Hello Paul, On Friday, November 22, 2002, Paul Harvey Chiverton wrote... > Dear Sir/s:
> I am preparing a page withing my internal network and I would like > to access Squirel Mail with a button without having to type in the > user or the password. I know this method is very unsecure but the > email account isn't important. So my question is how do I write the > HREF option for doing this (sending the account name and the > password)? (something like > HREF="http://domainname/webmail/src/login.php?account&user " or > something like it... Thank you You cannot... at least not without changing some code in SquirrelMail first. The code is set not to accept a password in the GET Format (which is how a URL is received), but is set to receive it as a POST (via a login form). If you *really* wanted to use the method you described, then you'll have to edit src/redirect.php and change the following: if (isset($_POST['login_username'])) { $login_username = $_POST['login_username']; } to: if (isset($_GET['login_username'])) { $login_username = $_GET['login_username']; } and: if (isset($_POST['secretkey'])) { $secretkey = $_POST['secretkey']; } to: if (isset($_GET['secretkey'])) { $secretkey = $_GET['secretkey']; } Then you can use the url: http://domain/webmail/src/redirect.php?login_username=username&secretkey=password That should log you in (UNTESTED). *** BIG WARNING *** This is very insecure and there is no way of making that link secure, even over SSL. It is easy to sniff the address by using software such as Ethereal, and then the sniffer then has a username and password to login. I _HIGHLY_ advise against using this method, and would suggest sticking with the POST login over an SSL connection *** BIG WARNING *** :) -- Jonathan Angliss ([EMAIL PROTECTED]) ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf -- squirrelmail-users mailing list List Address: [EMAIL PROTECTED] List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995 List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
