I have got a 3rd party website, which my customer wants to me to login into in order to download some data periodicaly.
The data is customer specific, and password protected.
I have the username/password, and I have searched for ways to do the login automatically so that I can pull data, but so far with no success.
This is a method that I have tried:
http://crunchify.com/automatic-html-login-using-post-method-autologin-a-website-on-double-click/
When I look into the login page of the website which I am trying to login to (view source), I don't see the login form, but if I click on "inspect element" in chrome on the fields of the page it does show that there is a login form hiding in there.
Any suggestions
Edit:
Here is the website which I need to autologin to: http://portal.dorad.co.il/#/Login unfortunatlly it's not in english. The first field is the username, the second field is the password and the button is the login
Edit2:
Taking pomeh's advice, I was able to find the jQuery code that is being triggerted when the text boxes are being modified. Now I want to run this script manually using element.DomContainer.Eval
(function(n,t){function vi(n){var t=n.length,r=i.type(n);return i.isWindow(n)?!1:1===n.nodeType&&t?!0:"array"===r||"function"!==r&&(0===t||"number"==typeof t&&t>0&&t-1 in n)}function ne(n){var t=li[n]={};return i.each(n.match(s)||[],function(n,i){t[i]=!0}),t}function uu(n,r,u,f){if(i.acceptData(n)){var s,h,c=i.expando,a="string"==typeof r,l=n.nodeType,o=l?i.cache:n,e=l?n[c]:n[c]&&c;if(e&&o[e]&&(f||o[e].data)||!a||u!==t)return e||(l?n[c]=e=tt.pop()||i.guid++:e=c),o[e]||(o[e]={},l||(o[e].toJSON=i.noop)),("object"==typeof r||"function"==typeof r)&&
...
(t=n(this);r=r.not(t),t.removeData(f),r.length||clearTimeout(c)},add:function(t){function s(t,u,e){var s=n(this),o=n.data(this,f);o.w=u!==i?u:s.width(),o.h=e!==i?e:s.height(),r.apply(this,arguments)}if(!u[o]&&this[e])return!1;var r;if(n.isFunction(t))return r=t,s;r=t.handler,t.handler=s}}}(jQuery,this)
I am not sure how to activate it and give it the relevant data.
If you have the right mix of technical requirements then you want Single-Site-Sign-On (SSSO).
Not all of my clients have SSL and I don't want my user name and password on all of their sites. They are however all on the same server. Since my site supports SSL I can log in to my own site securely.
What you need to do conceptually speaking is log the IP of the administrator account along with the data/time stamp. Then if you visit your client's website (again, on the same server) from that same IP you can have your scripting language check the file. I require a short time-span (anywhere between 30 seconds to two minutes tops) and the same IP address. You can add additional technical requirements to strengthen security of course though your options will be limited as the domain name will be different. If the IP matches the criteria emulate the user being authenticated (static obviously since you likely won't/shouldn't have your administrative account information on their site) and you can be automatically signed in.
Maybe you could do this using a web scraping framework like:
Goutte for PHP (https://github.com/fabpot/goutte)
Scrapy for Python (http://scrapy.org/)
node.io for Node.js (https://github.com/chriso/node.io)
request for Node.js (https://github.com/mikeal/request)
WatiN for .Net (http://watin.org/)
In any case, I think a client side solutions will bring a lot of problems to do this. Maybe you can login into it using a form tag which points to the page, but you won't be able to manipulate the page afterwards. Also, you may not be able to use AJAX due to CORS restriction. You could embed the target page as an iframe but you can't either manipulate the page because of differents domains used (you can do that under certains conditions but it's hard to achieve this imho). So a server side solutions sounds better to me.
I want to add a contact page on my webpage. However, I'm apparently not allowed to execute a script on my site since it's hosted on a protected school server.
Is there a work-around where I could send an email on the client side? (maybe some ajax trick?)
All I've found so far is a way to use javascript to open the default mail client and prefill all the data. However, I don't really like that. I'd really like a way to send an email directly from my site. I was even thinking that I could create a java applet to create my email page if that's possible.
There is no way to send an E-Mail from the client without the user's consent.
It would be a horrendous security problem if it were possible.
You could make use of a remote form mailing service like FormToEmail, though.
So in the past, I used ASP.NET pages to post a username and password from a login page. Since the code was located on the server and protected, the usernames and passwords were hidden from the user. Now, I have switched do a popup div on the page to login to the website. This div does not have an iframe in it, just pure html. I'd like it to authenticate without reloading the page. Obviously, the button inside the div will have to call a Javascript function. At this point, since I can't keep the username and passwords in Javascript because they are exposed, the only answer I have is to send the data to the server in the form of an AJAX request. Is AJAX the proper way to do this? What is to stop a hacker from posting thousands of AJAX requests and trying to hack the site?
Thank You.
Yes, you do an AJAX request. You want to use jQuery AJAX which makes it very easy.
For protection against a person doing thousands of attacks the best way is to only allow a given number of requests from the same IP address within a given amount of time - this is of course done server-side.
You could also make your script for checking credentials very slow so that it's not so easy to hammer your website with attempts. If you put a pause into your script of 3-5 seconds it will take a long time do many attempts. But of course, if someone makes many simultaneous attempts to your website it might not have the great effect without any other security measure at the same time.
In our project the managers receive emails with their tasks. The new requirement is to allow the managers to approve their tasks from the emails. Near every tasks is an "Approve" button that should be added to allow approvals of tasks without going to the site of the company.
How do I do it?
As for me, that is not possible. Most email clients will never run javascript, so you can't use ajax to call your server.
Another option - iframe with a form to set an approval in it. According to this in some email clients it will work. In others - no.
As for me, the most realistic way is to put a simple link. Click on it will open browser, of course, but you can make that page close itself after everything is done.
The last option I see is to send an email to some specific address, like approve_task#company.com with subject containing an ID of a task and establish listener which will check email received by approve_task#company.com and mark task as approved. No problem to make a mailto: link in email body. But you can't send any emails automatically. Managers will need to click it and send an email manually. So I do not think this is really good solution.
I want to send the email for html page. Is there any method to send the email silently i.e without opening the email client.
Can i have some method/way to do this using javascript or jquery ??
In this html page I dont want to show the client that any email is sending.
Any any help????
This isn't possible. And even if it was, it wouldn't be a cool thing to do.
If you want to send a web page via email why not just ask the user for their email address and then send it yourself server-side? You can use Ajax if you don't want to have a page refresh be required for this to work.
It is possible. SquareSend is one example. MailerJs is another. You only embed a tiny javascript in your webpage and you do not need a server.