doubledee Posted April 26, 2011 Share Posted April 26, 2011 I have a Credit Card Payment Form. A few things... 1.) For non-financial fields, I'm using a "sticky form". <label for="firstName">First Name:</label> <input id="firstName" name="firstName" class="text" type="text" maxlength="20" value="<?php echo $firstName; ?>" /> After the user successfully submits the form, how can I erase these values out? Right now, if you hit the "Back" button, the form data is still there, which isn't very secure?! 2.) I read somewhere, that HTML secretly cache form values, and there is something you add to your HTML to prevent these - especially on the Credit Card # field. Any idea what I'm talking about? BTW, I'm not using Cookies, Sessions, or a DB to store any form data. Thanks, Debbie Quote Link to comment Share on other sites More sharing options...
micah1701 Posted April 26, 2011 Share Posted April 26, 2011 if you hit the back button, thats the browser re-displaying the cache. there's nothing you can do about that. if you're not using sessions, cookies or a database, you shouldn't need to worry about data being secretly stored on your server somewhere. if you're transmititng credit cards though, you should be usings SSL ( https:// mode ) to encrypt the info entered in the browser before it gets sent accross the net to your server. as for clearing out "sticky" values... it looks like you're using global variables. ordinarily a variable, like "$firstname" only contains its value in the script inwhich its being called. By posting your data through a form, the value of $firstname is carried along. Best practice is to have globals turned off. Instead of: <?php echo $firstName; ?> with globals off, $firstName will no longer have a value when the page loads... instead you have to use <?php echo $_POST['firstName']; ?> in your case, if you really want to "clear" out your global variable, just give it a new value. for example <?php $firstName = null; ?> Quote Link to comment Share on other sites More sharing options...
doubledee Posted April 26, 2011 Author Share Posted April 26, 2011 if you hit the back button, thats the browser re-displaying the cache. there's nothing you can do about that. There isn't a way to clear the browser cache after the form is submitted?? if you're transmititng credit cards though, you should be usings SSL ( https:// mode ) to encrypt the info entered in the browser before it gets sent accross the net to your server. Got one. as for clearing out "sticky" values... it looks like you're using global variables. ordinarily a variable, like "$firstname" only contains its value in the script inwhich its being called. By posting your data through a form, the value of $firstname is carried along. Best practice is to have globals turned off. All I am doing is: $firstName = $_POST['firstName']; No Globals are being used. Instead of: <?php echo $firstName; ?> with globals off, $firstName will no longer have a value when the page loads... instead you have to use <?php echo $_POST['firstName']; ?> in your case, if you really want to "clear" out your global variable, just give it a new value. for example <?php $firstName = null; ?> You lost me here. You are saying that using $firstName makes it global? Debbie Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.