Joomla - Automatically log users in using $_GET variables
I know this sounds very dumb, but we have a client that sends out newsletters. But the target market is extremely computer illiterate, so the client requires us to embed the login details in the开发者_Go百科 urls on the newsletter so users can be logged in automatically in the Joomla front-end.
What I have propsed is that we simply do a script which gets the username and password from the url using $_GET and then how can I pass it to the $my object which gets created only once the user logs in through the Joomla login page?
Obviously, I'm not getting everything here code-related, but the concept stays the same, we want to automatically log people in using a url and then if it could redirect them to the page they wanted to go, all in one sweep.
Thanks in advance for any comments & advice.
This is terrible in terms of security, but all you'd need to do is pass
login.php?username=X&password=Y
And change your login to accept $_REQUEST instead of $_POST
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
$loggedIn = User::Login($username, $password);
But again, this is TERRIBLE from a security standpoint.
If you really need a fast way to do this, you should consider emailing them a hash of some salt and their username and then logging them in that way. Something like this:
login.php?user=aw48hgghsudghaw9eg
Then
$hash = $_GET['user'];
$result = mysql_query("SELECT username, password
FROM users
WHERE md5("SALT_STRING", username) = $hash");
if (mysql_num_rows($result)) {
$row = mysql_result($result);
$loggedIn = User::Login($row['username'], $row['$password']);
}
Or something similar.
$mainframe = JFactory::getApplication();
$credentials = array();
$credentials['username'] = $app->input->get('username', '', 'string');
$credentials['password'] = $app->input->get('password', '', 'raw');
$mainframe->login($credentials);
//$mainframe->redirect(JRoute::_('index.php', false));
加载中,请稍侯......
精彩评论