Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Passing User Credentials from calling window to window.open() page

Status
Not open for further replies.

linuxlouis

Programmer
Joined
Feb 27, 2006
Messages
4
Location
US
I've written a PERL CGI program, that uses javascript to open another CGI program - which is a form. Users must authenticate before logging into the main page, which is from where the javascript button is launched.

I want to be able to pass the user credentials from the main page, into the javascript launched page/form.

Any suggestions? Or is this even possible? I looked around at some of the different methods that window.open() as a function has, but have not crossed anything about passing variables/information between, besides writing to the new window, which is not the desired behavior in my case.
 
If you were to include the credential information in Javascript on a page, then they would be exposed should anyone view the source of the page. This is certainly not good practice (you don't see javascript-based password solutions for this very reason).

I suggest you look at other ways to determine if the user has authenticated. This may include session variables or cookies.

Cheers,
Jeff

[tt]Jeff's Page @ Code Couch
[/tt]

What is Javascript? FAQ216-6094
 
I think I mis-stated, I didn't mean that I want any credential information 'in' a page, but passed between pages - as you refer to - with session variables, I don't want to use cookies.

"How" I meant to ask this was, 'how' can I pass session variables from the page that has the "button" which launches the javascript window.open() - whose URL arugment is a PERL .cgi script - that I want to ensure has access ONLY IF the user has authenticated.

The scenario is:
1) user authenticates at main page.
2) 1st page users come to has the javascript enable buttons - which launch the PERL CGI script
3) Upon clicking a button, I want to pass session information to the next form page, so I can validate credentials against the postgreSQL database

The real question is, "How can the window.open()" window inherit session variables from the launching button/javascript/code???

Thanks for the initial response.
 
I think I mis-stated, I didn't mean that I want any credential information 'in' a page, but passed between pages - as you refer to - with session variables, I don't want to use cookies.

"How" I meant to ask this was, 'how' can I pass session variables from the page that has the "button" which launches the javascript window.open() - whose URL arugment is a PERL .cgi script - that I want to ensure has access ONLY IF the user has authenticated.

The scenario is:
1) user authenticates at main page.
2) 1st page users come to has the javascript enable buttons - which launch the PERL CGI script
3) Upon clicking a button, I want to pass session information to the next form page, so I can validate credentials against the postgreSQL database

The real question is, "How can the window.open()" window inherit session variables from the launching button/javascript/code???

Thanks for the initial response.
 
The real question is, "How can the window.open()" window inherit session variables from the launching button/javascript/code???

That's easy - serveral ways.

1. Submit a form to the popup (several posts on this recently), or

2. Pass details in the URL as parameters.

Hope this helps,
Dan



[tt]Dan's Page [blue]@[/blue] Code Couch
[/tt]
 
Cool, thanks. I wasn't sure if the session variables needed to be passed via a javascript method or communicated with javascript in some way, rather than something common which I should've just checked.

Thanks for reassuring me!
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top