Firefox PHP

Module: Remember Username

Posted by Maurice Makaay 
All files from this thread

File Name File Size   Posted by Date  
remember_username-1.1.0.tar.gz 1.2 KB open | download Maurice Makaay 05/20/2008 Read message
remember_username-1.1.0.zip 1.9 KB open | download Maurice Makaay 05/20/2008 Read message
Module: Remember Username
August 05, 2007 01:48PM
This module will store the Phorum username that was last used in a cookie.
When entering the login screen, the username will be automatically filled in, based on this cookie.

Changelog:
----------

2007-08-05 v1.1.0

    - Rewrite for Phorum 5.2.

2005-01-23 v1.0.0

    - Initial release


Maurice Makaay
Phorum Development Team
my blog linkedin profile secret sauce



Edited 2 time(s). Last edit at 05/20/2008 04:53PM by Maurice Makaay.
Attachments:
open | download - remember_username-1.1.0.tar.gz (1.2 KB)
open | download - remember_username-1.1.0.zip (1.9 KB)
Re: Module: Remember Username
May 16, 2008 04:17PM
Hi Maurice,

I installed your module. When it is enabled and I go to the login page (after logging out) I get immediately the "username/password was not found or is inactive" error message. My username is filled in but there shouldn't be thrown an error message even when I just entering that page...

Regards
Oliver


Using Phorum since 7/2000: forum.langzeittest.de (actual version 5.2.23)
Modules "Made in Germany" for version 5.2: Author_as_Sender, CarCost, Close_Topic, Conceal_Message_Timestamp,
Format_Email, Index_Structure, Mailing_List, Pervasive_Forum, Spritmonitor, Terms_of_Service and German_Language_Files_Package.
Re: Module: Remember Username
May 20, 2008 04:52PM
I think that this accidentally was the 5.1 compatible 1.0.0 package.
Please try if 1.1.0 fixes things for you.


Maurice Makaay
Phorum Development Team
my blog linkedin profile secret sauce
Re: Module: Remember Username
May 21, 2008 10:34AM
Hi Maurice,

Quote
Maurice Makaay
I think that this accidentally was the 5.1 compatible 1.0.0 package.
Please try if 1.1.0 fixes things for you.

Yes, it's working fine. Thanks.

Regards
Oliver


Using Phorum since 7/2000: forum.langzeittest.de (actual version 5.2.23)
Modules "Made in Germany" for version 5.2: Author_as_Sender, CarCost, Close_Topic, Conceal_Message_Timestamp,
Format_Email, Index_Structure, Mailing_List, Pervasive_Forum, Spritmonitor, Terms_of_Service and German_Language_Files_Package.




Edited 1 time(s). Last edit at 05/21/2008 10:35AM by Oliver Riesen.
Re: Module: Remember Username
January 31, 2011 04:02AM
hope this is right place to post this. Mine works fine but i need it to remember password too. can this be done?
Re: Module: Remember Username
January 31, 2011 06:33AM
By default, Phorum remembers the logon session. There should be no need for a "Remember me" option for the password. Like on the phorum.org website, you should see that you are still logged in after returning to the site.


Maurice Makaay
Phorum Development Team
my blog linkedin profile secret sauce
Re: Module: Remember Username
January 31, 2011 06:42AM
Re: Module: Remember Username
January 31, 2011 07:30AM
Or use the browser functions to remember what you input into a form.


Thomas Seifert
Phorum Development Team / Mysnip-Solutions.de
Custom Phorum and general software development
worry-free Phorum Hosting
Re: Module: Remember Username
September 17, 2013 08:03AM
There is a security issue in the current version of the module.
(I purposely omit the details to not encourage its exploitation.)
If a cookie for this module is somehow set outside with some scripting in it, it allows session hijacking and the like.

To prevent this behavior something like this would do.

$username = trim($_COOKIE['phorum_mod_remember_username']);
$focus_field = 'password';
// If the cookie is forged. (It contains something other than a username.)
if(filter_var($username, FILTER_SANITIZE_STRING) != $username)
{
// Delete the forged cookie.
setcookie('phorum_mod_remember_username', '', time() - 3600, $PHORUM['session_path'], $PHORUM['session_domain']);
// Set an empty username.
$username = '';
// Focus on username field.
$focus_field = 'username';
}

// Replace the username with the remembered username.
$PHORUM['DATA']['LOGIN']['username'] = $username;

// Make the focus shift to the appropriate field.
$PHORUM['DATA']['FOCUS_TO_ID'] = $focus_field;
Sorry, only registered users may post in this forum.

Click here to login