Hi everyone... I'm new to squirrelmail and php, and I'd like to ask some questions.
I'm trying to do the same thing . I provide a link in my web browser that will take the logged-on user directly to their inbox, bringin their login_name and password. I've already succeded with the script <a href=http://www.bobpitch.com/squirrelmail/src/redirect.php?login_username=te st&secretkey=password>Test Link</a>. Unfortunately, this means that people can see the password by right-clicking the mouse and choose 'View Source'... even if I put it in a variable. Can somebody help me with another way that is more secure? Thanks a lot! ----- Original Message ----- From: "Jonathan Angliss" <[EMAIL PROTECTED]> To: "GoldCD" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, July 31, 2003 5:47 AM Subject: Re: [SM-USERS] First time list subscriber needing help - apologies if off-topic etc. > Hello Goldcd, > On Wednesday, July 30, 2003, GoldCD wrote... > > > <input type=hidden name="login_username" value="test+bobpitch.disofthosting.net"> > > [..] > > > <a > > href=http://www.bobpitch.com/squirrelmail/src/redirect.php?login_username=te st+bobpitch.disofthosting.net&secretkey=test>Test > > Link</a> > > Okay, something to point out here. + is a url encoded value for " " > (space). The above link would end up being decoded to > > "test bobpitch.disofthosting.net" > > While the form works differently. The + doesn't behave the same way, > and the + would probably be represented as: > > test+bobpitch.disofthosting.net > > > I'm completely stumped by the problem, any help would be much > > appreciated as I want to get rid of that single ugly button. > > If the + is part of the username, you may want to find out what the > url encoded value for + is to convert it and use in the URL. > > -- > Jonathan Angliss > ([EMAIL PROTECTED]) > > > > ------------------------------------------------------- > This SF.Net email sponsored by: Free pre-built ASP.NET sites including > Data Reports, E-commerce, Portals, and Forums are available now. > Download today and enter to win an XBOX or Visual Studio .NET. > http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 > -- > squirrelmail-users mailing list > List Address: [EMAIL PROTECTED] > List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995 > List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 -- squirrelmail-users mailing list List Address: [EMAIL PROTECTED] List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995 List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
