if you want to force the browser to not be able to have this behaviour you need the name tag to always change a quick example would be that <?php // keep the name in session $_SESSION['formRandomName']=time(); ?> <input type="password" name="<?php echo $_SESSION['formRandomName'];?>[password]" /> 2011/8/4 Bálint Horváth <hbalint@xxxxxxxxx> > Hi, > Use value="$_POST['user']" or sg like that because: > before send value eq null, after if returned -cause of a fail- the inputs > remain > > also set *autocomplete="off"* (at form) and if it doesn't work use js > to set null values to input boxes (add a name for ur form...) > > Another way, use Google: "javascript turn off autofill" > > be careful: > http://www.php.net/manual/en/security.database.sql-injection.php > http://php.net/manual/en/security.php > > *Valentine* > > On Thu, Aug 4, 2011 at 8:54 AM, James Yerge <james@xxxxxxxxxxxxxxx> wrote: > > > On 08/05/2011 12:43 AM, wil prim wrote: > > > Hello, Soooo i created a simple login system, and I am using sessions > > Everything > > > seems to work fine, however; when I upload my files to my server and > type > > my > > > domain name my index.php page comes up and the form is automatically > > filled out > > > with a username and password. How do i make it empty when I initially > > enter the > > > site, and yes I did create a logout.php file that destroys a session. > > Please > > > help, it is hard to explain this when I cant show it in person. Thanks > in > > advance! > > > > > > Here is the login.php code, i didn't md5() the password yet: > > > > > > > > > <?php > > > > > > if ($_SESSION['user']) > > > { > > > header("Location: error.php"); > > > exit(); > > > } > > > include('connect.php'); > > > if ($_POST['login']){ > > > > > > > > > $user=$_POST['user']; > > > $pass=$_POST['pass']; > > > $sql="SELECT * FROM members WHERE username='$_POST[user]' and > > > password='$_POST[pass]'"; > > > $result=mysql_query($sql, $con); > > > $count=mysql_num_rows($result); > > > if ($count==1){ > > > $_SESSION['user'] = $user; > > > header('location: home.php'); > > > } > > > else > > > echo "<p style='color:red'>Wrong Username or Password</p>"; > > > } > > > > > > ?> > > > <html> > > > <head> > > > <title></title> > > > <link href="style.css" rel="stylesheet" type="text/css" /> > > > </head> > > > <body> > > > > > > <div id="main"> > > > <div id="menu"> > > > <ul> > > > <li> > > > <a href="#">Home</a> > > > </li> > > > <li> > > > <a href="#">Topix</a> > > > </li> > > > <li> > > > <a href="#">Mission</a> > > > </li> > > > </ul> > > > </div> > > > <div id='content'> > > > <form method='post' action='index.php'> > > > Username: <br/> > > > <input type='text' name='user' maxlength='30'/><br/> > > > Password: <br/> > > > <input type="password" name='pass' maxlength='30'/><br/> > > > <input type="submit" value="Log In!" name="login"/> > > > </form> > > > <a href="register.html"> Register? </a> > > > > > > </div> > > > </body> > > > </html> > > > > Your browser is more than likely filling in the username and password > > fields for you, automatically. Most modern browsers offer this > > functionality by default. What you're looking for isn't relative to PHP. > > > > Have you tried visiting your page from multiple browsers, to see if you > > get the same results? > > > > You could set the value of the username and password fields in the form > > to NULL. > > > > e.g.; > > <input type='text' name='user' value='' maxlength='30'/> > > <input type="password" name='pass' value='' maxlength='30'/> > > > > I doubt your visitors are going to encounter the same issue you are, > > unless they allow their browser or some other 3rd party software to > > automatically fill in the form values for them. > > > > Another method would consist of using JavaScript, once the DOM is ready > > (all elements rendered), have JavaScript reset the form values. > > > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > >
