log in user via URL?

[Guest]

Welcome, Guest. Please login or register.
Did you miss your activation email?

1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[leapy]

hello

I need to run a link-checker on my dev site prior to going live. You feed the link-checker a Starting URL and off it goes finding links and checking them.

I need the link-checker to visit all pages on my site including private pages. To set things up, I created a login page specifically for the link-checking app with the alias 'linkcheck'. On this form, I call WebLogin with

Code:

&useCaptcha=`0`

.

The application will accept POST data to send with the Starting URL in order to deal with form based log-in. e.g.
http://dev.mydomain.com/linkcheck?username=test&password=testtest&rememberme=0

In MODx, this log in form just reloads without the user being logged in.

I should maybe point out that I do not want to check modx/wayfinder generated links but the content of our pages holds a number of manually entered links that need to be regularly checked for validity.

Can anyone explain how to get around this please?

Thanks

L

[bunk58]

If you're using the standard WebLogin snippet then it accepts only $_POST data from a form, not $_GET data from a querystring.
At around line 186 of assets/snippets/weblogin/weblogin.processor.inc.php you could try changing this :

Code:

$username = $modx->db->escape(strip_tags($_POST['username']));
    $givenPassword = $modx->db->escape($_POST['password']);
    $captcha_code = isset($_POST['captcha_code'])? $_POST['captcha_code']: '';
    $rememberme = $_POST['rememberme'];

to this :

Code:

$username = $modx->db->escape(strip_tags($_REQUEST['username']));
    $givenPassword = $modx->db->escape($_REQUEST['password']);
    $captcha_code = isset($_REQUEST['captcha_code'])? $_REQUEST['captcha_code']: '';
    $rememberme = $_REQUEST['rememberme'];

I haven't tested it, so definitely make a backup!

[leapy]

Thanks - that appeared to work.

For the benefit of others:

a) I duplicated assets/snippets/weblogin/weblogin.processor.inc.php creating assets/snippets/weblogin/webloginLinkCheck.processor.inc.php
b) Edited webloginLinkCheck.processor.inc.php with Davids suggested changes
c) Commented out any lines referring to captcha
d) I created a duplicate WebLogin snippet called WebLoginLinkCheck.
e) Edited WebLoginLinkCheck to include webloginLinkCheck.processor.inc.php in place of weblogin.processor.inc.php
f) called WebLoginLinkCheck on the new login page (untick "show in menu")
g) only publish this non-captcha log in page for duration of link-checking and then immediately unpublish it.

L

[bunk58]

Glad it worked 
Thanks for putting the explanation to help others.

[leapy]

Thanks to you!

Not often I get the chance to give back :-)

[BobRay]

Thanks - that appeared to work.

For the benefit of others:

a) I duplicated assets/snippets/weblogin/weblogin.processor.inc.php creating assets/snippets/weblogin/webloginLinkCheck.processor.inc.php
b) Edited webloginLinkCheck.processor.inc.php with Davids suggested changes
c) Commented out any lines referring to captcha
d) I created a duplicate WebLogin snippet called WebLoginLinkCheck.
e) Edited WebLoginLinkCheck to include webloginLinkCheck.processor.inc.php in place of weblogin.processor.inc.php
f) called WebLoginLinkCheck on the new login page (untick "show in menu")
g) only publish this non-captcha log in page for duration of link-checking and then immediately unpublish it.

L

For others using this technique, the changes make the site less secure so items d and g are very important. I'd strongly recommend against make the suggested changes to the original file and leaving them in.