News:

Want to get involved in developing SMF, then why not lend a hand on our github!

Main Menu

URL variables in Registration Form

Started by rithera, February 04, 2016, 12:29:29 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

rithera

February 04, 2016, 12:29:29 PM
Good morning!

I as a little stumped on how to achieve something I would assume would be pretty easy...

I am trying to help pre-fill a few of the registration field based on variables in the URL, but cant seem to figure out where to start.

For example, lets say I want to pre-populate the username and email
username=Test
[email protected]

I want to be able to pass an address like this which would automatically have the two fields filled out when the page loads:
http://forum.someforum.com/index.php?action=register&username=Test&[email protected] [nofollow]

Any insight would be very helpful.

margarett

#1
February 04, 2016, 01:03:08 PM
Shoud be easy enough... Find (Register.template.php)
Code Select
<input type="text" name="user" id="smf_autov_username" size="30" tabindex="', $context['tabindex']++, '" maxlength="25" value="', isset($context['username']) ? $context['username'] : '', '" class="input_text" />

Replace with:
Code Select
<input type="text" name="user" id="smf_autov_username" size="30" tabindex="', $context['tabindex']++, '" maxlength="25" value="', isset($context['username']) ? $context['username'] : (!empty($_REQUEST['username']) ? $smcFunc['htmlspecialchars']($_REQUEST['username']) : ''), '" class="input_text" />

Untested, though :P Backup your file before making changes ;)
Se forem conduzir, não bebam. Se forem beber... CHAMEM-ME!!!! :D

QuoteOver 90% of all computer problems can be traced back to the interface between the keyboard and the chair

Kindred

#2
February 04, 2016, 01:06:41 PM
I guess the biggest question is: What are you, specifically, trying to do here?

Passing variables in the URL is not the most efficient nor the most secure way to do things and has implications in both areas...

Depending on what you are actually trying to do and why, we might be able to suggest a better method of pre-filling fields.
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

rithera

#3
February 04, 2016, 01:15:19 PM
Thanks margarett, will give it a try here shortly!

Kindred, here is some more insight:
We have a Windows application that runs locally on a client's machine - completely independent from the forum in every way. However this application has its own login credentials and basic information about the user.

So the idea would be to take some of this information (public information only, no passwords or private information) and create a menu option in that application that would dynamically generate a link to the forum registration page with much of the required fields already filled out.

In a perfect world it would use something like the API and generate an account and sign in for them, but thats a bit more complex and something we may look into at a later time.

Kindred

#4
February 04, 2016, 01:22:34 PM
hmmm.....   how does the windows application store the data? (e.g. how would you GET the data from the windows app to put into the URL?)
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

rithera

#5
February 04, 2016, 01:28:37 PM
Quote from: Kindred on February 04, 2016, 01:22:34 PM
hmmm.....   how does the windows application store the data? (e.g. how would you GET the data from the windows app to put into the URL?)

The data is stored in local database tables on the client's side.

rithera

#6
February 04, 2016, 03:40:37 PM
Quote from: margarett on February 04, 2016, 01:03:08 PM
Shoud be easy enough... Find (Register.template.php)
Code Select
<input type="text" name="user" id="smf_autov_username" size="30" tabindex="', $context['tabindex']++, '" maxlength="25" value="', isset($context['username']) ? $context['username'] : '', '" class="input_text" />

Replace with:
Code Select
<input type="text" name="user" id="smf_autov_username" size="30" tabindex="', $context['tabindex']++, '" maxlength="25" value="', isset($context['username']) ? $context['username'] : (!empty($_REQUEST['username']) ? $smcFunc['htmlspecialchars']($_REQUEST['username']) : ''), '" class="input_text" />

Untested, though :P Backup your file before making changes ;)

Thanks again! For whatever reason I had problems with htmlspecialchars, so simplifying it (for better or worse) here is how I got it to work...

Code Select
<input type="text" name="user" id="smf_autov_username" size="30" tabindex="', $context['tabindex']++, '" maxlength="25" value="', isset($context['username']) ? $_REQUEST['username'] : '', '" class="input_text" />

Kindred

#7
February 04, 2016, 04:06:08 PM
that is definitely a security threat, without the preparse - and could result in invalid usernames because of bad characters...
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

margarett

#8
February 04, 2016, 04:46:16 PM
And that's wrong... The inline if relates different variables... I'll test later.
Se forem conduzir, não bebam. Se forem beber... CHAMEM-ME!!!! :D

QuoteOver 90% of all computer problems can be traced back to the interface between the keyboard and the chair
Print
Go Up Pages1
User actions
Advertisement: