StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
text
Body
copied!<p>Here's my solution (using Javascript - but without user+password verification on the client). It's a hack - but I've got other fish to catch and miles to go before I eat.</p> <pre><code> The initial page call is this: http://YOUR.DOMAIN.COM/manager.php?p=login That prompts for the username and password - ala this: http://www.php.net/manual/en/features.http-auth.php After login some encryption is done on an authentication cookie - ala this: http://php.net/manual/en/function.mcrypt-decrypt.php - or this: http://php.net/manual/en/function.openssl-decrypt.php The cookie is set - ala this: http://www.php.net/manual/en/function.setcookie.php And then the php file calls this present page via the following - header('Location: http://YOUR2.DOMAIN.COM/p/page.html'); * YOUR2.DOMAIN.COM points to blogger; the page is this file here which will grab the file data and insert it into a div on the page - see info here: http://support.google.com/blogger/bin/static.py?hl=en&ts=1233381&page=ts.cs Based on the param and confirming that the cookie is valid, manager.php gets the real file data and sends it out - ala this: http://php.net/manual/en/function.file-get-contents.php </code></pre> <p>Just drop the following into a blank Blogger page - taking care to replace the instances of YOUR.DOMAIN.COM</p> <pre><code><script type="text/javascript" src="http://YOUR.DOMAIN.COM/scripts/jquery-1.8.3.min.js"></script> <script type='text/javascript'> var $pageUrl = "http://YOUR.DOMAIN.COM/manager.php?p=page1"; // so cool how you could setup your own domain! function doInitStuff() { if ($alreadyInited) return; $alreadyInited = true; // a little hack - because though I said share cookies among (*) ".DOMAIN.COM" it wasn't getting sent // although it's obviously there since we get it here on YOUR2.DOMAIN.COM (originally set on YOUR.DOMAIN.COM) $cookies = document.cookie; $result = $.ajax ({ type: "GET", url: $pageUrl, dataType: 'json', // or whatever async: false, // force this to complete before moving on (should be quick though - since already logged in) // username: 'username', // would get these from a prompt/html form - but should have already gone directly to the site to authenticate // password: 'password', // did it that way, because wasn't able to get the u/p to be properly sent... this new way is better anyway data: $cookies, // send along the cookies - they should show up in $_GET success: function (result, status, jqXHR){ // good - but for some reason wasn't getting result - just move on... }, error: function (){ // not good } }); if ($result.status == 200) { // insert our data into our nice Div $('#realpageinfo').html($result.responseText); } // grrrrrr. ie strikes again! use iframes instead var isMSIE = eval("/*@cc_on!@*/!1"); if ($('#realpageinfo').html() == '' || isMSIE) { //$('#realpageinfo').replaceWith("<div id='realpageinfo' style='font-weight:bold;color:red'>Internet Explorer? Sorry, but please use a different Browser.</div>"); $('#realpageinfo').replaceWith("<div id='realpageinfo'><iframe id='realpageframe' style='width:100%;height:700px' src='" + $pageUrl + "'></iframe></div>"); } } // Don't mind this - multiple ways to ensure the main worker function is called var $alreadyInited = false; $(document).ready(function() { doInitStuff(); }); window.addEventListener('DOMContentLoaded',function() { doInitStuff(); }); </script> <div id='realpageinfo'></div> </code></pre> <p>Now for the server side</p> <pre><code><?php $cookieName = 'my_auth_cookie'; $loggedInCookieVal = $_COOKIE[$cookieName]; if (!isset($loggedInCookieVal)) { $loggedInCookieVal = $_GET[$cookieName]; // was it passed in instead of coming through the Cookie channel? } // if $loggedInCookieVal is set, decrypt it and pull username + pwd from it - if succeeds, set $cookieValsDecrypted // otherwise see if the user just sent them back in response to a challenge // these are empty before login - and set in response to the challenge $curUser = $_SERVER['PHP_AUTH_USER']; $curPswd = $_SERVER['PHP_AUTH_PW']; if (!$cookieValsDecrypted && (!isset($curUser) || !isset($curPswd))) { // ask the user to authenticate (again if have to) header('WWW-Authenticate: Basic realm="YOUR.DOMAIN.COM"'); header('HTTP/1.0 401 Unauthorized'); echo "You gotta login bud - but you canceled instead"; exit; } else { // check $curUser and $curPswd against a db or .htpasswd file, etc - or check $cookieValsDecrypted // if all good then send the file if ($matched) { switch($_GET['p']) { case 'login': // just came here to login - now done, go on to the real page that pulls the value header('Location: http://YOUR2.DOMAIN.COM/p/page.html'); break; case 'page1': echo file_get_contents ('./page1.txt'); // show the date break; } } else { // else send the auth request again header('WWW-Authenticate: Basic realm="YOUR.DOMAIN.COM"'); header('HTTP/1.0 401 Unauthorized'); echo "Try something else, maybe"; } } ?> </code></pre> <p>That's it... feel free to improve. See it in action here <a href="http://ClyntonCaines.Com" rel="nofollow">ClyntonCaines.Com</a></p>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload