CrossX Posted March 20, 2008 Share Posted March 20, 2008 Hi everybody! I have a html script a simply actions form. My request is: HOW to hide the input informations? like password and user? i want to convert in php file... here is the code: <form name=myorm> <form action="https://external_site.php?" method="GET"> <input type="hidden" name="_charset_"> <input type="hidden" name="username" value="globalusernameHERE"> <input type="hidden" name="password" value="mypassword_123"> ..... I want to hide the value="globalusernameHERE" and value="mypassword_123" thanks all Quote Link to comment https://forums.phpfreaks.com/topic/97037-help-with-form-actions/ Share on other sites More sharing options...
Schlo_50 Posted March 20, 2008 Share Posted March 20, 2008 MD5 encrypt them? Im not really sure what your after, and why your setting the value of a username and password field when the user will come along and enter their details anyway? Your system won't be very secure if you can just hit login and the details are already there. Quote Link to comment https://forums.phpfreaks.com/topic/97037-help-with-form-actions/#findComment-496579 Share on other sites More sharing options...
sasa Posted March 20, 2008 Share Posted March 20, 2008 change method from GET to POST Quote Link to comment https://forums.phpfreaks.com/topic/97037-help-with-form-actions/#findComment-496581 Share on other sites More sharing options...
GameYin Posted March 20, 2008 Share Posted March 20, 2008 Also why do you have 2 form tags? Just do this.. <form name="myorm" action="https://external_site.php?" method="POST"> Also why are you using an external site to process your PHP? Quote Link to comment https://forums.phpfreaks.com/topic/97037-help-with-form-actions/#findComment-496634 Share on other sites More sharing options...
CrossX Posted March 20, 2008 Author Share Posted March 20, 2008 Yes, I have to use a external site to proces. because is a external service, but can be accesed from my site. (a sms gateway form , for my users) I want to hide the user and password also is someone see the html Code. I tryed to make with some php $vars but that is showing again the user and passw Quote Link to comment https://forums.phpfreaks.com/topic/97037-help-with-form-actions/#findComment-496878 Share on other sites More sharing options...
CrossX Posted March 20, 2008 Author Share Posted March 20, 2008 can i use some encryption method? Quote Link to comment https://forums.phpfreaks.com/topic/97037-help-with-form-actions/#findComment-497008 Share on other sites More sharing options...
rhodesa Posted March 20, 2008 Share Posted March 20, 2008 What you should do is have the form submit without the hidden variables to a PHP script on your site. Then, add in the hidden stuff and use cURL to send that data to the external site. Quote Link to comment https://forums.phpfreaks.com/topic/97037-help-with-form-actions/#findComment-497012 Share on other sites More sharing options...
CrossX Posted March 21, 2008 Author Share Posted March 21, 2008 What you should do is have the form submit without the hidden variables to a PHP script on your site. Then, add in the hidden stuff and use cURL to send that data to the external site. as you see I'm a very very n00bie, can you make an example with this cURL? Quote Link to comment https://forums.phpfreaks.com/topic/97037-help-with-form-actions/#findComment-497255 Share on other sites More sharing options...
CrossX Posted March 21, 2008 Author Share Posted March 21, 2008 like this mod? <?php // a simple GET request: include('my_file_with_passw.php'); $http = new cURL(); $result = $http->get('htt://external_url.php'); ?> or not? Quote Link to comment https://forums.phpfreaks.com/topic/97037-help-with-form-actions/#findComment-497263 Share on other sites More sharing options...
cooldude832 Posted March 21, 2008 Share Posted March 21, 2008 those all aren't Secure methods POST and GET data is not encrypted by default, when its sent on a public computer it can be tracked via spyware and so forth. Using POST and proper measure such as encryption of passwords and not storing sensitive data like credit card numbers you are fine. However the usefulness of GET and POST is not because POST "hides" the data and GET doesn't POST Is for larger data volumes and stuff like file uploads. GET allows a footprint of the query to be useful in bookmarking and other task. Quote Link to comment https://forums.phpfreaks.com/topic/97037-help-with-form-actions/#findComment-497269 Share on other sites More sharing options...
rhodesa Posted March 21, 2008 Share Posted March 21, 2008 What I assume you are trying to do is piggyback a service (you mention SMS) which requires a name/password to use. So you want to accept something (let's say a message) and then submit that message to an external site's form using your predetermined user/pass and the users submitted message. The script would look something like this: <?php $url = 'https://external_site.php'; $user = 'globalusernameHERE'; $pass = 'mypassword_123'; if($_SERVER['REQUEST_METHOD'] == 'POST'){ $data = array( 'message' => $_POST['message'], 'username' => $user, 'password' => $pass, ); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); //set url curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);// allow redirects curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); // return into variable curl_setopt($ch, CURLOPT_POST, 1); // set POST method curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data)); // add POST fields curl_exec($ch) // run the whole process or die("Could not send message"); header('Location: ?done=true'); exit; } if($_GET['done']) print "Message sent"; ?> <form method="POST"> <input type="text" name="message" /> </form> Quote Link to comment https://forums.phpfreaks.com/topic/97037-help-with-form-actions/#findComment-497457 Share on other sites More sharing options...
CrossX Posted March 22, 2008 Author Share Posted March 22, 2008 yes, thank you rhodesa Quote Link to comment https://forums.phpfreaks.com/topic/97037-help-with-form-actions/#findComment-497975 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.