Call the login page with the email address and password automatically?

**Dim Tim** · 18 Apr 2011, 11:06 AM

Hi People,

I need to pass the email address to the login page automatically. As a bonus I would like to pass a password to it as well.

Let me explain.

We create accounts for customers who phone in their orders. Many of our customers are aged so they don't have email addresses so we create false email addresses for them but they have difficulty remembering. It would be much easier using their postcode.

For the use of telephone orders ONLY I would like to use a page to search for the customers postcode and return their email address ready to login in using the admin master password. This can of course be secured by .htaccess and/or whatever.

That much I can and have managed to create using PHP.

The part I can't find out how to do is to call the login page with the email address (and hopefully the master password) passed to it automatically.

I have searched around without much success so any help would be much appreciated.

Thanks for reading.

**Dim Tim** · 19 Apr 2011, 10:24 AM

Upon reflection, perhaps I need to re-word my question.

Can the email address be passed to the login page within the url something like

<a href="[email protected]"></a>

I realise that there are some security issues passing details in a URL like that but this would be called from a php file within Zencart so that should be less of a problem.

Or is there some other method which would help me.

Appreciate your reading this and any suggestion you might have.

**Dim Tim** · 19 Apr 2011, 02:28 PM

Hi people,

I have got a little further along.

My Aim
For telephone orders only.
A separate page acceessible only by us in the office behind htaccess which will accept the input of a postcode and return the email address associated with it (if any).

Then click a button to launch the login page with that email address already inserted in the field. (may add the master password too)

Because I had no better idea, I wanted the email address passed to the login page within the URL like "www.website.co.uk/zencart/index.php?main_page=login&[email protected]"

I had a problem with launching the login page with the email address already inserted and had to edit zencart/includes/templates/template_default/templates/tpl_login_default.php as follows :

Near the top, add

Code:

<?php
$var1 = $_GET["var1"]; 
?>

Find this

Code:

echo zen_draw_input_field('email_address', '', zen_set_field_length(TABLE_CUSTOMERS, 'customers_email_address', '40') . ' id="login-email-address"' );

edit it to this

Code:

echo zen_draw_input_field('email_address', '', zen_set_field_length(TABLE_CUSTOMERS, 'customers_email_address', '40') . ' id="login-email-address"' . 'value = ' . $var1 );

That launches the page with the email already in place. Cool!

I had to add an "if" to not add the address if there was none in the URL because otherwise it inserted a "/".

So, the question is, is this safe?

Can anyone see any reason not to do this ?

Would appreciate any feedback.

Thanks for reading.