Jump to content

User Authentication form


Suchy

Recommended Posts

I have a simple password form:

              <?php  $password = "test";
	                if( ! $_GET['Submitp'] == "Enter" && !  $_GET['pass'] == $password )
	                { ?>
                  Please Log in.
                  <form action="<?php $_SERVER['PHP_SELF']?>">
                    Password :<br />
                    <input type="password" id="pass" name="pass" size="35" />
                    <input type="submit" name="Submitp" value="Enter" />
                  </form>
                  <?php } else  if ( !  $_GET['pass'] == $password) { ?>
                  Error ! - Wrong Password <br>
                  <a href="admin.php">Try again.</a> <br>
                  <?php } else { ?>
                    ..........
                  <?php } ?>

 

The problem with this is that after I enter the corect password, you can see it in the url address bar. looks something like:

.../admin.php?pass=test&Submitp=Enter

 

How can I modify this code, so that that password does not show up?

Link to comment
https://forums.phpfreaks.com/topic/52909-user-authentication-form/
Share on other sites

Add method="post" to your <form> tag.  Then, you'll have to change all instances of $_GET to $_POST in your PHP script.

 

Basically, there are two ways of transferring data to a server.  There's the GET method, and the POST method.  The GET method should really be used for exactly what you'd suspect...GETting data.  Using GET to send information to the server (provided it's not something like deleting a record from a DB) is stupid.  If you're going to send data to the server that the server should interpret and do things with, it should be posted.  This will prevent the data from being shown in the URL, as the data is not part of the URL.  It is part of the request body that is sent to the server.

Actualy another problem poped up.

 

Since I changed the GET to POST, after I enter the password few dropdownmenues show up. But when I select something and hit submit, page jumps to the original state where I have to enter the password again.

 

How can I fix this problem ?

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.