Passing back a value to another form

@rel82meApr 28.2014

HI everyone,

Having a hard time with passing back a password variable to another form,

If you go to:

~~[url]~~http://aosystemsgroup.com/phplogin_v2.3/register.php[/url]

Then click on “Generate” to form pop’s up. I need to find a safe way of getting the password value back to the original form on a separate page.. Any help? Much appreciated.

to post a comment

PHP

9 Comments(s) _↴

@ginerjmApr 28.2014 — #In the first place - you should NEVER be passing a password around anywhere. Take it from its source, validate it and then use a token of some kind to pass around the fact that the user is ok. Set it as a hidden field or a Session var and then check it in your next script.

@rel82meauthorApr 28.2014 — #In the first place - you should NEVER be passing a password around anywhere. Take it from its source, validate it and then use a token of some kind to pass around the fact that the user is ok. Set it as a hidden field or a Session var and then check it in your next script.[/QUOTE]

Ginerjm:

I know, hence I mentioned "safe way" of passing it around. I might just get rid of the fancy pop-up generator and allow this to be part of the original form. But if you have any other suggestions I would like to hear about them.

Thanks

@ginerjmApr 28.2014 — #The problem was that you mentioned "pass it around".

That said - I have nothing further to add since I have made my statement and you didn't really ask a question beyond that.

But of course - you could just create a session 'token' variable and then check for it being set in the called form.

@rel82meauthorApr 28.2014 — #The problem was that you mentioned "pass it around".

That said - I have nothing further to add since I have made my statement and you didn't really ask a question beyond that.

But of course - you could just create a session 'token' variable and then check for it being set in the called form.[/QUOTE]

Alright, pretty easy decision then. I'll just make it part of the original form. Was hoping to have some eye candy added, but if its that problematic, then its okay.

@ginerjmApr 28.2014 — #It's not a problem if you simply substitute that true password value with something that represents that the user is authorized. Pass THAT around and I don't have a problem.

@rel82meauthorApr 28.2014 — #It's not a problem if you simply substitute that true password value with something that represents that the user is authorized. Pass THAT around and I don't have a problem.[/QUOTE]

Would be good to just pass it from the second, pop-up form to the original parent form. But if its too risky or too problematic and I'll just add it to my "future things to do".. Have enough to do as it is.

@ginerjmApr 28.2014 — #The point of this discussion is to make you realize that passing a password around is an absolute mistake. Why would you risk its discovery by increasing the likelihood of it being seen? Getting it from the user the one time he/she types it in and hits submit is the most it should ever be exposed. Your login script should utilize it to check your db for a proper login and then from that point on you should use some other mechanism to keep track of the user's access privileges. Whatever that turns out to be is up to you, but Do Not Use the actual password ever again.

@rel82meauthorApr 28.2014 — #The point of this discussion is to make you realize that passing a password around is an absolute mistake. Why would you risk its discovery by increasing the likelihood of it being seen? Getting it from the user the one time he/she types it in and hits submit is the most it should ever be exposed. Your login script should utilize it to check your db for a proper login and then from that point on you should use some other mechanism to keep track of the user's access privileges. Whatever that turns out to be is up to you, but Do Not Use the actual password ever again.[/QUOTE]

Found an alternative, _safe_ way of accomplishing the task..

@Sup3rkirbyApr 28.2014 — #For the record, if you want to add some 'eye candy' to your password generator, just use (inline) modal windows instead of actual popups. Frankly popups are a dying breed as more and more browsers block them by default and more users arm themselves with popup/ad blockers. Inline windows are a nice way to get a similar effect and frankly are much easier to work with from a scripting standpoint (as everything remains within the same window).

I'm not sure what alternative, safe way you found, but I did think I should mention this since it would have solved your original issue and still allowed you to maintain the idea you had in mind.

Also in #PHP _↴

Online PHP & MySQL tutors - do they exist?Image album. the select doesnt work?I need a PHP formmailer

Success!

Help @rel82me spread the word by sharing this article on Twitter...

Tweet This

about: ({
version: 0.1.9 — BETA 5.10,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});

changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...

recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...

Passing back a value to another form

9 Comments(s) _↴

Also in #PHP _↴

Success!

Social

Version

Passing back a value to another form

9 Comments(s) ↴

Also in #PHP ↴

Success!

The web is an endless sea of information. Don't miss the boat... Subscribe!

Social

Version

9 Comments(s) _↴

Also in #PHP _↴