saseow
Posts: 744
|
| Posted: 12/22/2012, 12:19 AM |
|
I want to create an unrestricted page that I can call via the URL and then set session vars to allow me access to the site. i.e. to automatically log me in. This is in the event that the client removes me from the database.
Basically it is a hack to get into my restricted site even if the client has deleted me from the users table.
Any ideas would be great.
|
 |
 |
SecureCloud
Posts: 51
|
| Posted: 12/22/2012, 7:30 AM |
|
I do agree with you...
I haven't really messed around with the login part yet,
cant u hard code an alternate login, and encode it, so its not readable.
or create a function if called from url that it deletes all files but leaves the db,
and creates html page, saying pay and you get ur site back. 
I guess that's why I leave the development on my server, and once they pay, THEN, I move it over...
i found this in the help...
under.. Create Custom Session Variables
function Login_DoLogin_OnClick(& $sender) {
if ($Login_DoLogin_OnClick == true) {
$db = new clsDBConnection1();
CCSetSession("User_Name", CCDLookUp("User_Name","Users","User_ID=".$db->ToSQL(CCGetUserID(),ccsInteger), $db) );
$db->close();
}
}
but instead of CCDLookUp, which checks db, just change code (something) like this.. not tested.
function Login_DoLogin_OnClick(& $sender) {
if ($Login_DoLogin_OnClick == true) {
CCSetSession( "UserName", "Password" );
}
}
// Maybe throw an ELSE using the code above, so either your login
// or the DB login..
but I too am interested to know if there is a way to hard code a login.
someone with more experience in CCS can answer this...
_________________
-------------------------------------------------------------------------------------------------
If this helped You, Please Donate to SecureCloud Here, ANY amount Accepted.
http://securecloud.biz/donate/
Thank You, Your help Keeps us Going.
|
|
|
|
bannedone
Posts: 273
|
| Posted: 12/22/2012, 8:18 AM |
|
Maybe it would be simpler to create a page URL that just inserts a new user record with creds you know.
Login normally to the site
Then a page to remove that user id.
Just a thought.
_________________
John Real
CodeCharge Studio Support, Training, Consulting, Development, Web based solutions
http://realsites.biz
http://ccselite.com
Other Banned IDs on this Forum. jjrjr1, jjrjr2 |
|
|
|
saseow
Posts: 744
|
| Posted: 12/22/2012, 8:47 AM |
|
Yeah, I thought of that but I also have audit scripts that log all logins, logouts and everything a user does on the site.
BUT.. revisiting this after your comment I don't see why I cannot delete the audit table entrees as well as they do not see the IDs in the table. (Unless they go into the DB which I doubt they will do)
I think that is the answer. A fresh look from someone else always helps. If this solves everything I will mark this as solved.
Thanks bannedone. Always helpful!
|
|
|
|
ckroon
Posts: 869
|
| Posted: 12/22/2012, 4:15 PM |
|
Saseow I sent you a PM with a possible solution.
But as the forum is now allowing me to post.....
Why not have a secret page that looks for a url variable to trigger an event:
one triggers the creation of a user account for you.. the other one deletes that account.
Update: HAH.. just saw that BannedOne had the same idea :)
Great minds!
_________________
Walter Kempees...you are dearly missed. |
|
|
|
saseow
Posts: 744
|
| Posted: 12/22/2012, 8:46 PM |
|
Yup, I am going to go the simple rout and to the create user/delete user routine.
Thanks for all the input guys.
Really appreciate it.
|
|
|
|
|
