SitePoint Sponsor

User Tag List

Results 1 to 6 of 6
  1. #1
    SitePoint Guru ujjwal's Avatar
    Join Date
    Oct 2004
    Location
    kolkata
    Posts
    821
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Solve my url(Showing value)problem

    Hi Everybody,
    I am little bit confuse with my url.Now I am staying 1 page which is html format.In there user,password(field) and submit button.after giving the value i call a.php file from the html form.then it checks and go another page like trader4.php.It works fine but in trader4.phppage the url shows that"http://localhost/trader/a.php?login=dha12&password=aaaa&submit=Go"
    so anyone can know the password .How can i show that *** instead of recent password value?
    Plz help me out.
    I send my a.php file:
    <?php
    include('conn.php');
    if( isset( $_REQUEST['submit'] ) )
    { $user = empty($_REQUEST['login']) ? '' : $_REQUEST['login'];
    $submit = empty($_REQUEST['submit']) ? '' : $_REQUEST['submit'];
    $pass = empty($_REQUEST['password']) ? '' : $_REQUEST['password'];

    session_start();
    $sid=session_id();
    $ins="insert into session values('$user','$sid',CURDATE())";
    mysql_query($ins) or
    die("session has a problem.");
    if($submit=="Go")
    {
    $query = "select * from totalinfo where user='$user' and pass='$pass'";
    $result=mysql_query($query)or die(__LINE__.mysql_error());
    $row_result=mysql_num_rows($result);
    if($row_result>0)
    { $query_data = mysql_fetch_array( $result );
    $a= $query_data["user"];
    $b= $query_data["alevel"];


    if ($b=="user")header("Location: /trader/trader4.php?user=$a&sid=$sid");
    elseif ($b=="admin") header("Location: /trader/admin.php?user=$a&sid=$sid");

    }
    else echo "There is no such record";
    }
    }
    ?>

  2. #2
    Simulation Cricketer
    Join Date
    Sep 2004
    Location
    australia
    Posts
    470
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    instead of putting it in the url, make it a hidden value in a form field

  3. #3
    SitePoint Guru ujjwal's Avatar
    Join Date
    Oct 2004
    Location
    kolkata
    Posts
    821
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by battye
    instead of putting it in the url, make it a hidden value in a form field
    this is my htm page and receive value from user and went into a.php
    <form action="a.php" method="">
    <table border="0" cellpadding="0" cellspacing="0" width="550">
    <tr>
    <td colspan="2" width="548">
    &nbsp;
    <p align="center" class="head">Existing Members Login</p>
    <p align="center">&nbsp;
    </td>
    </tr>
    <tr>
    <td width="260">
    <p align="center" class="news">Username</p>
    </td>
    <td width="286"><input type="text" name="login" size=14 style="background-color: #EAE4DB"></td>
    </tr>
    <tr>
    <td width="260">
    <p align="center" class="news">Password</p>
    </td>
    <td width="286"><input type="password" name="password" size=14 style="background-color: #EAE4DB"></td>
    </tr>
    <tr>
    <td colspan="2" width="548">
    <p align="center"><input type="submit" name="submit" value="Go" hspace="13" width="64" height="25"></td>
    </tr>

    <tr >

    <td width="546" height="15" colspan="2">
    <table width="544">
    <tr>
    <td width="169"><a href="http:/trader/fp.html" class="news">Forgot password</a></td>
    <td width="130">&nbsp;&nbsp;&nbsp;
    <td width="225"><a href="http:/trader/cp.html" class="news"><div align="right">ChangePassword</div></a></td>
    </tr></table>

    </td>
    </tr>

    <tr>
    <td width="546" height="15" colspan="2">
    </td>
    </tr>
    </table></form>
    </div>
    </td>
    </tr>
    </table>
    </center>
    </div>

    <p align="center"><a href="trader_1.htm" class="news">back</a></p>

    </body>

    </html>

  4. #4
    dooby dooby doo silver trophybronze trophy
    spikeZ's Avatar
    Join Date
    Aug 2004
    Location
    Manchester UK
    Posts
    13,807
    Mentioned
    158 Post(s)
    Tagged
    3 Thread(s)
    simply change your form action to POST and use $_POST to get the variables instead of $_REQUEST.
    Mike Swiffin - Community Team Advisor
    Only a woman can read between the lines of a one word answer.....

  5. #5
    SitePoint Guru ujjwal's Avatar
    Join Date
    Oct 2004
    Location
    kolkata
    Posts
    821
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by spikeZ
    simply change your form action to POST and use $_POST to get the variables instead of $_REQUEST.
    Thanks spikeZ.Now it works(after form method post).
    Thanks also battye for response.

  6. #6
    dooby dooby doo silver trophybronze trophy
    spikeZ's Avatar
    Join Date
    Aug 2004
    Location
    Manchester UK
    Posts
    13,807
    Mentioned
    158 Post(s)
    Tagged
    3 Thread(s)
    I meant method!
    Happy to help!

    SpikeZ
    Mike Swiffin - Community Team Advisor
    Only a woman can read between the lines of a one word answer.....


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •