Jump to content

How to encrypt form post data?


Recommended Posts

How can I encrypt POST data from a form? Basically, I want to ensure that the data on the form is not in plain text ever. Is this possible?

<form method="post">
<input type="text" name="email" size="40">
<input type="password" name="password"/>


Basically, when this posts, I want to do a foreach on $_POST and see something like:

password = 1f3870be274f6c49b3e31a0c6728957f

  and not

password = stringTheUserTyped


I hope what I'm asking for is clear.

(PHP 5.2.14)



Link to comment
Share on other sites

Well if your using it for a password sha1 of md5 could work, but its a one way trip : ) you can't decode it.



$plain_input = $_POST['input'];
$super_secret_output_lols = sha1($plain_input);
echo $plain_input.'<br />';
echo $super_secret_output_lols.'<br />';


-edit: afterwards you can ofc compare the sha1(userinput) and the sha1(string) which is stored in a database to do a authentication check. but decoding you can't

Link to comment
Share on other sites

Perhaps this is not clear.


Let's say that the code I wrote in my initial query is for a form on page 1. This will do a POST to page 2.


In page 2's code, I don't want to receive the POST message in plain text. If the "password" input field has a value of "mypassword" that the user typed in, I want to see the encrypted version of that string, not the actual string. I don't want the string to be visible to anyone at any point. How can I do that?

Link to comment
Share on other sites

Well, it IS a password field, after all. How do other sites do this? Surely when I sign into amazon, my password is encrypted, right? You wouldn't want network sniffers to grab passwords. If I went the JavaScript route, is that safe? How would that look?

Link to comment
Share on other sites

I have never done it, but i know there is something like OpenSSL. Free certificates to get that extra S behind http : )

But I never did this because my host wants too much money for it. But on xampp (local server) it's pretty easy, if i recall you dont have to fully rewrite any of your scripts. just place https before the domain

-edit: i just tested on xampp and if you just do https://localhost/index.php  it works without changing anything. might want to check it out

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.