Re: Cron Job to bypass login

Hi David,

Try adding &Submit=Login to the URL. Only do this if your on a dedicated server, and even then with caution. Putting the admin username and password on a GET style URL will cause both to be logged in your web server access log.

You're better off using wget to do a POST action URL, using https of course. This way the username and password are both encrypted (via the SSL connection) and POST data isn't normally recorded to log files.

If none of this works out for you, give me a shout offline. I've written several command-line utilities for performing automated actions in Miva Merchant 5 stores. I have a toolkit I've been building just for this type of use.

Best,
James

Re: Cron Job to bypass login

I tried adding the submit=login, but it didn't help. I will email you offline.

Re: Cron Job to bypass login

James,

Are you saying you could use a form in a html file like below? Then use onload event to submit the form.

<FORM NAME="Run_FILE" METHOD="POST" ACTION="https://www.pinemporium.com/mm5/admin.mvc?">

<INPUT TYPE="hidden" NAME="Screen" VALUE="SUTL">
<INPUT TYPE="hidden" NAME="Action" VALUE="SUTL">
<INPUT TYPE="hidden" NAME="Store_Code" VALUE="PE">
<INPUT TYPE="hidden" NAME="Module_Code" VALUE="powrsrch">
<INPUT TYPE="hidden" NAME="pass" VALUE="1">
<input type="hidden" name="powrsrch_rebuild" size="6" value="1000">
<input type="hidden" size=25 name="UserName" VALUE="temp">
<input type="hidden" size=25 name="Password" VALUE="xxxx">
<input type="hidden" name="Provision" value="Yes">
</form>

The user and password would not get put in the log as a POST and since it is https it would be sent encrypted. Is that right?

How would you hide the html file this form is in. If it is in a documents directory, anybody could view the source and see the password. Or is there some way to put this where only the cron would run/see it?

Or is there a way to write the cron so it is a http link that would run.

Re: Cron Job to bypass login

Hi Bill -

Definitely not - don't want any HTML pages living anywhere that would contain a user admin name and password.

What I'm suggesting is to use a tool like wget, available on all flavors of Unix, including Cygwin for Win32. It's a command line tool that can be used to automate http/s GETs and POSTs, can even store cookies (eg: session variables), etc.

You could call the wget script directly via cron, or even a Perl or bash script that runs the wget and does other neat things.

Best,
James

Re: Cron Job to bypass login

You had mentioned wget higher up in this thread so I took a look at it. It was not clear to me how that would run a https as a post. Is there anything that needs to be done for that?

Also, it said that javascript was not supported. The routine that David is trying to run exports products. In that export, it uses javascript to reload the screen if it is going to exceed the timeout. Would the merchant.mvc not work for the javascript screen reload when using wget? Is there a timeout associated with using wget? The reload is configurable to the number of records so one could change it to 999999 instead of the default 1000. Course it might run 10 hours.