Adding a variable to the end of every link?

cwheat · 05-19-2004, 04:16 PM

Hello,

I want to use this for a intranet and inorder to get past the user auth I need phpdig to automaticly add a couple of varaibles to the end of the links it tries to open.

so

http://www.myserver.com/index.php would auto look like:

http://www.myserver.com/index.php?bypassauth=1

and when it found lets say the news link
news.php it would auto add to it as well:
news.php?bypassauth=1

Thanks
Chris

vinyl-junkie · 05-20-2004, 06:00 PM

Instead of monkeying with the phpdig code, why not setup a process to append that string to every URL in the database? Just a thought.

cwheat · 05-20-2004, 06:17 PM

The problem is that phpdig keeps getting bounced to our login page. So it only is able to index 2 pages index.php and login.php

by having phpdig add the ?bypass=yes to the urls it will be able to bypass the securities.

Thanks
Chris

vinyl-junkie · 05-20-2004, 06:35 PM

Sorry, I must have misunderstood what you were asking. Take a look at this thread and see if it helps. I think it's probably closer to what you need to know. Unless, of course, I'm way off base, which is entirely possible. If so, perhaps you could explain a little more what you're trying to do.

cwheat · 05-21-2004, 08:16 AM

I already tried the username:password@domain.com

it does not work. I am not using .htaccess to authenticate users I am using custom php code. Basicly if the username and password matches the database the auth script sets a varaible.

ie $goodauth=1

and at the top of ever page the scripting looks similar to:

if ($goodauth !== "1"){
headerlocation to login.php
} else {

page content

}

So to bypass this I need phpdig to add ?goodauth=1 to every url it tries to spider. Adding the ?goodauth=1 would bypass the login.

Thanks
Chris

cwheat · 05-25-2004, 02:26 PM

any one?

vinyl-junkie · 05-25-2004, 06:03 PM

Um, can I take another stab at this?

Change your custom script to let the phpdig user-agent through without authentication. Here is a thread that talks about how that's defined in phpdig.

So what you'd have for authentication is something like this:

PHP Code:


			
if ($_SERVER['USER-AGENT'] == 'PhPDig'){

page content

} else {



if ($goodauth !== "1"){

headerlocation to login.php

} else {



page content



}

Would that work for you?

You gotta give me an A for effort!

cwheat · 05-26-2004, 11:15 AM

A++++

THANK YOU!!!!!!!!!

Chris

05-19-2004, 04:16 PM	#1
cwheat Green Mole Join Date: May 2004 Posts: 5	Adding a variable to the end of every link? Hello, I want to use this for a intranet and inorder to get past the user auth I need phpdig to automaticly add a couple of varaibles to the end of the links it tries to open. so http://www.myserver.com/index.php would auto look like: http://www.myserver.com/index.php?bypassauth=1 and when it found lets say the news link news.php it would auto add to it as well: news.php?bypassauth=1 Thanks Chris

05-25-2004, 06:03 PM	#7
vinyl-junkie Purple Mole Join Date: Jan 2004 Posts: 694	Um, can I take another stab at this? Change your custom script to let the phpdig user-agent through without authentication. Here is a thread that talks about how that's defined in phpdig. So what you'd have for authentication is something like this: PHP Code: `if ($_SERVER['USER-AGENT'] == 'PhPDig'){ page content } else { if ($goodauth !== "1"){ headerlocation to login.php } else { page content }` Would that work for you? You gotta give me an A for effort!

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
mg-eregi() again... premature end of char class...	casimiro	Troubleshooting	0	12-22-2005 04:05 AM
Undefined variable: user_agent	noel	Bug Tracker	6	10-30-2005 05:32 PM
Undefined Variable: $reg	blackfeather	Bug Tracker	2	05-01-2004 12:02 PM
Not recognising get variable pages	BCVisin	Troubleshooting	7	04-15-2004 11:42 PM
the end of the spider,... for me	fr :: anonymus	The Mole Hole	3	03-05-2004 01:27 AM

05-20-2004, 06:00 PM	#2
vinyl-junkie Purple Mole Join Date: Jan 2004 Posts: 694	Instead of monkeying with the phpdig code, why not setup a process to append that string to every URL in the database? Just a thought.

05-20-2004, 06:17 PM	#3
cwheat Green Mole Join Date: May 2004 Posts: 5	The problem is that phpdig keeps getting bounced to our login page. So it only is able to index 2 pages index.php and login.php by having phpdig add the ?bypass=yes to the urls it will be able to bypass the securities. Thanks Chris

05-20-2004, 06:35 PM	#4
vinyl-junkie Purple Mole Join Date: Jan 2004 Posts: 694	Sorry, I must have misunderstood what you were asking. Take a look at this thread and see if it helps. I think it's probably closer to what you need to know. Unless, of course, I'm way off base, which is entirely possible. If so, perhaps you could explain a little more what you're trying to do.

05-21-2004, 08:16 AM	#5
cwheat Green Mole Join Date: May 2004 Posts: 5	I already tried the username:password@domain.com it does not work. I am not using .htaccess to authenticate users I am using custom php code. Basicly if the username and password matches the database the auth script sets a varaible. ie $goodauth=1 and at the top of ever page the scripting looks similar to: if ($goodauth !== "1"){ headerlocation to login.php } else { page content } So to bypass this I need phpdig to add ?goodauth=1 to every url it tries to spider. Adding the ?goodauth=1 would bypass the login. Thanks Chris

05-25-2004, 02:26 PM	#6
cwheat Green Mole Join Date: May 2004 Posts: 5	any one?

05-26-2004, 11:15 AM	#8
cwheat Green Mole Join Date: May 2004 Posts: 5	A++++ THANK YOU!!!!!!!!! Chris