| Re: Posting and redirecting to remote script [message #173297 is a reply to message #173296] |
Sat, 02 April 2011 12:44  |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
|
Senior Member |
|
|
On 4/2/2011 8:35 AM, Toxalot wrote:
> On Apr 1, 8:30 pm, Jerry Stuckle<jstuck...@attglobal.net> wrote:
>> On 4/1/2011 7:02 PM, Twayne wrote:
>>
>>
>>
>>> Innews:e96fbcd2-b36f-4005-b135-7c86373c248a(at)a17g2000yqn(dot)googlegroups(dot)com,
>>> Toxalot<toxa...@gmail.com> typed:
>>>> My client has a subscribers only area which is written in
>>>> PHP. Login is through a form and sessions are tracked
>>>> with cookies.
>>
>>>> One of the client's subscribers has their own members
>>>> only website. The subscriber wants all their members to
>>>> be able to access my client's subscribers only area
>>>> without having to provide a username and password. The
>>>> simplest way would be for the subscriber to put a form
>>>> button on their site that has the login info in hidden
>>>> fields. But that means any of their members could get the
>>>> login details by viewing the source. I don't know how
>>>> savvy their members are, but I don't like security
>>>> through obscurity.
>>
>>>> I had hoped to create a simple little script that the
>>>> subscriber could install that would post directly to my
>>>> client's script and end up on the client's site. But so
>>>> far, it hasn't been as simple as I'd hoped. All methods
>>>> of posting to remote script keep the user on the same
>>>> site.
>>
>>>> Any suggestions on how to handle this?
>>
>>> A PHP script operating on a remote server will NOT be visible by doing a
>>> View Source! All they'll see is what the PHP code sends back to the screen
>>> as HTML but not the processes which created that HTML on the fly. That's one
>>> of the valid reasons for using PHP or any server-side programming.
>>
>>> HTH,
>>
>>> Twayne`
>>
>> A typical Twayne response. Complete horse hockey.
>>
>> Now - please tell me - how is the script on the remote server supposed
>> to know the user is signed onto the original server without passing some
>> information to the remote via the client?
>>
>> --
>> ==================
>> Remove the "x" from my email address
>> Jerry Stuckle
>> JDS Computer Training Corp.
>> jstuck...@attglobal.net
>> ==================
>
> Jerry, I'm sure I understand your post. Are you asking me or Twayne?
Sorry for the confusion, Toxalot. I was asking the troll. It's a usual
idiotic response from him.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]