堆栈内存溢出
  简体   繁体   English

是否可以加载需要登录并为所有用户显示的仪表板(主)的小部件

[英]Is it possible to load a widget of a dashboard (master) that requires a login and display for all users

 原文  2014-04-08 22:41:41       javascript/ php/ jquery/ ajax/ json

问题描述

How safe is it? 有多安全? I'm assuming it's not to safe and additionally i'm assuming it's possible but not safe at the same time. 我假设这不是安全的,此外我假设这是可能的,但同时又不安全。

Right now i have a master login that displays data for all users; 现在,我有一个主登录名,可以显示所有用户的数据; specifically all the users that are top 10 users. 特别是排名前10位的所有用户。 I want to be able to display to everyone on the homepage (login not necessary) the data of these wigits. 我希望能够向主页上的每个人显示这些假发的数据(无需登录)。

Right now I'm using a simple iframe: 现在,我正在使用一个简单的iframe: 

<iframe src="https://newuser_news.dhtml?usepage=info-leaders.html" style="width:100%; height: 900px;"></iframe>

But of course, i'm the only one that can view the data, anyone else that i send the link to it boots them back to the homepage that requests a login. 但是,当然,我是唯一可以查看数据的人,我向其发送链接的其他任何人都将其引导回请求登录的主页。

Mind you i'm working a system that i do not have full access to, i do not have access to the classes or methods or the DB. 请注意,我正在使用一个我没有完全访问权限的系统,我没有访问这些类或方法或数据库的权限。 I do have the master username and password access. 我确实具有主用户名和密码访问权限。

I'm super stuck on this... Any help would be greatly appreciated. 我对此一无所知...任何帮助将不胜感激。

1 个解决方案

解决方案1
 1 已采纳  2014-04-08 23:05:00

The easiest way would be to get some access to the database to make your own modified widget that does not require any login. 最简单的方法是获得对数据库的某些访问权限,以制作自己的修改后的小部件,而无需任何登录。 Maybe the system has an API available that would get you the information you need (or they could make it available). 也许系统具有可用的API,它将为您提供所需的信息(或者他们可以使您可用)。

If you cannot get any access to the database and the system cannot be modified to make that widget login-free, you could write your own widget in php that uses cURL to get the original widget using the username and password and present that. 如果您无法获得对数据库的任何访问权限,并且无法修改系统以使该小部件免登录,则可以在php中编写自己的小部件,该小部件使用cURL来使用用户名和密码来获取原始小部件并显示出来。 You would have to store the username and password on your server for that, so I would not recommend that solution. 为此,您必须将用户名和密码存储在服务器上,所以我不建议您使用该解决方案。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 是否可以从仪表板小部件中创建新的小部件实例? - Is it possible to create new widget instances from within a Dashboard widget? 显示所有登录的用户 - Display all logged in users Google Analytics API JavaScript显示数据而无需登录仪表板上的用户 - Google Analytics API JavaScript show data without login to users on dashboard PowerBI-如何与所有经过身份验证的AD用户共享仪表板/报告? - PowerBI - how to share a dashboard/report to All Authenticated AD Users? 仪表板中的Wordpress Widget Freeze - Wordpress Widget Freeze in dashboard 登录后所有用户均被阻止 - All users been blocked after login 如何隐藏asp.net中仪表板页面加载中母版页中的div? - How to hide div present in master page on dashboard page load in asp.net? 如何将用户喜欢的“播放列表”加载到SoundCloud JS Widget Embedded Player中? - How to load “playlist” of a users likes into SoundCloud JS Widget Embedded Player? 获取所有用户并用vue js显示 - Fetch all users and display them with vue js 如何使用主模板在所有其他Javascript之前加载jquery - How to load jquery before all other javascript with master template
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM