How to multiple post PHP form onload for autologin cacti?

Question

I have html and javascript code like this.

<form action="http://MYCACTI/cacti/logout.php" name="logout_cacti" method="post"></form> 
<form action="http://MYCACTI/cacti/" name="auth_cacti" method="post">
<input type="hidden" name="action" value="login">
<input type="hidden" name="realm" value="local">
<input type="hidden" name="login_username" value="guest">
<input type="hidden" name="login_password" value="guest">
</form> 
<script>
window.onload = PageLoad;
function PageLoad(){
    Logout();
    Login();
}
function Logout(){
    setTimeout(document.forms['logout_cacti'].submit(), 4000);
} 
function Login(){
    setTimeout(document.forms['auth_cacti'].submit(), 4000);
}
</script>

The question is, i want to make autologin cacti in iframe, and the problem is if the session in cacti is destroyed or if we already logout from cacti the script is working fine, it can go autologin to the site. But if we already login into cacti, there is an error display like this.

You are not permitted to access this section of Cacti. If you feel that you need access to this particular section, please contact the Cacti administrator.

I have implemented javascript window.onload but nothing successful, this is the output from firebug.

Thank you.

can you check before the scripts if you are logged in in cacti or not? — MakeLoveNotWar, Nov 05 '15 at 09:12
@Manchary Manchaary, that's the problem, i don't know what variable to get from cacti site, to determine whether the user is login or not :( — Febry Citra Prawira Negara, Nov 05 '15 at 09:56
You are saying "...if the session...", have you got an access to that session / how do you know that the session is alive or dead? — MakeLoveNotWar, Nov 05 '15 at 10:29

Febry Citra Prawira Negara · Accepted Answer · 2015-11-07T03:15:21.317

Thanks to @Manchary Manchaary for the advise, after i'm searching finally, i use file that act as a session to solve my problem.

Here is the part code in my cacti, auth_login.php

/* Process the user  */
        if (sizeof($user) > 0) {
                cacti_log("LOGIN: User '" . $user["username"] . "' Authenticated", false, "AUTH");
                db_execute("INSERT INTO user_log (username,user_id,result,ip,time) VALUES (" . $cnn_id->qstr($username) . "," . $user["id"] . ",1,'"$
                /* is user enabled */
                $user_enabled = $user["enabled"];
                if ($user_enabled != "on") {
                        /* Display error */
                        auth_display_custom_error_message("Access Denied, user account disabled.");
                        exit;
                }

                /* set the php session */
                $_SESSION["sess_user_id"] = $user["id"];
                $sharesession = fopen("/var/www/html/session/session", "w") or die("Unable to open file!");             
                fwrite($sharesession, "start");
                fclose($sharesession);

i've add php code to save session if user is already login, the code is made php write "start" into the file called session.

And then here is my new php code cacti2.php for iframe in my website.

<?php 
$sharesession = fopen("/var/www/html/session/session", "r") or die("Unable to open file!");
$session = fread($sharesession,filesize("/var/www/html/session/session"));
fclose($sharesession);

if ($session == "start"){
        header("Location: http://MYCACTI/cacti/graph_view.php?action=tree&tree_id=1&leaf_id=8&select_first=true");
} 
else {
?>
        <form action="http://MYCACTI/cacti/" name="auth_cacti" method="post">
        <input type="hidden" name="action" value="login">
        <input type="hidden" name="realm" value="local">
        <input type="hidden" name="login_username" value="soc">
        <input type="hidden" name="login_password" value="telkom">
        </form> 
        <script>
        window.onload = PageLoad;
        function PageLoad(){
                Login();
        }
        function Login(){
                setTimeout(document.forms['auth_cacti'].submit(), 4000);
        }
</script>
<?php
}
?>

first, php will read file called session, if session file contains "start", then it will go automatically into cacti graph site, but if the session file contains "stop", it will automatically post with authentication in the form.

To handle, session file after logout, i added code in my cacti site, logout.php

include("./include/auth.php");

api_plugin_hook('logout_pre_session_destroy');

/* Clear session */
setcookie(session_name(),"",time() - 3600,"/");
session_destroy();
$sharesession = fopen("/var/www/html/session/session", "w") or die("Unable to open file!");             
                fwrite($sharesession, "stop");                  
                fclose($sharesession);

to write "stop" in session file, so my cacti2.php can read file if user is already logout, hope this help for the other, thanks.

time flies so fast – Febry Citra Prawira Negara Jul 15 '20 at 02:20 — Febry Citra Prawira Negara, Jul 15 '20 at 02:20

How to multiple post PHP form onload for autologin cacti?

1 Answers1