I have html and javascript code like this.
<form action="http://MYCACTI/cacti/logout.php" name="logout_cacti" method="post"></form>
<form action="http://MYCACTI/cacti/" name="auth_cacti" method="post">
<input type="hidden" name="action" value="login">
<input type="hidden" name="realm" value="local">
<input type="hidden" name="login_username" value="guest">
<input type="hidden" name="login_password" value="guest">
</form>
<script>
window.onload = PageLoad;
function PageLoad(){
Logout();
Login();
}
function Logout(){
setTimeout(document.forms['logout_cacti'].submit(), 4000);
}
function Login(){
setTimeout(document.forms['auth_cacti'].submit(), 4000);
}
</script>
The question is, i want to make autologin cacti in iframe, and the problem is if the session in cacti is destroyed or if we already logout from cacti the script is working fine, it can go autologin to the site. But if we already login into cacti, there is an error display like this.
You are not permitted to access this section of Cacti. If you feel that you need access to this particular section, please contact the Cacti administrator.
I have implemented javascript window.onload
but nothing successful, this is the output from firebug.
Thank you.
Thanks to @Manchary Manchaary for the advise, after i'm searching finally, i use file that act as a session to solve my problem.
Here is the part code in my cacti, auth_login.php
/* Process the user */
if (sizeof($user) > 0) {
cacti_log("LOGIN: User '" . $user["username"] . "' Authenticated", false, "AUTH");
db_execute("INSERT INTO user_log (username,user_id,result,ip,time) VALUES (" . $cnn_id->qstr($username) . "," . $user["id"] . ",1,'"$
/* is user enabled */
$user_enabled = $user["enabled"];
if ($user_enabled != "on") {
/* Display error */
auth_display_custom_error_message("Access Denied, user account disabled.");
exit;
}
/* set the php session */
$_SESSION["sess_user_id"] = $user["id"];
$sharesession = fopen("/var/www/html/session/session", "w") or die("Unable to open file!");
fwrite($sharesession, "start");
fclose($sharesession);
i've add php code to save session if user is already login, the code is made php write "start" into the file called session
.
And then here is my new php code cacti2.php
for iframe in my website.
<?php
$sharesession = fopen("/var/www/html/session/session", "r") or die("Unable to open file!");
$session = fread($sharesession,filesize("/var/www/html/session/session"));
fclose($sharesession);
if ($session == "start"){
header("Location: http://MYCACTI/cacti/graph_view.php?action=tree&tree_id=1&leaf_id=8&select_first=true");
}
else {
?>
<form action="http://MYCACTI/cacti/" name="auth_cacti" method="post">
<input type="hidden" name="action" value="login">
<input type="hidden" name="realm" value="local">
<input type="hidden" name="login_username" value="soc">
<input type="hidden" name="login_password" value="telkom">
</form>
<script>
window.onload = PageLoad;
function PageLoad(){
Login();
}
function Login(){
setTimeout(document.forms['auth_cacti'].submit(), 4000);
}
</script>
<?php
}
?>
first, php will read file called session
, if session
file contains "start", then it will go automatically into cacti graph site, but if the session file contains "stop", it will automatically post with authentication in the form.
To handle, session
file after logout, i added code in my cacti site, logout.php
include("./include/auth.php");
api_plugin_hook('logout_pre_session_destroy');
/* Clear session */
setcookie(session_name(),"",time() - 3600,"/");
session_destroy();
$sharesession = fopen("/var/www/html/session/session", "w") or die("Unable to open file!");
fwrite($sharesession, "stop");
fclose($sharesession);
to write "stop" in session
file, so my cacti2.php
can read file if user is already logout, hope this help for the other, thanks.