I am trying to use an existing MySQL database with a corresponding username and password to a Message Board database to allow users only to log-in once from the main site. Since this is a third-party Message Board, I have no clues as to how their password is encrypted. However, if I use the same username and password combination for the site's MySQL database and the Board's database, I think I might have a chance.

I tried passing the actual username and unencrypted password to the Board using the following URL parameter, and the whole thing works. The Board automatically logged-in the user without prompting for their username and password.

www.my_site.com/cgi-bin/my_board.cgi? action=login;temp_code=01;username=ACTUAL_USER_NAME;password=UNENCRYPTED_PASSWORD

But wouldn't loading the UNENCRYPTED_PASSWORD on the URL defeats the purpose of hiding the password?

So what I want is to use the existing username and password to access the board but that the user doesn't have to re-enter their username and password just to access the Message Board.

Is there a way to pass just the Session Variables to the board's log-in procedure?

www.my_site.com/cgi-bin/my_board.cgi? action=login;temp_code=01;username=SESSION_USER_NAME;password=SESSION_UNENCRYPTED_PASSWORD

I hope that I made my problem clear enough. Thanks for the help.

[edited by: jatar_k at 6:29 pm (utc) on Feb. 4, 2005]
[edit reason] fixed sidescroll [/edit]