Dynamic page login problem

Discussion in 'HTML' started by floortje, Sep 11, 2003.

  1. floortje

    floortje Guest

    Hi, im not sure im in the right group ive tried the explorer groups but they
    seem as clueless as me. But hey, what do they know bout building sites :))
    So maybe there is a html solution or something that will help me. Maybe a
    doctype or so ?

    Anyways I got a forum where people optionally can login to to get some xtra
    funtions.

    If people are not logged in I show a little login form on the left side of
    the page.
    The only problem is the due to the ever changing url
    "/vragen.php?id=[1-24000]" internet explorers password manager wont remember
    the password in the forum cause it seems tot hink it's another page.

    <pointless info that will prevent u form replying that I need to store stuff
    in a cookie>
    I store their userid and md5 password in a cookie that has exactly one year
    to live.
    </pointless info that will prevent u form replying that I need to store
    stuff in a cookie>

    Is there anyway to work around this ?

    Floortje
    floortje, Sep 11, 2003
    #1
    1. Advertising

  2. floortje wrote:

    > The only problem is the due to the ever changing url
    > "/vragen.php?id=[1-24000]" internet explorers password manager wont remember
    > the password in the forum cause it seems tot hink it's another page.
    >
    > Is there anyway to work around this ?


    Yes - don't change the URL.

    --
    Toby A Inkster BSc (Hons) ARCS
    Contact Me - http://www.goddamn.co.uk/tobyink/?id=132
    Toby A Inkster, Sep 11, 2003
    #2
    1. Advertising

  3. floortje

    floortje Guest

    "Toby A Inkster" <> schreef in bericht
    news:p...
    > floortje wrote:
    >
    > > The only problem is the due to the ever changing url
    > > "/vragen.php?id=[1-24000]" internet explorers password manager wont

    remember
    > > the password in the forum cause it seems tot hink it's another page.
    > >
    > > Is there anyway to work around this ?

    >
    > Yes - don't change the URL.


    U mean post the id ... wich means noone could hyperlink to my page directly.

    the location of the page stays the same just the GET varaibles change
    floortje, Sep 11, 2003
    #3
  4. floortje

    floortje Guest

    "Owen Jacobson" <> schreef in bericht
    news:%2a8b.6358$...
    > floortje wrote:
    >
    > >
    > > "Toby A Inkster" <> schreef in
    > > bericht news:p...
    > > >
    > > > Yes - don't change the URL.

    > >



    > What he's saying is only use the latter of those three, rather than
    > changing the URL each time the visitor accesses the page.
    >
    > You appear to be using PHP, which means changing it to pull that
    > information from a session cookie (separate from the password cookie)
    > *should* be a one-line change somewhere.

    '
    Hehe im using cookies for session but the id part is the id of the question.
    It's a forum. So vragen.php?id=3 means topic no3 etc. So I really have
    little choice.
    floortje, Sep 12, 2003
    #4
  5. floortje wrote:

    > Hehe im using cookies for session but the id part is the id of the question.
    > It's a forum. So vragen.php?id=3 means topic no3 etc. So I really have
    > little choice.


    You do have a choice. It's quite simple really. "Think outside the box,"
    as they say. :)

    'vragen.php?id=3' is a script that notices that the visitor isn't logged
    in, so it sets a cookie called 'return' with the value 'vragen.php?id=3'.
    It now redirects to 'login.php'. 'login.php' does all the usual login
    stuff. Once this is all done you inspect the value of the cookie called
    'return' and redirect to whatever string it contains.

    The weakness is that this solution relies on cookies. However, you are
    already relying on cookies anyway.

    --
    Toby A Inkster BSc (Hons) ARCS
    Contact Me - http://www.goddamn.co.uk/tobyink/?id=132
    Toby A Inkster, Sep 12, 2003
    #5
  6. floortje

    Greg Schmidt Guest

    On Fri, 12 Sep 2003 22:00:33 +0100, Toby A Inkster
    <> wrote:

    >floortje wrote:
    >
    >> Hehe im using cookies for session but the id part is the id of the question.
    >> It's a forum. So vragen.php?id=3 means topic no3 etc. So I really have
    >> little choice.

    >
    >You do have a choice. It's quite simple really. "Think outside the box,"
    >as they say. :)
    >
    >'vragen.php?id=3' is a script that notices that the visitor isn't logged
    >in, so it sets a cookie called 'return' with the value 'vragen.php?id=3'.
    >It now redirects to 'login.php'. 'login.php' does all the usual login
    >stuff. Once this is all done you inspect the value of the cookie called
    >'return' and redirect to whatever string it contains.


