Hi all.

I am creating a helpdesk system with php and mysql.

The intention is to have all staff login an submit issues.

I would like to have staff logged in automatically. Like some how the system detects who is logged in based of current user name or something.

then ill compare this to a staff table populated with forename, surname, windows login and email. if they are there....... ie one of these fields matches up then they are automatically allowed to submit data onto the system.

anyone able to point me in a good direction with this?

many many thanks!

    There are some methods to do similar things with ActiveX, which limits you to using IE.

    Think about it - would you want any old website to be able to run a script that extracts personal information form your machine?

    What you could do is write a batch file to run on the machine's login to generate a text file and save it where the machine stores cookies. Have that cookie readable by the site and extract information from there.
    I would STRONGLY advise you to NOT store username AND password information in the cookie for the sake of security.

      Depending on your LAN setup (e.g. Active Directory?), you could use "Integarted Windows Authentication" to secure a folder (in IIS anyway, I believe there's an Apache mod for this as well). I do believe this still limits you to using M$ IE, however, as Firefox doesn't send the Kerberos/authentication credentials when requested by a LAN resource (whereas IE will).

        thanks for your replies. i perhaps should have added that the system will be part of an intranet behond an already secured network.

        With regards to using windows authenticated login.

        i then need this to pass a value with which i can pull the correct username from a table and have the persons name who is submitting the form automatically be placed in the new entry in the table... this is to save the user from having to fill in their name every time they log a new call.

        i hope this makes sense.

        thanks again for your input.

          When you enable the Integrated Authentication (or one of those options... it's been ages since I've done it) and disable anonymous access (a checkbox at the top of the dialog in IIS, I believe it's under Directory Access or something similar), this will poll IE for the Kerberos logging info (Firefox won't send it by default, unless you install a Firefox addon to do so).

          This creates a variable in the $_SERVER array that you can pull their username from, though I don't remember exactly what it is (again, it's been ages since I've done something like this).

          Are you using IIS, first of all?

            http://adldap.sourceforge.net/wiki/doku.php?id=seamless_authentication

            thats what you want

            Seamless authentication or Single Sign On (SSO) refers to where the browser does the authentication automatically for the user. No password is sent across the wire, they're all hashes (it's Samba voodoo). The protocol Microsoft uses to provide seamless browser authentation in a windows domain is called NTLM. More information on NTLM and the associated technologies are available at Wikipedia. Both Microsoft Internet Explorer and Mozilla Firefox readily support NTLM.

              6 days later

              many thanks for this.

              it looks like what i want.

              my early tests havent gone so well though. IIS works as i can pull other pages from the same virtual directory.

              however when i run my test page for this function i get nothing. i have turned off annonymous login and have set it to use windows authentication (im using IIS 6.0).

              heres the code for my test page (test.html).

              <?php

              $dave = $_SERVER['LOGON_USER']

              echo $dave;

              ?>

              anyone any i deas as to what i might have missed?

              thanks again.

                Write a Reply...