Difference between revisions of "Affiliate Remote Login"
OfferitRob (talk | contribs) m (Reverted edits by OfferitRob (talk) to last revision by OfferitDave) |
Offeritnick (talk | contribs) |
||
| Line 30: | Line 30: | ||
if ( ! empty( $_POST['user'] ) && ! empty( $_POST['pass'] ) && check_length( $_POST['user'], 2, 255 ) && check_length( $_POST['pass'], 3, 255 ) ) { | if ( ! empty( $_POST['user'] ) && ! empty( $_POST['pass'] ) && check_length( $_POST['user'], 2, 255 ) && check_length( $_POST['pass'], 3, 255 ) ) { | ||
$response_headers = get_headers( AFFILIATE_URL . '/internal.php?user=' . $_POST['user'] . '&pass=' . $_POST['pass'] . '', 1 ); | $response_headers = get_headers( AFFILIATE_URL . '/internal.php?user=' . $_POST['user'] . '&pass=' . $_POST['pass'] . '', 1 ); | ||
| − | if ( array_key_exists( 'Location', $response_headers ) && $response_headers[0] | + | if ( array_key_exists( 'Location', $response_headers ) && strpos($response_headers[0], 'HTTP/1.1 302') !== FALSE ) { |
$response = array( | $response = array( | ||
'result' => 'success' | 'result' => 'success' | ||
Latest revision as of 14:58, 9 October 2018
You can create a custom form for affiliates to log in to your Offerit installation. All that is needed is to create a form that submits to the following url:
http://<tracking domain>/internal.php
You would replace <tracking domain> with the Tracking Domain of your Offerit install. The only variables that need to be sent for a successful login with the post are "user" and "pass". If the user is submitting fails to enter the correct login information they and they are posting from the tracking domain of your offerit install they will be redirected to the external login page of your offerit install. Otherwise they will receive an error response regarding why their login was unsuccessful.
Here is a basic example of what this form may look like.
<!-- Simple form to post to Offerit and login --> <form action="http://example.offerit.com/internal.php" method="post"> Username: <input type="text" name="user" /><br /> Password: <input type="password" name="pass" /><br /> <input type="submit" /> </form>
Displaying your own error page
If you prefer to display your own errors, you can send a post to verify the username and password are correct before sending the user. For instance use javascript to handle the form submission and send an ajax post to a validation script like this one:
$response = array(
'result' => 'fail'
);
if ( ! empty( $_POST['user'] ) && ! empty( $_POST['pass'] ) && check_length( $_POST['user'], 2, 255 ) && check_length( $_POST['pass'], 3, 255 ) ) {
$response_headers = get_headers( AFFILIATE_URL . '/internal.php?user=' . $_POST['user'] . '&pass=' . $_POST['pass'] . '', 1 );
if ( array_key_exists( 'Location', $response_headers ) && strpos($response_headers[0], 'HTTP/1.1 302') !== FALSE ) {
$response = array(
'result' => 'success'
);
}
}
If the post returns success, you can let the form submit like normal. If the post returns error, you can tell the surfer to try again.
Displaying Forgot Password
Similarly, you can trigger forgot password from your own page and check for your own errors by making it an ajax call instead of a direct form submission. The post script might look like this one:
$response = array(
'result' => 'fail'
);
parse_str( $_POST['formdata'], $data );
$curl = curl_init();
curl_setopt( $curl, CURLOPT_URL, AFFILIATE_URL . '/submit.php' );
curl_setopt( $curl, CURLOPT_RETURNTRANSFER, true );
curl_setopt( $curl, CURLOPT_POST, true );
curl_setopt( $curl, CURLOPT_POSTFIELDS, http_build_query( $data ) );
$response['response'] = curl_exec( $curl );
$header = curl_getinfo( $curl, CURLINFO_HTTP_CODE );
curl_close( $curl );
preg_match( '#<div class="action-details">(.+?)</div>#is', $response['response'], $found );
if ( $header === 302 ) {
$response = array(
'result' => 'success',
'message' => 'An email has been sent with your new password. ',
'header' => $header
);
}
if ( $header === 200 ) {
if ( $found ) {
$response = array(
'result' => 'error',
'message' => $found[1],
'header' => $header
);
}
}
