Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

JavaScript send data to hidden fields on remote server

Posted on 2014-11-04
3
184 Views
Last Modified: 2014-12-10
Hi,

We have an FTP site with PHP that requires a username and password.  This site is for a school to upload videos to.  They are do not want have the students log in and would like the username and password passed for them through the CMS

The CMS allows for JavaScript to be implemented on their custom pages

For security purposes, I do not want to disable the username an password option.  I tried XSS but that is not working.  I tried:

https;//myftsite.com/index.php?username=test

 I need to find a way for those values to be passed through their CMS using JavaScript or HTML (their CMS will only support these).  Currently they are just using iframes and the url to connect to the site

Thank you for your help in advance
0
Comment
Question by:thomasm1948
  • 2
3 Comments
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 40422237
If you put the username and password in hidden fields on an HTML page, I can pretty well guarantee you that the students will have them in a week.  Many people 'View Source' on web pages and data in 'hidden fields' are there in plain text.

Look into using a PHP page to do the uploading although the size of the videos may make that impossible.
0
 

Author Comment

by:thomasm1948
ID: 40422342
These are small videos less that 2GB.  I was hoping that JavaScript could pass the values.  We are not worried about the student knowing the passwords being that this just going to be for a competition that they are having.  The instructor just doesn't want them to be hindered by a username and password.

So far the user security for is that once it is uploaded, even if they chose to use FileZilla, they will not be able to view any of the files on the server.  They student login can only upload files and the Instructor username has full permissions
0
 

Author Comment

by:thomasm1948
ID: 40422347
We are using PHP for the upload page.  Currently it requires a username and password.

The FTP site is at a remote location and has a PHP login page for uploading the files.

The CMS that the school is using makes it hard.  I tried C# inline coding and that does work on their system
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

JavaScript can be used in a browser to change parts of a webpage dynamically. It begins with the following pattern: If condition W is true, do thing X to target Y after event Z. Below are some tips and tricks to help you get started with JavaScript …
International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
In this fourth video of the Xpdf series, we discuss and demonstrate the PDFinfo utility, which retrieves the contents of a PDF's Info Dictionary, as well as some other information, including the page count. We show how to isolate the page count in a…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question