ecsMike
Posts: 40
|
| Posted: 12/19/2008, 8:00 AM |
|
I have developed an application Record form that users will be directed to from a secure Intranet that they have already logged into. I want to secure the Record form and have it work as follows:
Users who are directed to the Record form (which is NOT on their Intranet) by clicking on a button within an application on their Intranet should be logged into the Record form automatically (the user login name and password used to log into the Intranet will be POSTED to the Record form when the button is clicked). The Record form will check the login name and password against entries in the User database - and if they exist and are correct - populate the form with the user information stored in the user table.
If the Record form page is invoked with NO POST parameters or they are incorrect when checked against the database, the user will be redirected to a standard login page.
Can anyone help me with how to accomplish this?
Thanks . . . Mike
|
 |
 |
sosamv
Posts: 50
|
| Posted: 12/23/2008, 2:42 PM |
|
Sure, heres what you need to do:
First, do the link from secure page = "/otherapp/index.php?user=sosamv&password=[encrypted]" POST info better than GET. for security.
then on "/otherapp/index.php", you need to catch the info:
$User =CCGetParams("user","");
$Pass=CCGetParams("Password","");
you can do a CCDLookUp() to pull up the password and compare it to the other one, look on the help area for "PHP Functions", that would make your job easier.
Good Luck!
|
|
|
|
|
