crmamx Posted February 9, 2011 Share Posted February 9, 2011 How do I retain a password as a user navigates from page to page without having to ask him for it again. I do not need it to protect the page, I need it to execute whatever selection he makes. enter_psw.html // this is a form verify_psw.php // I have the password here menu1.html // I don't have the password here and need it display_records add_record.php change_record.php delete_record_php Quote Link to comment https://forums.phpfreaks.com/topic/227160-how-do-i-retain-a-password-in-programs/ Share on other sites More sharing options...
zenlord Posted February 9, 2011 Share Posted February 9, 2011 You *never* retain a password - that is a huge security flaw. You can check if a user has provided you with a valid combination of username and password and then set a variable (f.e. $loggedIn) to 1. That variable can be set in a session or cookie, so you can check on every page if $_SESSION['loggedIN'] or $_COOKIE['loggedIn'] is set to 1. Of course, to be secure, you need to read up a lot on this stuff... Quote Link to comment https://forums.phpfreaks.com/topic/227160-how-do-i-retain-a-password-in-programs/#findComment-1171777 Share on other sites More sharing options...
PFMaBiSmAd Posted February 9, 2011 Share Posted February 9, 2011 or cookie You would never use a cookie with a simple value in it to indicate someone is logged in because anyone could set that cookie themselves and become logged into a site. You can use a cookie to identify someone (using a unique and hard to guess value), but you must only use a value stored on the server to indicate if they are logged in. Quote Link to comment https://forums.phpfreaks.com/topic/227160-how-do-i-retain-a-password-in-programs/#findComment-1171778 Share on other sites More sharing options...
crmamx Posted February 9, 2011 Author Share Posted February 9, 2011 You *never* retain a password - that is a huge security flaw. I don't understand this. I am capturing the user input (maybe password is the wrong nomenclature) from the form in the php program using Post. Then I link to my file: (and select only one record). ID Number........ect. 1 804333 2 398434 3 804333 4 354778 If the search=0, then either the password is invalid or that user does not have any records in the file. It prints an error message. If the search=1, it will print a link to the menu program. In either case, neither the form or the php program returns the "password" to the browser. So what is it I don't know? Secondly: If the search=1, then the user will link to the next program (html) which will present 4 options. display add change delete When he selects the option it will link to a php program. And here is where I need the number he entered in the form when he started. Quote Link to comment https://forums.phpfreaks.com/topic/227160-how-do-i-retain-a-password-in-programs/#findComment-1171821 Share on other sites More sharing options...
BlueSkyIS Posted February 9, 2011 Share Posted February 9, 2011 retain info from page to page: sessions. Quote Link to comment https://forums.phpfreaks.com/topic/227160-how-do-i-retain-a-password-in-programs/#findComment-1171868 Share on other sites More sharing options...
crmamx Posted February 9, 2011 Author Share Posted February 9, 2011 Many thanks. Short and right on the money. I had searched the tutorials and could not find the answer. Quote Link to comment https://forums.phpfreaks.com/topic/227160-how-do-i-retain-a-password-in-programs/#findComment-1171873 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.