enasni_mark
asked on
Only send certain fields
Is there anyway I can choose which fields i want sent in a posted form?
I currently have the fields user and pass and enc in a login form.
Enc is an encryption of pass.
I only want to send user and enc.
I have thought about just encrypting pass into the pass field when the user attempts to login, but i don't want to do it this way.
Is there any other option i can try?
I currently have the fields user and pass and enc in a login form.
Enc is an encryption of pass.
I only want to send user and enc.
I have thought about just encrypting pass into the pass field when the user attempts to login, but i don't want to do it this way.
Is there any other option i can try?
You could always add a onSubmit event that will remove the pass field from your form before sending it.
onSubmit="mForm.pass.value
onSubmit="mForm.pass.value
how are you encrypting your code?
he's not encrypting his code, just the password that the user enters. :)
<script language=javascript>
function submitform(){
document.myform2.user.valu
document.myform2.enc.value
myform2.submit()
}
</script>
<form name=myform1>
<input type=text name=user>
<input type=text name=pass>
<input type=text name=enc>
<input type=button onclick=submitform()>
</form>
<form name=myform2 action=page2.asp>
<input type=hidden name=user>
<input type=hidden name=enc>
<input type=button onclick=submitform()>
</form>
function submitform(){
document.myform2.user.valu
document.myform2.enc.value
myform2.submit()
}
</script>
<form name=myform1>
<input type=text name=user>
<input type=text name=pass>
<input type=text name=enc>
<input type=button onclick=submitform()>
</form>
<form name=myform2 action=page2.asp>
<input type=hidden name=user>
<input type=hidden name=enc>
<input type=button onclick=submitform()>
</form>
Depending on JS to do encryption is not a very good idea IMO.
If you need that much security, consider using SSL.
Otherwise, many serverside programming languages and databases provide ways to encrypt/decrypt passwords.
E.g. in PHP/MySQL:
$user = $_POST["username"];
$pass = $_POST["password"];
$q = "SELECT userid FROM users WHERE username='$user' AND password=MD5('$pass')";
if(mysql_num_rows( mysql_query($q) ) == 1)
$login_status = TRUE;
If you need that much security, consider using SSL.
Otherwise, many serverside programming languages and databases provide ways to encrypt/decrypt passwords.
E.g. in PHP/MySQL:
$user = $_POST["username"];
$pass = $_POST["password"];
$q = "SELECT userid FROM users WHERE username='$user' AND password=MD5('$pass')";
if(mysql_num_rows( mysql_query($q) ) == 1)
$login_status = TRUE;
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Thanks, :-)
<html>
<head>
<title></title>
<script type="text/javascript">
function encryptit(){
/*encryption
code
goes
here
*/
testform2.enc2.value = //encrypted password
testform2.user2.value = testform.user.value;
testform2.submit();
}
</script>
</head>
<body>
<form name="testform" onSubmit="encryptit();">
Username: <input type="text" name="user"><br>
Password: <input type="password"><br>
<div align="center"><input type="submit">
</form>
<form name="testform2" action="somepage" method="post">
<input type="hidden" name="enc2">
<input type="hidden" name="user2">
</form>