On Apr 30, 2007, at 3:54 AM, Frans Gouverne wrote:
Currently I let the customer automatically login to the
send_url_email (Send a web page) screen from the CMS in a new window:/cgi-bin/dada/mail cgi?f=login&admin_password='+password +'&auth_state=1&admin_list='+mylist +'&admin_option1=f=send_url_email&admin_option2=url='+newsletter_url;
I had someone ask a similar question on the boards, so I decided to
start some docs (which I said I was going to do anyways) on how to
programmically log into the Dada Mail list control panel
It's a bit
rough, but extrapolates on your ideas - I don't quite pass the
optional arguments though
Here's the docs so far:
Automatic Logging into the list control panel
The login/session system of Dada Mail is based on some sort of
session
information that's saved on the server side and a cookie that
resides on
the client's web browser
It's slightly awkward to re-implement such a system from another
program, yet it honestly *could* be done
A pre-filled out form
An easier way, if all you want to do is to, say, have a button in
another program's control panel that let's you go right to the
Dada Mail
list control panel is to pre-fill in the form fields required
A
simple,
already filled in form would look like so:
<form action="http://example
com/cgi-bin/dada/mail
cgi"
method="post">
<input type="hidden" name="f" value="login" />
<input type="hidden" name="process" value="true" />
<input type="hidden" name="admin_list" value="yourlist" />
<input type="hidden" name="admin_password"
value="yourpassword" />
And that's all there really is to it
Breaking that down:
* http://example
com/cgi-bin/dada/mail
cgi
The URL to your own Dada Mail
* f Throughout Dada Mail, f is used as a shorthand for,
function In this case, the function is to login
* process
Set this to, "true"
* admin_list
This should be set to the listshortname of the list you want
to log in to
* admin_password
This is either the list password, or, the Dada Mail Root
Password
If all this information is correct, you should be able to log
into the Dada Mail list
There's one more field you can pass in this form and that is
referer
If
set, it'll redirect you to a specific screen in Dada Mail
For
example,
if you want to log in directly to the, add list control panel,
add this
into the form:
<input type="hidden" name="referer" value="http://example
com/
cgi-bin/dada/mail cgi?f=add" />
Where "http://example
com/cgi-bin/dada/mail
cgi" is the URL to
your Dada Mail
A shortcoming to this technique is that the password required to
log in
will be visible in the source of the HTML you have embedded this
button
Not so good
Call the screen by mimicking a web browser
Another idea is to write a simple WWW client that'll then post
the CGI
paramaters to Dada Mail and then print back the results
In this
case,
the results will return the cookie information needed to keep the
session alive (or really, start the session), The refresh to the
list
control panel and the HTML t that says, "Hey! We're logging in!":
#!/usr/bin/perl
use strict;
my $Dada_Mail_URL = 'http://example
com/cgi-bin/dada/mail
cgi';
my $List = 'yourlist';
my $Password = 'yourpassword';
my $Referer = '';
my $F = 'login';
my $Process = 'true';
use CGI;
my $q = new CGI(
{
admin_list => $List,
admin_password => $Password,
f => $F,
referer => $Referer,
process => 'process',
}
);
use HTTP::Request;
use LWP::UserAgent;
my $ua = LWP::UserAgent->new;
$ua->agent("MyApp/0
1 ");
my $req = HTTP::Request->new(POST => $Dada_Mail_URL);
$req->content_type('application/x-www-form-urlencoded');
$req->content($q->query_string());
my $res = $ua->request($req);
if ($res->is_success) {
my $doc = $res->as_string;
my ($headers, $body) = split("\n\n", $doc, 2);
my @header_lines = split( /\n(?!\s)/, $headers);
foreach my $header(@header_lines){
my ($label, $value) = split(/:\s*/, $header, 2);
if($label =~m/(Refresh|Set\-Cookie)/){
print $header
"\n";
}
}
print $q->header();
print $body;
}
else {
print $q->header();
print $res->status_line, "\n";
}
In the above script, you'll have to fill in the first 6
variables with the correct information
This still leaves the problem of having the password embedded in
the sourcecode of the script
Keeping the List Password Sync'd with the hosting account password One way to get around this, is either save the password in a safer place, or keep the password sync'd with your account password
Regardless of how you've saved the account password, you're
going to need a way to fetch a clear-text (unencrypted) version of it
Then, add something like this to your script that keeps all this
info sync'd up:
use DADA::MailingList::Settings;
use DADA::Security::Password;
my $ls = DADA::MailingList:Settings->new(-List => 'my_list');
$ls->save({
password => DADA::Security::Password::encrypt_passwd
('your_password'), });
Start a new thread, email: dadadev@dadamailproject.com
This is the developer discussion mailing list for Dada Mail.
If you are just looking for support Dada Mail, consult the message boards at:
https://forum.dadamailproject.com
Documentation for Dada Mail:
Specifically, see the Error FAQ:
https://dadamailproject.com/d/FAQ-errors.pod.html
To post to this list, send a message to:
mailto:dadadev@dadamailproject.com
All subscribers of this list may post to the list itself.
Topics that are welcome:
Dada Mail is on Github:
https://github.com/justingit/dada-mail/
If you would like to fork, branch, send over PRs, open up issues, etc.
This Privacy Policy is for this mailing list, and this mailing list only.
Email addresses collection through this mailing list are used explicitly to work within this email discussion list.
We only collect email addresses through our Closed-Loop Opt-In system.
We don't use your email address for any other purpose.
We won't be sharing your email address with any other entity.
Unsubscription can be done at any time. Please contact us at: justin@dadamailproject.com for any help regarding your subscription, including removal from the mailing list.
All mailing list messages sent from us will include a subscription removal link, which will allow you to remove yourself from this mailing list automatically, and permanently.
All consent to use your email address for any other purpose stated at the time of the mailing list subscription will also be revoked upon mailing list removal.