Hiding username and pass in the source code?

Hey All,

I put a login form on a website, but when you view the source code, you can see both. Is there any way to hise these from the code?

Here is the code for the form.

<input type="text" name="text2" class="txtBox" value="-Enter your name-" />
<input type="password" name="text1" class="txtBox" value="-Your Password-" />
  <input type="button" value="Login" name="Submit"  onclick=javascript:validate(text2.value,"member750",text1.value,"3access16") >
<br class="spacer" /><br />
	<br />

	<br class="spacer" />

<label class="yellow"><a href="join.html" class="register">I Want to Join!</a></label>
<br class="spacer" />
<script language = "javascript">

function validate(text1,text2,text3,text4)
 if (text1==text2 && text3==text4)
function load(url)

Store them in a database or external file that’s protected in any method of your choosing. Read them into variables and pass them that way.

On this line in bold.

<input type=“button” value=“Login” name=“Submit” onclick=javascript:validate(text2.value,“member750”,text1.value,“3access16”) >

You just have edited your reply right after I responded

Sorry about that, I scrolled over :). It’s been a long morning!

Never, ever, ever use just client-side code to validate a login scheme. Even if you had some means of hiding the the user/pass details from the source code, simply disabling Javascript allows someone to circumvent the check. :wink:

Do login checking on the server-side, in your PHP code. In the very simplest of ways …

// Use method="POST" in the HTML <form> tag, then
$user = $_POST['text2'];
$pass = $_POST['text1'];

if ($user == 'member750' && $pass = '3access16') {
  // login is OK
} else {
  // login is bad

Ok, what would I name that page and how would I rewrite the form?

I very much appreciate it.

	  if($_POST['username'] == 'member750' && $_POST['password'] == '3access16'){
		  echo 'Login success';
		else {
		  echo 'Login failure';
	else {
	  echo '<form action="" method="post">';
		  echo 'Username: <input type="text" name="username" /><br />';
			echo 'Password: <input type="password" name="password" /><br />';
			echo '<input type="submit" value="Login" />';
		echo '</form>';

Hey all, I got it… I appreciate everyones help with this.

Nevermind, There was some weird file on the site causing issues.

OK, found another issue… Once logged in, how do I redirect it to the members section?