Languages :: PHP :: PHP & Forms |
|||
By: PHP newbee  |
Date: 26/10/2004 00:00:00  |
Points: 60 | Status: Answered Quality : Excellent |
|
I have a login form on a page. The user enters their username an password. When they click the submit button they are sent to the next page. The values the user enters into boxes are added as they should be, to the query string. My only concern is that the query string looks as follows: "?username=admin&password=admin" as you can see it clearly shows the password which is far from ideal. is there a work around? many thanks in advance |
|||
| By: harwantgrewal | Date: 26/10/2004 20:14:00 | |
Type : Comment |
| just do one thing instead of using get method in form use post like <form name='login' method="post" action="url.php"> ..... </form> harry |
|||
| By: VGR | Date: 26/10/2004 20:32:00 | |
Type : Comment |
| yes or encrypt the PWD or use a session variable |
|||
| By: PHP newbee | Date: 26/10/2004 22:13:00 | |
Type : Comment |
| ??? i used the post method but it was still appended onto the query string. How can I put the value of the variable "password" into a session variable? without passing it to another or the same page? either way the password would still be added to the query string. any comments on my waffle? |
|||
| By: harwantgrewal | Date: 26/10/2004 22:21:00 | |
Type : Comment |
| you cannot do it without passing to other or same page here is one more thing I dont know how but its possible that you can just call a php within the flash and the php will return you the status and can assign session variable look at this <A HREF="http://www.neonyc.com">http://www.neonyc.com</A> open guest it send emails but you never know which url and which values :) Harry |
|||
| By: tilman | Date: 26/10/2004 22:37:00 | |
Type : Comment |
| Sorry harry, i couldnt understand your sentence? this must be an extremely common occurence? many thanks alan |
|||
| By: VGR | Date: 26/10/2004 23:00:00 | |
Type : Answer |
| if your FORM has action="..." METHOD=POST [enctype=...form-encoded] then the request URL should not contain the fields, and no more the QUERY_STRING nor the PATH_INFO Only in $_POST[] should you see the stuff. An other idea : use HIDDEN fields, just to check what I'm saying |
|||
| By: savatage | Date: 26/10/2004 23:15:00 | |
Type : Comment |
| yes, yes, use post method... |
|||
| By: harwantgrewal | Date: 26/10/2004 23:37:00 | |
Type : Comment |
| I want to tell you that there is a way that you can call a url within your flash file without opening a page and that php file can register the session and can return you a value from which you can display message in flash it self. Like the url I have give you in this when you click on guest you fill all the details and when you press submit button it calls a php which send email and return the relavent message to falsh that email has been sent or not. I think now I made myself more clear still if you have any problem feel free to ask Harry |
|||
| By: tilman | Date: 27/10/2004 00:32:00 | |
Type : Comment |
| I am not sure how the hidden field idea would work? If the field is hidden then how can a user type in there password? I will retry the post method during lunch hour, many thanks :) ps sorry harry, flash is out of the question! I dont make the rules i just follow them. |
|||
| By: harwantgrewal | Date: 27/10/2004 00:42:00 | |
Type : Assist |
| <form action="login.php" method="post" name="login" id="login"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td>User Name</td> <td><input name="user" type="text" id="user"></td> </tr> <tr> <td>Password</td> <td><input name="pass" type="password" id="pass"></td> </tr> <tr> <td><input type="submit" name="Submit" value="Submit"></td> <td> </td> </tr> </table> </form> This should work Harry |
|||
| By: Big_Red_Dog | Date: 27/10/2004 23:50:00 | |
Type : Assist |
| That's half the answer. In login.php, you access the values using $_POST['pass'] and $_POST['user']. |
|||
|
Do register to be able to answer |
|||
©2010 These pages are served without commercial sponsorship. (No popup ads, etc...). Bandwidth abuse increases hosting cost forcing sponsorship or shutdown. This server aggressively defends against automated copying for any reason including offline viewing, duplication, etc... Please respect this requirement and DO NOT RIP THIS SITE.
Please DO link to this page!
Contact
- Privacy
- Contact us
- Member Agreement
- Jobs for our Experts
- our friend ActuLab
- Carcasherdotcom Seocontest
- Add Your Link
- Bee Web Directory
- Discover Directory
- FFind Directory
- Link Velocity Directory
- The Little Web Directory
- Red Links
- Tranix
- 2space Global Directory
Fully downloaded more than 1313 Million times
Copyright © 2003 - 2012 The IT European Experts Organization
last update on : 23/07/2008 09:41:27 GMT 0 (CEST)
