Logging into another site from my site

Okay, I’ve been digging through hundreds of articles trying to find an answer. I have been able to find answers somewhat close to what I am looking for, but nothing that is exactly what I am looking for.

What I am trying to do is this;
I want to set up a website (Site A) that has a Username and Password field, which the potential user will enter the Username and Password to another site (Site B) and it will take the data entered into the Username and Password Fields on Site A and enter those values into the Username and Password boxes on site B. Once this is accomplished Site A will remain ‘logged in’ to Site B, and log out when the session is terminated.
Originally I thought PERL would be the best way to go about doing this, then I discovered cURL with PHP. If possible, I would like to use cURL since both sites are almost entirely PHP as is.:smashy:

I am not entirely sure how I would go about this, and any help would be greatly appreciated!

You can make it by php with form GET or POST
example:
your site a is: sitea.com, site b is: siteb.com.
login php at siteb is siteb.com/login.php
code at site A

<form method="post" action="http://siteb.com/login.php">
<input type="text" name="login_name" >
    <input type="password" name="login_password">
<button class="button" type="submit" title="LOGIN">LOGIN</button>
    <input name="login" type="hidden" id="login" value="submit">
</form>

in login.php you will get $POST_[login_name] is username and $POST_[login_password] is password

Okay, so would I need to edit the:

<input type="text" name="login_name" >
    <input type="password" name="login_password">
<button class="button" type="submit" title="LOGIN">LOGIN</button>
    <input name="login" type="hidden" id="login" value="submit">

and set the values to what they are on siteb.com?

ie, if siteb.com’s Username box was named ‘example123’, would I change it to “<input type=“text” name=“example123” >” on sitea.com?

Thank you :slight_smile:

Okay, I tried that, and all it did was take me to siteb.com and log me in there.
I want to log into siteb.com through sitea.com, and then go to my own custom page on sitea.com, while still being able to control siteb.com in the background.

I can’t write this code for you because I don’t have time, but I can tell you you need to be looking at something called CURL.

Google for “curl php” and you should be able to find information from there.

There are also some other helper libraries that may be able to simplify the process for you, but they’ll mostly be based around CURL anyway.

Edit: some links that may be useful (not tested any of these examples, so use at your own risk):

http://stackoverflow.com/questions/3008817/login-to-remote-site-with-php-curl
https://tournasdimitrios1.wordpress.com/2010/10/17/php-basics-accessing-remote-urls-using-curl/

Also make sure you’re not violating the terms and conditions of siteb, since this is potentially a means to phish people’s logins and passwords.

coughs ahem… yeah, this too :slight_smile:

Well thankfully I have a good reputation with siteb.com, so I don’t believe it will be an issue, and there are already a few 3rd party applications that log into the site outside of it, but I will, thank you :slight_smile:

Yeah, if you look at my original post, I figured it would have to be cURL.
Is the cURL library already pre-installed with current distributions, or is it something I am going to have to download and install seperately?

With cURL, I don’t think it is possible. I think I can safely say that the majority of sites use PHP Sessions for logging in, etc. These sessions involve storing a cookie on the clients computer. I do believe that it would be possible to get and set the cookie via cURL, but there is no way to make it accessible to siteb, and it would therefore be useless.

What I would do is use some Javascript, as mentioned above, and when the use clicks the link “log me in” have it act as a form submission. This is very easy to do with jQuery, and not much more difficult with vanilla Js either.

One more note: when storing your user’s passwords in the database, you must encrypt them! Unfortunately, you couldn’t use a one-way salted hash because you need to be able to take the passwords back out. I would essentially use the same concepts as the uniquely salted password method, but use the two way AES-256 encryption rather than Blowfish or SHA.

Pretty sure you can store a session via curl.

http://www.smooka.com/blog/2009/07/24/maintaining-php-session-when-using-curl/

Sent from my GT-I9300 using Tapatalk 2

Of course you can set a maintain a user session with cURL - on your own site though. You can’t make that session available to other domains without creating a fully proxy, which is both inefficient and against the terms of most web hosting places.