    I think the OP's problem was that vragen.php?id=3 is seen by IE as being
    different from vragen.php?id=4, and so it doesn't remember the password
    when the user has chosen to take advantage of that particular security
    hole to save themselves some typing and remembering.

    --
    Greg Schmidt ()
    Trawna Publications (http://www.trawna.com/)
    Greg Schmidt, Sep 14, 2003
    #6
  7. Greg Schmidt wrote:

    > I think the OP's problem was that vragen.php?id=3 is seen by IE as being
    > different from vragen.php?id=4, and so it doesn't remember the password
    > when the user has chosen to take advantage of that particular security
    > hole to save themselves some typing and remembering.


    Yes, which is why I explained that he should store the
    'vragen.php?id=blah' in a cookie, redirect to a login screen with a
    *fixed* URL (in my example 'login.php') and then redirect back to the
    vragen page based on the contents of the cookie:

    >>'vragen.php?id=3' is a script that notices that the visitor isn't logged
    >>in, so it sets a cookie called 'return' with the value
    >>'vragen.php?id=3'. It now redirects to 'login.php'. 'login.php' does all
    >>the usual login stuff. Once this is all done you inspect the value of
    >>the cookie called 'return' and redirect to whatever string it contains.


    --
    Toby A Inkster BSc (Hons) ARCS
    Contact Me - http://www.goddamn.co.uk/tobyink/?id=132
    Toby A Inkster, Sep 14, 2003
    #7
  8. floortje

    floortje Guest

    "Toby A Inkster" <> schreef in bericht
    news:p...
    > Greg Schmidt wrote:
    >
    > > I think the OP's problem was that vragen.php?id=3 is seen by IE as being
    > > different from vragen.php?id=4, and so it doesn't remember the password
    > > when the user has chosen to take advantage of that particular security
    > > hole to save themselves some typing and remembering.

    >
    > Yes, which is why I explained that he should store the
    > 'vragen.php?id=blah' in a cookie, redirect to a login screen with a
    > *fixed* URL (in my example 'login.php') and then redirect back to the
    > vragen page based on the contents of the cookie:
    >

    interesting ... id stands for the question id in the forum.
    Too bad it's not a good solution. I only rely on cookies to login to get
    extra functions so anyone without cookies can still read and post in the
    forum.
    floortje, Sep 14, 2003
    #8
  9. floortje

    Greg Schmidt Guest

    On Sun, 14 Sep 2003 18:28:05 +0200, "floortje"
    <> wrote:

    >
    >"Toby A Inkster" <> schreef in bericht
    >news:p...
    >> Greg Schmidt wrote:
    >>
    >> > I think the OP's problem was that vragen.php?id=3 is seen by IE as being
    >> > different from vragen.php?id=4, and so it doesn't remember the password
    >> > when the user has chosen to take advantage of that particular security
    >> > hole to save themselves some typing and remembering.

    >>
    >> Yes, which is why I explained that he should store the
    >> 'vragen.php?id=blah' in a cookie, redirect to a login screen with a
    >> *fixed* URL (in my example 'login.php') and then redirect back to the
    >> vragen page based on the contents of the cookie:


    Ah, I understood the situation the OP was describing differently from
    how you understood it, so when I read your post it got something less
    useful out of it that I might have. Maybe the OP had the same confusion
    I did.

    >interesting ... id stands for the question id in the forum.
    >Too bad it's not a good solution. I only rely on cookies to login to get
    >extra functions so anyone without cookies can still read and post in the
    >forum.


    Toby's solution can be easily morphed into having a link from your
    question pages to the separate login page with a fixed URL, rather than
    an automatic redirect. Does this solution work any better for you?

    --
    Greg Schmidt ()
    Trawna Publications (http://www.trawna.com/)
    Greg Schmidt, Sep 14, 2003
    #9
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Hermit Dave

    Forms Login Page Not Login Out

    Hermit Dave, Jan 12, 2004, in forum: ASP .Net
    Replies:
    5
    Views:
    476
    Hermit Dave
    Jan 13, 2004
  2. Sasquatch
    Replies:
    2
    Views:
    1,308
    Sasquatch
    Oct 3, 2006
  3. Shannon

    login page stays on login page

    Shannon, Jan 9, 2008, in forum: ASP .Net
    Replies:
    2
    Views:
    537
    Shannon
    Jan 9, 2008
  4. Pascal Blanchard
    Replies:
    0
    Views:
    246
    Pascal Blanchard
    Aug 17, 2004
  5. Pascal Blanchard
    Replies:
    1
    Views:
    278
    Pascal Blanchard
    Aug 18, 2004
Loading...

Share This Page