how to login into phpbb software by passing username and pwd via url
https://stackoverflow.com/questions/5816013
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian문제
I have installed the phpbb software and i am new to it, if a user access the forum via url like http://192.168.1.162/payodatalk/service/login.php?mode=login&username=uname&pwd=123
Where can i find the session variables like user name and password initialized ? i have referred the PHPBB site but still i am not clear about it. Any help on this would be useful for me.
thanks in advance
해결책
You should not allow authentication through GET request, since the requests would not be idempotent (cfr Hypertext Transfer Protocol - Method definitions).
However, to allow this you should modify phpBB's login function to fetch username and password from the $_GET supervariable instead of $_POST only (you should check $_GET if $_POST does not contain username and password, do not replace the $_POST entirely).
다른 팁
It can be done by changing the base code.. For that read the code structure of phpBB here
but its not safe to include pwd in the url itself .
Consider a user logs in as u specified and anyone who able to see the url from browser history can also login..
Thats a bad technique to be online and its actually reverse to the concept of authentication.
