View Full Version : Login from differnt site

02-17-2005, 12:32 PM
I was just wondering can you log onto a site from somewhere else.
So for exmple I want to login at something like www.controlpanel.com/login.php but I wanted to be able to log in via my site at www.mysite.com so could I put something like this at mysite.com and expect it to work

at www.mysite.com I have

<form name="form1" method="POST" action="http://www.controlpanel.com/login.php">
<input type="hidden" name="username" >
<input type="hidden" name="password">
<input type="submit" name="sbutton" value="Submit" />

since the action is going to www.controlpanel.com would I be able to login from www.mysite.com


02-17-2005, 01:01 PM
I must strongly discourage such attempts; leaving the user name and password wide open and clearly visible in a web page is practically inviting in evil-doers. You would create a security leak the size of the Panama canal -with all the gates wide open.

02-17-2005, 01:16 PM
Yeah but the world is full of good peole that love each other very much. :P
But seriously I dont understand how that causes a security problem, at which point are the username and password being shown. *Stops, Thinks and looks at the code*
Oh wait I think I pasted the wrong code

<form name="form1" method="POST" action="http://www.controlpanel.com/login.php">
<input type="text" name="username" >
<input type="password" name="password">
<input type="submit" name="sbutton" value="Submit" />

There, sorry does that still cause a security issue? The user puts in his/hers login details and press submits.
Should the user be able to log in easily from www.mysite.com and be loged in when they get to www.mycontrolpanel.com
Assuming that the required fields names are called "username" and "password"

02-17-2005, 02:48 PM
Pffft... Okay, but I stil don't understand why. If a user does a request for the control Panel entry page, isn't a login dialog presented anyway? Or are you trying to offer a nicer form or page for the login process? I fear the last would require an alteration to said entry page, and I doubt if the owner of the page is waiting for that...

02-17-2005, 03:32 PM
It depends on the site, i know some people who used to do that. They had a page and you could log into your email account (yahoo, hotmail, etc) but they started having problems and shut it down. I don't know why...
I think yahoo uses lots of javascript to kind of encrypt the password before it's sent and that would be hard to replicate.

02-17-2005, 04:58 PM
Yeah what going to happen is that a user can select out of 5 control panels what they want to loginto. They just type in there username and password and select the panel they want to log into via a drop down list (PHP will be envolved at this point)
This is so they dont need to remeber any links to the control panels they can just login at one place.

I fear the last would require an alteration to said entry page
What kind of alterations will be needed?