

Author Comment

by:darren-w-
ID: 36598506
Thanks Ray, assuming the user will be logged in via https on my side, would the link to the external page need to be via https?
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 36598526
Yes, it could.  HTTPS is not required, it's just a good security precaution if you're going to be transferring any sensitive data between the sites.

The general design pattern might be a site-to-site handshake like the one illustrated here, adding your md5() string into the mix.
<?php // RAY_REST_get_last_name.php
error_reporting(E_ALL);



// DEMONSTRATE HOW A RESTFUL WEB SERVICE WORKS
// INPUT FIRST NAME, OUTPUT FAMILY NAME
// CALLING EXAMPLE:
// file_get_contents('http://laprbass.com/RAY_REST_get_last_name.php?key=ABC&resp=XML&name=Ray');



// OUR DATA MODEL CONTAINS ALL THE ANSWERS - THIS COULD BE A DATA BASE - AS SIMPLE OR COMPLEX AS NEEDED
$dataModel
= array
( 'Brian'   => 'Portlock'
, 'Ray'     => 'Paseur'
, 'Richard' => 'Quadling'
, 'Dave'    => 'Baldwin'
)
;


// RESPONSE CAN BE PLAIN TEXT OR XML FORMAT
$alpha = NULL;
$omega = NULL;
if ( (isset($_GET["resp"])) && ($_GET["resp"] == 'XML') )
{
    // PREPARE THE XML WRAPPER
    $alpha = '<response>';
    $omega = '</response>';
}



// TEST THE 'API KEY' - THIS COULD BE A DATA BASE VALIDATION LOOKUP - AS SIMPLE OR COMPLEX AS NEEDED
$key = (!empty($_GET["key"])) ? $_GET["key"] : FALSE;
if ($key !== 'ABC')
{
    echo $alpha . 'BOGUS API KEY' . $omega;
    die();
}



// LOOK UP THE FAMILY NAME
$name = (!empty($_GET["name"])) ? $_GET["name"] : 'UNKNOWN';

// IF THE NAME FROM THE URL IS FOUND IN THE DATA MODEL
if (array_key_exists($name, $dataModel))
{
    // RETURNS THE APPROPRIATE FAMILY NAME FROM THE DATA MODEL
    echo $alpha . $dataModel[$name] . $omega;
    die();
}

// RETURNS THE UNKNOWN NAME INDICATOR
else
{
    echo $alpha . 'UNKNOWN' . $omega;
    die();
}

Open in new window

0
 
LVL 13

Author Closing Comment

by:darren-w-
ID: 36598556
Great thanks Ray
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 36598579
Thanks for the points - it's a great question. ~Ray
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

CTAs encourage people to do something specific to show interest in your company, product or service. Keep reading to learn why CTAs should always be thought of as extremely important, albeit small, sections of websites.
When the s#!t hits the fan, you don’t have time to look up who’s on call, draft emails, call collaborators, or send text messages. An instant chat window is definitely the way to go, especially one like HipChat. HipChat is a true business app. An…
This tutorial walks through the best practices in adding a local business to Google Maps including how to properly search for duplicates, marker placement, and inputing business details. Login to your Google Account, then search for "Google Mapmaker…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question