Re: Form Already Filled Out

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



if you want to force the browser to not be able to have this behaviour you
need the name tag to always change
a quick example would be that
<?php // keep the name in session
$_SESSION['formRandomName']=time();
?>
<input type="password" name="<?php
echo $_SESSION['formRandomName'];?>[password]" />


2011/8/4 Bálint Horváth <hbalint@xxxxxxxxx>

> Hi,
> Use value="$_POST['user']" or sg like that because:
> before send value eq null, after if returned -cause of a fail- the inputs
> remain
>
> also set *autocomplete="off"* (at form) and if it doesn't work use js
> to set null values to input boxes (add a name for ur form...)
>
> Another way, use Google: "javascript turn off autofill"
>
> be careful:
> http://www.php.net/manual/en/security.database.sql-injection.php
> http://php.net/manual/en/security.php
>
> *Valentine*
>
> On Thu, Aug 4, 2011 at 8:54 AM, James Yerge <james@xxxxxxxxxxxxxxx> wrote:
>
> > On 08/05/2011 12:43 AM, wil prim wrote:
> > > Hello, Soooo i created a simple login system, and I am using sessions
> > Everything
> > > seems to work fine, however; when I upload my files to my server and
> type
> > my
> > > domain name my index.php page comes up and the form is automatically
> > filled out
> > > with a username and password. How do i make it empty when I initially
> > enter the
> > > site, and yes I did create a logout.php file that destroys a session.
> > Please
> > > help, it is hard to explain this when I cant show it in person. Thanks
> in
> > advance!
> > >
> > > Here is the login.php code, i didn't md5() the password yet:
> > >
> > >
> > > <?php
> > >
> > > if ($_SESSION['user'])
> > > {
> > > header("Location: error.php");
> > > exit();
> > > }
> > > include('connect.php');
> > > if ($_POST['login']){
> > >
> > >
> > > $user=$_POST['user'];
> > > $pass=$_POST['pass'];
> > > $sql="SELECT * FROM members WHERE username='$_POST[user]' and
> > > password='$_POST[pass]'";
> > > $result=mysql_query($sql, $con);
> > > $count=mysql_num_rows($result);
> > > if ($count==1){
> > > $_SESSION['user'] = $user;
> > > header('location: home.php');
> > > }
> > > else
> > > echo "<p style='color:red'>Wrong Username or Password</p>";
> > > }
> > >
> > > ?>
> > > <html>
> > > <head>
> > > <title></title>
> > > <link href="style.css" rel="stylesheet" type="text/css" />
> > > </head>
> > > <body>
> > >
> > > <div id="main">
> > > <div id="menu">
> > > <ul>
> > > <li>
> > > <a href="#">Home</a>
> > > </li>
> > > <li>
> > > <a href="#">Topix</a>
> > > </li>
> > > <li>
> > > <a href="#">Mission</a>
> > > </li>
> > > </ul>
> > > </div>
> > > <div id='content'>
> > > <form method='post' action='index.php'>
> > > Username: <br/>
> > > <input type='text' name='user' maxlength='30'/><br/>
> > > Password: <br/>
> > > <input type="password" name='pass' maxlength='30'/><br/>
> > > <input type="submit" value="Log In!" name="login"/>
> > > </form>
> > > <a href="register.html"> Register? </a>
> > >
> > > </div>
> > > </body>
> > > </html>
> >
> > Your browser is more than likely filling in the username and password
> > fields for you, automatically. Most modern browsers offer this
> > functionality by default. What you're looking for isn't relative to PHP.
> >
> > Have you tried visiting your page from multiple browsers, to see if you
> > get the same results?
> >
> > You could set the value of the username and password fields in the form
> > to NULL.
> >
> > e.g.;
> > <input type='text' name='user' value='' maxlength='30'/>
> > <input type="password" name='pass' value='' maxlength='30'/>
> >
> > I doubt your visitors are going to encounter the same issue you are,
> > unless they allow their browser or some other 3rd party software to
> > automatically fill in the form values for them.
> >
> > Another method would consist of using JavaScript, once the DOM is ready
> > (all elements rendered), have JavaScript reset the form values.
> >
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
> >
>

[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux