lastpass auto fill login form

We have a login form but lastpass does not detect it as a login form. The form is using an onclick event to call a php script via jQuery.

<form name="myform">
<table class="table" width=500 align="center">
        <tr>
                <td><b>Username:</b><br><input type="text" name="uuname" placeholder="User Name" size=20></td>
        </tr>
        <tr>                <td><b>Password:</b><br><input type="password" id="password" name="uupass" placeholder="Password" size=20 onkeypress="if(event.keyCode==13) { loginfrm(this.form); return false;}"></td>
        </tr>
        <tr>
                <td><center>
                <input type="button" value="Forgot Password" class="btn btn-warning" onclick="document.location.href='index.php?section=forgot_pw'">&nbsp;&nbsp;
                <input type="button" name="login" value="Login" class="btn btn-primary" onclick="loginfrm(this.form)"></center></td>
        </tr>
</table>
</form>


<script>
function loginfrm(myform) {
        $.get('ajax/login.php',
        $(myform).serialize(),
        function(php_msg) {
        $("#main_element").html(php_msg);
        });
}
</script>

Open in new window


How would I modify the onclick to tell lastpass this is a site that should be saved for auto fill.
Robert SaylorSenior DeveloperAsked:
Who is Participating?
 
Chris StanyonConnect With a Mentor Commented:
LastPass advise that you don't use AJAX for your Login. It also advises that you don't use GET - you're using both.

Regardless of LastPass, you REALLY shouldn't be passing the users login details as part of the query string! That's a security problem just waiting to happen. At least use POST.

I think it would also help LastPass if you name your fields a little more in line with convention (username / password, rather than uuname / uupass)
1
 
Ray PaseurCommented:
Agree with Chris (I usually do).  Use POST because this changes the state of the server.  Use HTTPS because this contains sensitive information.
0
 
Robert SaylorSenior DeveloperAuthor Commented:
Thanks I am rewritting the login to use a form post instead of AJAX.
0
 
leakim971PluritechnicianCommented:
If you don't want to reload the page, you may use an iframe to post your form. Just set the target attribute of your form with the name of your iframe

<form target="my_iframe_name" method="post"

</form>
<iframe name="my_iframe_name"

You should be able to read content of the iframe using its load event as he share the same origin and protocol than with the page.
1
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.