Add username and password to a web page shortcut

[bofhrevenge2]

I have a web site that uses php and has a form that requires a username and password to logon, is there a way that i can create a shortcut that will pass the username and password?

I seem to remember this being possible in the past. Users been able to see the password is not a problem in this situation.

Cheers.

I don't mean to sound bitter, cold, or cruel, but I am, so that's how it comes out - Bill Hicks

 

[jpadie]

if you mean pre-fill the form then why not just write the values into the form html using php
eg

$username ="foo";//lookup from db?
<input type="text" name="username" value ="<?=$username?>" />

 

[bofhrevenge2]

Sorry i didn't explain myself very well, this is the site below and you can see where the username and password need to go.

http://www.independence.co.uk/issuesonline.php?name=index

Will your suggestion work here?

Cheers.

I don't mean to sound bitter, cold, or cruel, but I am, so that's how it comes out - Bill Hicks

 

[jpadie]

if i have understood your question (that you want to prefill the un and pwd), yes it will.

but how will you identify the incoming user? with a cookie?

i think i may have misunderstood your question though: as the above doesn't feel very secure to me.

 

[bofhrevenge2]

There are about 200 users who will all be using the same password to access the site, so it doesn't need to distinguish who is accessing the site. They just don't want to keep typing in the password, the shortcut will be on a network share where only allowed users can see anyway.

Cheers.

I don't mean to sound bitter, cold, or cruel, but I am, so that's how it comes out - Bill Hicks

 

[traingamer]

Why don't you just disable the password checking in the application if you aren't worried about security?

traingamer

 

[bofhrevenge2]

It's not my website, it's one that we've subscribed to.

I don't mean to sound bitter, cold, or cruel, but I am, so that's how it comes out - Bill Hicks

 

[Bastien]

use a cookie and set the values based on the cookie. Like they do here

Bastien

I wish my computer would do what I want it to do,
instead of what I tell it to do...

 

[bofhrevenge2]

The site doesn't give an option to save a cookie, are you suggesting i create a cookie somehow?

Thanks.

I don't mean to sound bitter, cold, or cruel, but I am, so that's how it comes out - Bill Hicks

 

[bofhrevenge2]

Any other suggestions?

Thanks.

I don't mean to sound bitter, cold, or cruel, but I am, so that's how it comes out - Bill Hicks

 

[traingamer]

Getting the password manager in the browser to save it sounds like your best bet if you do not have any control over the actual website.

traingamer

 

[lgarner]

You could try putting the information in the url, like this:

http://sitename/login.php?username=user&password=pass

I notice that the form specifies "post", but if you're lucky they used $_REQUEST instead of $_POST in the program. Might be worth a shot.

 

[jpadie]

there seems to be some confusion about whether the site independence.co.uk is controlled by you.

if it is controlled by you then we can help you with how to set cookies (this is done by the server and not by the client, although the client can refuse cookies).

if the site is not controlled by you there may still be ways that we can assist, perhaps by
(a)framing the page with one that is in your control and using cookies and javascript to insert the username and password into the right field names.
(b) dummying the login form on a site controlled by you (this will work unless the receiving page checks for the referring page).

But to give you more precise help we do need the answer to the question of whether you have control of the code of the site with the login form (i know that the site that the form logs you into is not within your control - this is not a problem).

 

[bofhrevenge2]

It's not my website, it's one that we've subscribed to.

The problem is that the site owners have provided a username and password for our entire organisation to use, but the users can't be bothered to remember it. The site is completely out of my control but I do have a web server here with our intranet on so if you can suggest a way to fool their site using a page on ours then I’m all ears.

Thank you.


I don't mean to sound bitter, cold, or cruel, but I am, so that's how it comes out - Bill Hicks

 

[bofhrevenge2]

Basically if it's not straight forward then i'll just tell them tough they'll have to enter the password every time so don't spend much time on it.

Cheers.

I don't mean to sound bitter, cold, or cruel, but I am, so that's how it comes out - Bill Hicks

 

[jpadie]

I have no idea whether the

http://www.independence.co.uk

have added in any session or other intelligence to their login regime.

Assuming that there is limited intelligence, try the code below as part of your intranet. If all goes well, it will log the users into the site with your group credentials (which you input into the script as the $username and $password variables).
You will, of course, need to direct your users to this login page rather than the

http://www.independence.co.uk

login page (or do something funky with the hosts file).

hth
Justin

<?
$username = "";// fill in the username here
$password ="" ; // fill in the password here
?>
<form method="post" action="[URL unfurl="true"]http://www.independence.co.uk/issuesonline.php"[/URL] name="logIn">
<input type="text" name="username" value="<?=$username?>" />
<input type="hidden" name="password" value="<?=$password?>" />
<input type="submit" name="Login" value="Login" />
</form>