Jump to content

Recommended Posts

Hi everybody!

 

I have a html script a simply actions form.

 

My request is: HOW to hide the input informations? like password and user? i want to convert in php file...

 

here is the code:

<form name=myorm>
    <form action="https://external_site.php?" method="GET">
    <input type="hidden" name="_charset_">
    <input type="hidden" name="username" value="globalusernameHERE">    
    <input type="hidden" name="password" value="mypassword_123">
.....

 

I want to hide the value="globalusernameHERE" and value="mypassword_123"

 

thanks all

Link to comment
https://forums.phpfreaks.com/topic/97037-help-with-form-actions/
Share on other sites

MD5 encrypt them?

 

Im not really sure what your after, and why your setting the value of a username and password field when the user will come along and enter their details anyway? Your system won't be very secure if you can just hit login and the details are already there.

Yes, I have to use a external site to proces. because is a external service, but can be accesed from my site. (a sms gateway form , for my users)

 

I want to hide the user and password also is someone see the html Code.

 

I tryed to make with some php $vars but that is showing again the user and passw

those all aren't Secure methods

 

POST and GET data is not encrypted by default, when its sent on a public computer it can be tracked via spyware and so forth. 

 

Using POST and proper measure such as encryption of passwords and not storing sensitive data like credit card numbers you are fine.

 

However the usefulness of GET and POST is not because POST "hides" the data and GET doesn't  POST Is for larger data volumes and stuff like file uploads.  GET allows a footprint of the query to be useful in bookmarking and other task.

What I assume you are trying to do is piggyback a service (you mention SMS) which requires a name/password to use. So you want to accept something (let's say a message) and then submit that message to an external site's form using your predetermined user/pass and the users submitted message. The script would look something like this:

 

<?php
  $url = 'https://external_site.php';
  $user = 'globalusernameHERE';
  $pass = 'mypassword_123';
  
  
  if($_SERVER['REQUEST_METHOD'] == 'POST'){
    $data = array(
      'message' => $_POST['message'],
      'username' => $user,
      'password' => $pass,
    );
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url); //set url
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);// allow redirects
    curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); // return into variable
    curl_setopt($ch, CURLOPT_POST, 1); // set POST method
    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data)); // add POST fields
    curl_exec($ch)  // run the whole process
      or die("Could not send message");
    
    header('Location: ?done=true');
    exit;
  }
  if($_GET['done'])
    print "Message sent";
?>
<form method="POST">
  <input type="text" name="message" />
</form>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.