?
Solved

PHP & Forms

Posted on 2003-02-26
15
Medium Priority
?
208 Views
Last Modified: 2008-03-06
I have a login form on a page.  The user enters their username an password.  When they click the submit button they are sent to the next page.  

The values the user enters into boxes are added as they should be, to the query string.  My only concern is that the query string looks as follows:

"?username=admin&password=admin"

as you can see it clearly shows the password which is far from ideal.  is there a work around?

many thanks in advance



0
Comment
Question by:tilman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 2
  • +2
15 Comments
 
LVL 5

Expert Comment

by:harwantgrewal
ID: 8023871
just do one thing instead of using get method in form use post like
<form name='login' method="post" action="url.php">
.....
</form>

harry
0
 
LVL 15

Expert Comment

by:VGR
ID: 8023954
yes
or encrypt the PWD
or use a session variable
0
 

Author Comment

by:tilman
ID: 8024441
???

i used the post method but it was still appended onto the query string.  How can I put the value of the variable "password" into a session variable? without passing it to another or the same page?  either way the password would still be added to the query string.

any comments on my waffle?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 5

Expert Comment

by:harwantgrewal
ID: 8024475
you cannot do it without passing to other or same page here is one more thing I dont know how but its possible that you can just call a php within the flash and the php will return you the status and can assign session variable look at this
http://www.neonyc.com open guest it send emails but you never know which url and which values :)

Harry
0
 

Author Comment

by:tilman
ID: 8024524
???

i used the post method but it was still appended onto the query string.  How can I put the value of the variable "password" into a session variable? without passing it to another or the same page?  either way the password would still be added to the query string.

any comments on my waffle?
0
 

Author Comment

by:tilman
ID: 8024547
Sorry harry, i couldnt understand your sentence?  this must be an extremely common occurence? many thanks alan
0
 
LVL 15

Accepted Solution

by:
VGR earned 80 total points
ID: 8024657
if your FORM has action="..." METHOD=POST [enctype=...form-encoded] then the request URL should not contain the fields, and no more the QUERY_STRING nor the PATH_INFO

Only in $_POST[] should you see the stuff.

An other idea : use HIDDEN fields, just to check what I'm saying
0
 

Expert Comment

by:savatage
ID: 8031022
yes, yes, use post method...
0
 
LVL 5

Expert Comment

by:harwantgrewal
ID: 8031505
I want to tell you that there is a way that you can call a url within your flash file without opening a page and that php file can register the session and can return you a value from which you can display message in flash it self. Like the url I have give you in this when you click on guest you fill all the details and when you press submit button it calls a php which send email and return the relavent message to falsh that email has been sent or not. I think now I made myself more clear still if you have any problem feel free to ask

Harry
0
 

Author Comment

by:tilman
ID: 8031657
I am not sure how the hidden field idea would work? If the field is hidden then how can a user type in there password?

I will retry the post method during lunch hour, many thanks :)

ps

sorry harry, flash is out of the question!  I dont make the rules i just follow them.
0
 
LVL 5

Assisted Solution

by:harwantgrewal
harwantgrewal earned 80 total points
ID: 8031694
<form action="login.php" method="post" name="login" id="login">
  <table width="100%" border="0" cellspacing="0" cellpadding="0">
    <tr>
      <td>User Name</td>
      <td><input name="user" type="text" id="user"></td>
    </tr>
    <tr>
      <td>Password</td>
      <td><input name="pass" type="password" id="pass"></td>
    </tr>
    <tr>
      <td><input type="submit" name="Submit" value="Submit"></td>
      <td>&nbsp;</td>
    </tr>
  </table>
</form>


This should work

Harry
0
 
LVL 7

Assisted Solution

by:Big_Red_Dog
Big_Red_Dog earned 80 total points
ID: 8033132
That's half the answer.  In login.php, you access the values using $_POST['pass'] and $_POST['user'].
0
 
LVL 7

Expert Comment

by:Big_Red_Dog
ID: 8547269
Did any of this help you?  If so, please award a grade to close this question.
0

Featured Post

WordPress Tutorial 2: Terminology

An important part of learning any new piece of software is understanding the terminology it uses. Thankfully WordPress uses fairly simple names for everything that make it easy to start using the software.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
Developers of all skill levels should learn to use current best practices when developing websites. However many developers, new and old, fall into the trap of using deprecated features because this is what so many tutorials and books tell them to u…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question