View Single Post
  #1  
Old 31 Dec 2012, 18:40
invitezone invitezone is offline
 
Join Date: Mar 2008
Passing a variable into header()function.

This is not a VB question exactly its a php question, but im using it in a weird way on my forum, so im hoping someone will help me out

First let me explain what im trying to do.

I want to hide my forum so it looks like there is no forum. The way I want to do this is to make a fake shopping site, with a search box. The search box will be fully functioning, but if the secret passwphrase is entered into the search box, the user will be redirected to the forum and a cookie set so that they don't see the fake shop instead.
The way I am thinking to do this is to use a simple password script to replace the shops search function.


this is the login script I am thinking of using

sas.php

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.


This script also comes with a demo page incase anyone wishes to run this to see it working, which is as follows.

demo.php

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.




Now what I am trying to do is replace what happens when an incorrect password is entered into the script. So within sas.php we have the following code...


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

I am hoping to modify this to use the header redirect() function
something like...
header("Location: http://FakeShopPage.com/search?=$submitted_pass");

This way if someone who didn't know about the forum tried to used the fake shop search function they would enter a search string into the search/password field, hit submit, and the script would see the password was incorrect and pass the submitted password variable into the search string, which would fool the user into thinking they have just searched for something and be none the wiser.

Another issue is that the password encryption in the script uses md5 hash. Being as old as it is now I would like to use something else. I have read that pbkdf2 is a good thing to use. is it possible to use that in this script?

I can use any other login script that you may be able to suggest, I am open to ideas. I want to have only 1 password for all users for this and be able to pass the submitted_pass variable into the search function. My main issue is Iobviously cant have a username involved, so this is the only script I could find.

I am not a coder, I am just trying to piece together info I have found. I did something very similar to this in the past, but cant remember how I did it, and now can't seem to get it to work. I know I am asking for a lot of help here, so I am greatful to anyone who can help me out.

Thanks everyone, reallyt appreciate it
Reply With Quote