How to Check if a .NET Passport is valid

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
ice!
Forum Newbie
Posts: 5
Joined: Fri Jan 28, 2005 6:12 pm

How to Check if a .NET Passport is valid

Post by ice! »

How to Check if a .NET Passport is valid before accepting the user.

Hi,

I am wondering how to make a PHP Script so when someone enters their email address (.NET Passport) and password on my own webpage it verifies it with http://www.hotmail.com (http://login.passport.net/uilogin.srf?id=2) to check if the account and password is real. If the address is real it passes them to another page or something…

I just started PHP not very long ago so my PHP skiils are not the best so please help. :wink:

Thanks in advance,
Peter :)
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

you want your script to log into their passport account? What makes you think a user would give you their password?
hunterhp
Forum Commoner
Posts: 46
Joined: Sat Jan 22, 2005 5:20 pm
Contact:

Post by hunterhp »

I doubt just anyone can check if .NET passport users. I think Passport is a Microsoft product, so I think you have to pay before using it.

Of course, I haven't researched this, but given the websites that use Passport, it seems what I said is right...
qads
DevNet Resident
Posts: 1199
Joined: Tue Apr 23, 2002 10:02 am
Location: Brisbane

Post by qads »

.NET passports are not always hotmail accounts, i.e. mine is my ISP email address.
ice!
Forum Newbie
Posts: 5
Joined: Fri Jan 28, 2005 6:12 pm

It is possible but unsure myself how-to do it

Post by ice! »

It is possible, eBay used to let their clients used their .NET Passport (email address) to login.

Also to back this up I know it is possible because I have done it before with Visual Basic. I don’t know enough about the functions of PHP to do it in PHP though.

Is it possible to use a POST/GET-REQUEST to http://www.hotmail.com (http://login.passport.net/uilogin.srf?id=2) and check for the words “Invalid Password” and return the address as invalid, and if the page doesn’t return “Invalid Password” then return that the password and email address is correct???
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

it's possible.. using curl or fsockopen.. however I still don't see why a user would give you their password, that's asking for abuse.

It would have to be done through the Passport site, not hotmail. Hotmail is a client of the Passport system.
ice!
Forum Newbie
Posts: 5
Joined: Fri Jan 28, 2005 6:12 pm

Post by ice! »

Uhmm I don’t need to use it for abuse. To use my site you need to log-in to verify the user in order for the add-on I created on Visual Basic that relies on custom HTML pages to work correctly.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

have fun convincing users to give you their passwords.. :roll:
ice!
Forum Newbie
Posts: 5
Joined: Fri Jan 28, 2005 6:12 pm

Post by ice! »

feyd wrote:have fun convincing users to give you their passwords.. :roll:
For the last time their not giving me their passwords, the PHP script checks if for validity and redirects them to the appropriate page. None of the passwords are stored on the server. No offence but I expected a appropriate answer from an Admin.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

in order to validate the user, you'd need to know their password. You appeared to be asking for an automated verification method. For which I told you some paths. You never said anything about redirection to the .Net Passport site.
ice!
Forum Newbie
Posts: 5
Joined: Fri Jan 28, 2005 6:12 pm

Post by ice! »

feyd wrote:in order to validate the user, you'd need to know their password. You appeared to be asking for an automated verification method. For which I told you some paths. You never said anything about redirection to the .Net Passport site.
ohh okay sorry... Im wishing to have something like they used to have on eBay about 2 years ago.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

I gave you some direction if you reread my posts. Those suggestions were based on exactly what you wre asking about: post and get request capability.
User avatar
itsmani1
Forum Regular
Posts: 791
Joined: Mon Sep 29, 2003 2:26 am
Location: Islamabad Pakistan
Contact:

Post by itsmani1 »

Well guys Microsoft .Net provides some thing to confirm .Net Passport account.
i hav't used that but heard about that.
Post Reply