Solved

lastpass auto fill login form

Posted on 2016-11-09
5
80 Views
Last Modified: 2016-11-14
We have a login form but lastpass does not detect it as a login form. The form is using an onclick event to call a php script via jQuery.

<form name="myform">
<table class="table" width=500 align="center">
        <tr>
                <td><b>Username:</b><br><input type="text" name="uuname" placeholder="User Name" size=20></td>
        </tr>
        <tr>                <td><b>Password:</b><br><input type="password" id="password" name="uupass" placeholder="Password" size=20 onkeypress="if(event.keyCode==13) { loginfrm(this.form); return false;}"></td>
        </tr>
        <tr>
                <td><center>
                <input type="button" value="Forgot Password" class="btn btn-warning" onclick="document.location.href='index.php?section=forgot_pw'">&nbsp;&nbsp;
                <input type="button" name="login" value="Login" class="btn btn-primary" onclick="loginfrm(this.form)"></center></td>
        </tr>
</table>
</form>


<script>
function loginfrm(myform) {
        $.get('ajax/login.php',
        $(myform).serialize(),
        function(php_msg) {
        $("#main_element").html(php_msg);
        });
}
</script>

Open in new window


How would I modify the onclick to tell lastpass this is a site that should be saved for auto fill.
0
Comment
Question by:Robert Saylor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 43

Accepted Solution

by:
Chris Stanyon earned 500 total points
ID: 41881079
LastPass advise that you don't use AJAX for your Login. It also advises that you don't use GET - you're using both.

Regardless of LastPass, you REALLY shouldn't be passing the users login details as part of the query string! That's a security problem just waiting to happen. At least use POST.

I think it would also help LastPass if you name your fields a little more in line with convention (username / password, rather than uuname / uupass)
1
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 41881158
Agree with Chris (I usually do).  Use POST because this changes the state of the server.  Use HTTPS because this contains sensitive information.
0
 

Author Comment

by:Robert Saylor
ID: 41881161
Thanks I am rewritting the login to use a form post instead of AJAX.
0
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 41881191
0
 
LVL 82

Expert Comment

by:leakim971
ID: 41881194
If you don't want to reload the page, you may use an iframe to post your form. Just set the target attribute of your form with the name of your iframe

<form target="my_iframe_name" method="post"

</form>
<iframe name="my_iframe_name"

You should be able to read content of the iframe using its load event as he share the same origin and protocol than with the page.
1

Featured Post

Enroll in May's Course of the Month

May’s Course of the Month is now available! Experts Exchange’s Premium Members and Team Accounts have access to a complimentary course each month as part of their membership—an extra way to increase training and boost professional development.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to write a Context Sensitive Help (an online help that is obtained from a specific point in state of software to provide help with that state) ,  first we need to make the file that contains all topics, which are given exclusive IDs. …
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
In this tutorial viewers will learn how to style a corner ribbon overlay for an image using CSS Create a new class by typing ".Ribbon":  Define the class' "display:" as "inline-block": Define its "position:" as "relative": Define its "overflow:" as …
The viewer will the learn the benefit of plain text editors and code an HTML5 based template for use in further tutorials.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question