In my rails app, I have a login page like this:
<body>
<form action="/my_app/homepage" method="get" class="navbar-form pull-left">
<input name="username" type="text" class="span2">
<input name="password" type="password" class="span2">
<button type="submit" class="btn">Submit</button>
</form>
</body>
When I click on the Submit button it takes me to the /my_app/homepage but at the same time it also displays the username and password in the addressbar.
Am I doing it the wrong way? How can I avoid displaying the username & password?
That is because the Http Request method of FORM is GET. Which would always show the form data in the URL. To hide the data of the form, you need to use POST request.
Change the code to the following:
<form action="/my_app/homepage" method="post" class="navbar-form pull-left">
<input name="username" type="text" class="span2">
<input name="password" type="password" class="span2">
<button type="submit" class="btn">Submit</button>
</form>
Check the method="post" and you'll get the URL only without any sort of Query String.
The GET method will append the form variables to the URL, using the POST method. From W3Schools:
"POST is a little safer than GET because the parameters are not stored in browser history or in web server logs." Also "Data is not displayed in the URL".
http://www.w3schools.com/tags/ref_httpmethods.asp
Related
I'm using this HTML code in an HTML page:
<form method="post">
<div class="form-group">
<input type="text" class="form-control" name="username">
</div>
<div class="form-group">
<input type="password" class="form-control" name="password">
</div>
<input type="hidden" name="ref" value="post-ad.php"/>
<button type="submit" name="submit" id="submit" class="btn">S'identifier</button>
</form>
On clicking submit button which action will this form execute? I noticed that it execute the value of input named "ref" in this example "post-ad.php" or "index.php" or "dashboard.php". Is it normal?! As I know the action attribute is mandatory?
without action attribute it will POST/GET to the same page
see here
If I understood right you're asking about action attribute that goes inside <form>.
If you put nothing there, it'll send the POST to the same page it is right now. If that form is in "index.php" it'll send all <form> data to "index.php"
You call form without action with this code:
<form action="javascript:void(0);"></form>
<form action="/subsite/" method="GET">
<input type="text" name="" placeholder="Your Nick">
<input class="button" type="submit" />
</form>
I want to redirect I mean it should looks like
www/subsite/text
What should I use ? POST ?
The method="get" means that the parameters (and values) will be sent in the query string (the stuff after the question mark in the URL). eg.
/subsite?input_field_name=input_field_value
In your case, the input field doesn't have a name, which will cause problems. You probably want something like this:
<input type="text" name="nickname" placeholder="Your Nick">
So if you submit this form:
<form action="/subsite" method="get">
<input type="text" name="nickname" placeholder="Your Nick">
</form>
Then after submitting, the browser will go to:
/subsite?nickname=value_of_nickname_variable
If you use a method="post", then the form data (variables) will be sent along in the request body, not the query string. There are other differences between get/post, but that's one of them :)
If you just want to do a simple redirect when clicking the button, you could use javascript instead, eg.: window.location.href='/my_url_path_here'
i am bit confused about the code..This is login.php file..and action of the form is also in the same file.Can this happen? if,then same login form should open if user submit the form...i am making my website,where i want to use login/register form.
<form action="login.php" method="post" class="f-wrap-1">
<div class="req">
Not Registered?<br />
Forgot your Password?
</div>
<fieldset>
<h3>Member Login</h3>
<label for="firstname"><b>Username:</b>
<input id="username" name="username" type="text" class="f-name" autocomplete="on" tabindex="1" /><br />
</label>
<label for="password"><b>Password:</b>
<input id="password" name="password" type="password" class="f-name" autocomplete="off" tabindex="2" /><br />
</label>
<label for="code"><b>Security Code:</b>
<input id="code" name="code" type="text" class="f-name" autocomplete="off" tabindex="3" /><br />
</label>
<label for="code2"><b> </b>
<img src="image.php?" /><br />
</label>
<div class="f-submit-wrap">
<input type="submit" value="Submit" class="f-submit" tabindex="4" /><br />
</div>
</fieldset>
</form>
This is login.php file..and action of the form is also in the same file.Can this happen?
