williamt74 Posted January 9, 2013 Share Posted January 9, 2013 I am trying to write a secure login for my site using php and javascript to not send a password in plain text. I am trying to hide and hash the password prior to processing it and giving the user access to the system. The problem I am havng is only with IE. When i type in the username and password it acts like it will process the page but it just creates a text box on the screen and if i continue to try and "submit" the form it just adds a new text box. All other browsers i have tried (Firefox, Chrome, Opera and safari) work, IE just won't process the login correctly what I have for the php is <script type="text/javascript" src="mine.js"></script> <script type="text/javascript" src="forms.js"></script> <?php if(isset($_GET['error'])) { echo 'Incorrect Username/Password'; } ?> <form action="login.php" method="post" name="login_form"> Username: <input type="text" name="username" /><br /> Password: <input type="password" name="password" id="password"/><br /> <input type="button" value="Login" onclick="formhash(this.form, this.form.password);" /> </form> The javascript is function formhash(form, password) { var p = document.createElement("input"); form.appendChild(p); p.name = "p"; p.type = "hidden" p.value = hex_mine(password.value); password.value = ""; form.submit(); } Any suggestions on what I can look at to try and get this to work with IE. thanks Quote Link to comment Share on other sites More sharing options...
haku Posted January 10, 2013 Share Posted January 10, 2013 If you enable the IE Javascript console it will likely give more information as to why this isn't working. Quote Link to comment Share on other sites More sharing options...
williamt74 Posted January 10, 2013 Author Share Posted January 10, 2013 thanks.. tried that is i found the error.. now to figure out how to fix it. Quote Link to comment Share on other sites More sharing options...
nogray Posted January 11, 2013 Share Posted January 11, 2013 Most likely the error happens because your input field is named "password" and you are using a variable called "password" in your function. IE tends to use elements name as objects in Javascript. Try to rename the variable in your functions to something else like "pass". A tip about security, hashing the input using Javascript doesn't really make any difference since all the Javascript code is executed on the browser and can be reversed very easily. If you are really concerned about users security, just use an SSL certificate. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.