CP login via QR code

  • Apologies if this has already been covered - the only reference I've found to QR codes is a feature request (#1984) from 2011.

    I run a dozen CPs at various sites, for personal use. The majority of users are phone/tablet users, and we publish login details at each site and on our private intranet.

    It just occurred to me that it might be nice to offer a QR code to allow folk to login from. I can't think of any way to do this as neither password or voucher logins seem to work direct from a URL.

    Maybe there's a way that I've not thought of. Has anyone else achieved this?

    (I'm running 2.1.4)

  • It would probably be doable with a custom php page.

    The php page would take an argument in the url like ?voucherid=xyz

    add it to a hidden field and the user sees something like

    Are you sure you want to use voucher: xyz
    [Yes] [No]

    Then the QR code would be: urltophppage.php?voucherid=voucher

    EDIT: example of what the QR code might look like

    EDIT2: also, if you're not using vouchers you could still bring them to a page with an "I accept button" with a valid user/password hardcoded in hidden form fields.

  • What I did for a friend:

    Create a seperate PHP Page in the CP an include this:

    $username = $_GET['username'];
    $password = $_GET['password'];

    Here the Form part:

    Include the following in the URL:```

    In the example of Trel:

    $voucherid = $_GET['voucherid'];

    That will capture the ?voucherid=voucher as mentioned by Trel.
    There is one problem: Some of the QR Reader Apps need internet access. A great idea to implement your own App ;-) You will find a great Framework at Coogle Code.
    Also at Google you will find some great examples how to automate the QR generation for your vouchers. It's just a URL ;-)
    If you like to capture the URL via JavaScript, you might want to try to include this (untested, but it should work!):

    function getUrlVars()
        var vars = [], hash;
        var hashes = window.location.href.slice(window.location.href.indexOf('?') + 1).split('&');

    for(var i = 0; i < hashes.length; i++)
            hash = hashes[i].split('=');
            vars[hash[0]] = hash[1];

    return vars;

    var get = getUrlVars();[/i]

  • Thanks for the replies folks - I'm encouraged that the answers are positive and that gives me good reason to investigate this further. Unfortunately I've just had a pile of work dumped on me so I'm not sure when I'll be able to get around to it, but I'll update this thread as and when I can…

  • I have been testing the same solution but has not been deployed.

    Word 2013 handles the QR code creation (word field barcode) using mail merge to get the vouchers from the exported csv file.

  • Hello all, what was the end of this, did it work ? i would like to do the same , but how ?

  • How ?
    As stated above, it needs some PHP coding.

    Think about upgrading to a less ancient pfSense version first ;)

  • Ok, as far as i understand, i need to create a php file, how shoul i name the file ? then include all of this

    $username = $_GET['username'];
    $password = $_GET['password'];

    Sorry for the noob questions, but i dont really know how to code

  • Hi @milocheri,
    I think it should work like this:

    Your code should work, just with little changes to meet requirments of CP page content.

    Upload an HTML/PHP file for the portal page here (leave blank to keep the current one). Make sure to include a form (POST to "$PORTAL_ACTION$") with a submit button (name="accept") and a hidden field with name="redirurl" and value="$PORTAL_REDIRURL$". Include the "auth_user" and "auth_pass" and/or "auth_voucher" input fields if authentication is enabled, otherwise it will always fail. Example code for the form:

    Upload it as your CP custom login page.

  • Hi,

    I create qrcode with this link : http://xxxxxxxx.fr/ubhZKcJbY6a3 (replace xxxxxxxx.fr with other website, ubhZKcJbY6a3 is a voucher code)

    When user scan qrcode, it will redirect to portal auth page and the voucher field will autofill.
    If a user is redirected with other url, the voucher field will empty and he could authentificate with his credentials.

    									$URL = htmlspecialchars($_GET["redirurl"]);
    					if (strpos($URL, 'http://xxxxxxxx.fr') !== false) {
    						$Code = str_replace("http://xxxxxxxx.fr/", "", "$URL");
    					} else {
    						$Code = "";

Log in to reply