Yes
if,then same login form should open if user submit the form
Not necessarily. In a system like this, the form data will be processed by server side code. The logic will probably be something like:
If it is a GET request, send the browser the form.
Otherwise, if it is a POST request, then check the form data:
If it is valid login data, then: set a cookie to track the user and
tell the browser to get some other URL.
Otherwise, the login data is wrong: populate the form with an error message
and possibly default the values of the fields to the wrong data the user
entered, then send the form to the browser.
Populating the form with the invalid data doesn't make much sense in a login form like this one, but it more useful in (for example) a registration form.
Who wants to retype all their personal data again just because the username they wanted is not available or they missed a field?
It's possible to send form to same file but it's not in good style. You would have to check if post data is available and display proper view based on that.
Better way to do it is just change the action of the form to point to another file and in that file handle login logic.
<form action="file.php" method="post" class="f-wrap-1">
What I want to accomplish is logging in to a website by simply typing in the form variables in the URL.
HTML code:
<form action="httpclient.html" onsubmit="return checkSubmit();" method="post" target="_parent" name="frmHTTPClientLogin">
<input type="hidden" name="mode" value="191">
<label>Username</label>
<input border="1" style="width:150px" maxlength="60" name="username">
<label>Password</label></pre>
<input type="password" border="1" style="width:150px" autocomplete="off" name="password" maxlength="60">
This is the relevant past of the code. Now I want to login to this site http://10.100.56.55/httpclient.html just by passing values typed in the url. Firstly is it possible. If yes then what exactly do i need to type for userame :name and password being pass ?
and what encoded URL will be passed in POST method if any?
Change method="post" to method="get"
If you want to type the Querystring in for the username and password, you need to do this in the address field of your browser:
http://10.100.56.55/?username=name&password=pass
EDIT:
You need to find out where the form is going and what it's doing. For this, you need to check what the submit javascript function called 'checkSubmit()' is doing. You can do this by opening the page in your browser and doing a view source. If the javascript is external to the html file, check the js links on the page and open those up to find that function. The function might have the querystring parameters you're looking for.
<input type="text" class="form-control" placeholder="Products" name="search" value="search" id="search">
<input type="text" class="form-control" placeholder="Products" name="search" value="search" id="search2">
<button type="submit" class="btn btn-default" onclick="location.href='\search.php?search='+ document.getElementById('search').value+'&search2='+document.getElementById('search2').value;"> Search</button>
the issue was in the input tag <input type="hidden" name="min_price" value="200"> forward slash was missing,I have added the forward slash and it works now <input type="hidden" name="min_price" value="200"/>.
It's not possible to do that; the form would have to use the GET method.
EDITED: Java httpPost into .asp form
I am trying to understand .asp a little
I have this code for the webpage with the login form and a postback action.
Lets assume that the webpage is www.xxx.com/index.asp
<form method="post" id="form1" name="form1" action="">
<div id="login" class="box">
<div class="header">Log in</div>
<div class="content">
<label for="txtUser">User:</label>
<input id="txtUser" name="txtUser" type="text" size="13" value="" />
<label for="txtPassword">Password:</label>
<input id="txtPassword" name="txtPassword" type="password" size="13" value="" />
<input id="BLogin" name="BLogin" type="submit" value="Log in" />
</div>
<div class="footer">
<input type="checkbox" id="chkSave" name="chkSave" /> <label for="chkSave">Save account</label>
</div>
</div>
</form>
So as i understand, if I want to fill the fields in the browser window, i must call:
www.xxx.com/index.asp?txtUser=boris&txtPassword=boris&BLogin=Log in
But nothing simmilar is ever executed in the browser. What is wrong with me thinking in that way? :)
EDIT: Seems that not all the input fields must be filled in before doing POST. Probably this depends on the server, when logging in, if service requires for example 'rememmber me' field every time, then it probably must be filled in.
The form method is "POST", which means that the form data is sent in a special data block within the HTTP request, not as part of the URL. If you change the method to "GET" the data will be encoded in the query string.
More information: http://www.cs.tut.fi/~jkorpela/forms/methods.html