Dynamic page login problem

[floortje]

Hi, im not sure im in the right group ive tried the explorer groups but they
seem as clueless as me. But hey, what do they know bout building sites )
So maybe there is a html solution or something that will help me. Maybe a
doctype or so ?

Anyways I got a forum where people optionally can login to to get some xtra
funtions.

If people are not logged in I show a little login form on the left side of
the page.
The only problem is the due to the ever changing url
"/vragen.php?id=[1-24000]" internet explorers password manager wont remember
the password in the forum cause it seems tot hink it's another page.

<pointless info that will prevent u form replying that I need to store stuff
in a cookie>
I store their userid and md5 password in a cookie that has exactly one year
to live.
</pointless info that will prevent u form replying that I need to store
stuff in a cookie>

Is there anyway to work around this ?

Floortje

 

[Toby A Inkster]

The only problem is the due to the ever changing url
"/vragen.php?id=[1-24000]" internet explorers password manager wont remember
the password in the forum cause it seems tot hink it's another page.

Is there anyway to work around this ?

Yes - don't change the URL.

 

[floortje]

The only problem is the due to the ever changing url
"/vragen.php?id=[1-24000]" internet explorers password manager wont remember
the password in the forum cause it seems tot hink it's another page.

Is there anyway to work around this ?

Yes - don't change the URL.

U mean post the id ... wich means noone could hyperlink to my page directly.

the location of the page stays the same just the GET varaibles change

 

[floortje]

What he's saying is only use the latter of those three, rather than
changing the URL each time the visitor accesses the page.

You appear to be using PHP, which means changing it to pull that
information from a session cookie (separate from the password cookie)
*should* be a one-line change somewhere.

'
Hehe im using cookies for session but the id part is the id of the question.
It's a forum. So vragen.php?id=3 means topic no3 etc. So I really have
little choice.

 

[Toby A Inkster]

Hehe im using cookies for session but the id part is the id of the question.
It's a forum. So vragen.php?id=3 means topic no3 etc. So I really have
little choice.

You do have a choice. It's quite simple really. "Think outside the box,"
as they say.

'vragen.php?id=3' is a script that notices that the visitor isn't logged
in, so it sets a cookie called 'return' with the value 'vragen.php?id=3'.
It now redirects to 'login.php'. 'login.php' does all the usual login
stuff. Once this is all done you inspect the value of the cookie called
'return' and redirect to whatever string it contains.

The weakness is that this solution relies on cookies. However, you are
already relying on cookies anyway.

 

[Greg Schmidt]

You do have a choice. It's quite simple really. "Think outside the box,"
as they say.

'vragen.php?id=3' is a script that notices that the visitor isn't logged
in, so it sets a cookie called 'return' with the value 'vragen.php?id=3'.
It now redirects to 'login.php'. 'login.php' does all the usual login
stuff. Once this is all done you inspect the value of the cookie called
'return' and redirect to whatever string it contains.

I think the OP's problem was that vragen.php?id=3 is seen by IE as being
different from vragen.php?id=4, and so it doesn't remember the password
when the user has chosen to take advantage of that particular security
hole to save themselves some typing and remembering.

 

[Toby A Inkster]

I think the OP's problem was that vragen.php?id=3 is seen by IE as being
different from vragen.php?id=4, and so it doesn't remember the password
when the user has chosen to take advantage of that particular security
hole to save themselves some typing and remembering.

Yes, which is why I explained that he should store the
'vragen.php?id=blah' in a cookie, redirect to a login screen with a
*fixed* URL (in my example 'login.php') and then redirect back to the
vragen page based on the contents of the cookie:

 

[floortje]

Yes, which is why I explained that he should store the
'vragen.php?id=blah' in a cookie, redirect to a login screen with a
*fixed* URL (in my example 'login.php') and then redirect back to the
vragen page based on the contents of the cookie:

interesting ... id stands for the question id in the forum.
Too bad it's not a good solution. I only rely on cookies to login to get
extra functions so anyone without cookies can still read and post in the
forum.

 

[Greg Schmidt]

Ah, I understood the situation the OP was describing differently from
how you understood it, so when I read your post it got something less
useful out of it that I might have. Maybe the OP had the same confusion
I did.

interesting ... id stands for the question id in the forum.
Too bad it's not a good solution. I only rely on cookies to login to get
extra functions so anyone without cookies can still read and post in the
forum.

Toby's solution can be easily morphed into having a link from your
question pages to the separate login page with a fixed URL, rather than
an automatic redirect. Does this solution work any better for you?