如何获取通过表单发布的密码?

发布于 2024-12-18 01:00:36 字数 936 浏览 0 评论 0原文

我有一个显示密码字段的表单,当表单发布时,我在页面加载期间调用 JavaScript 函数 - 当我检索密码字段时,它永远不会有我输入的密码,它是空的。如果我尝试访问已发布表单的内容,从 onload 调用 javascript 函数是否是错误的方法?

<!DOCTYPE html>
<html>
<script type="text/javascript">
    function checkPwd()
    {
        // okay the form was posted and we got called from onload, now get the post'd password
        var thePwd = document.getElementById("theUsersPassword").value;
        alert("the var thePwd is: " + thePwd);          
    }
</script>        
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    <title>Beta:</title>
</head>

<body onload="checkPwd()">

    <form method="post"  action="index.php">
    Beta: <input id="theUsersPassword" name="usersPassword" type="password"><br/>
    <input type="submit" value="Submit" />  
    </form>

</body>
</html>

I have a form that displays a password field and when the form is posted I call a javascript function during the page's onload -- and when I retrieve the password field it never has the password I entered, it's empty. Is calling a javascript function from onload the wrong approach here if I'm trying access the contents of the posted form?

<!DOCTYPE html>
<html>
<script type="text/javascript">
    function checkPwd()
    {
        // okay the form was posted and we got called from onload, now get the post'd password
        var thePwd = document.getElementById("theUsersPassword").value;
        alert("the var thePwd is: " + thePwd);          
    }
</script>        
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    <title>Beta:</title>
</head>

<body onload="checkPwd()">

    <form method="post"  action="index.php">
    Beta: <input id="theUsersPassword" name="usersPassword" type="password"><br/>
    <input type="submit" value="Submit" />  
    </form>

</body>
</html>

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(5

守不住的情 2024-12-25 01:00:36

我想您不想检查输入加载,您想在表单提交时检查它,对吧?因为在加载时用户还没有机会输入任何内容。

如果您想在提交时执行此操作,只需将表单标记更改为:

<form method="post" action="index.php" onsubmit="checkPwd()">

I guess you don't want to check the input onload, you want to check it when the form submits right? Because at onload the user hasn't had the chance to enter anything yet.

If you want to do it onsubmit, just change your form tag to this:

<form method="post" action="index.php" onsubmit="checkPwd()">
衣神在巴黎 2024-12-25 01:00:36

那是因为该元素不再存在。
Javascript 只在一页上运行,因此如果您

document.getElementById('passwordform');

这样做,它将找不到它,因为没有具有该 ID 的元素。
您可以在 javascript 中通过将密码存储在 cookie 中或通过 LocalStorage api 检索密码来完成此操作,但我什至不会向您展示如何执行此操作,因为它不安全。

Javascript 是一种客户端语言,因此您用它编写的任何代码都会发送到浏览器。这意味着每个用户都可以查看和操作您的代码。

您应该使用服务器端语言(例如 PHP)来完成此操作。

在 php 中,您可以简单地将值与您期望的密码进行比较。

有两种方法可以将数据从表单发送到服务器:使用 POST 方法或使用 GET 方法。 Get 方法用于发送支持的信息,并以以下形式附加到 url 中,

example.com?variable=value

这对于需要安全的信息来说不是一个好主意,因为 url 有最大长度(不同浏览器不同) ,所以当你发送密码信息时,应该使用POST方法。

因此,您的登录表单可能如下所示

<form action='securedpage.php'>
    <label>enter your password: <input type='password' name='pass'></label>
    <input type='submit'>
</form>

现在,在 securepage.php 中,您可以执行以下操作:

<?php
$expected_pass="!4mr00t";
if($_POST['pass']===$expected_pass){
    //show your content
}els{
   //show homepage
}
?>

That's because the element doesn't exist anymore.
Javascript only runs on one page, so if you do

document.getElementById('passwordform');

it won't find it because there is no element with that ID.
You could do it in javascript by storing the password in a cookie, or retrieving it via the LocalStorage api, but I'm not even going to show you how to do that, because it's unsafe.

Javascript is a client side language, so any code you write in it, is sent to the browser. This means that every user can view and manipulate your code.

You should do it with a server side language such as PHP.

In php, you can simply compare the value to the pasword you expect.

There are 2 ways to sent data from a form to the server: using the POST method, or using the GET method. The Get method is used for sending shorer pieces of information, and are appended to the url in the form of

example.com?variable=value

This is not a good idea for information that needs to be secure, and since a url has a maximum length (different for different browsers), so when you send password information, you should use the POST method.

So, your login form could look like this

<form action='securedpage.php'>
    <label>enter your password: <input type='password' name='pass'></label>
    <input type='submit'>
</form>

Now, in securedpage.php, you could do something like this:

<?php
$expected_pass="!4mr00t";
if($_POST['pass']===$expected_pass){
    //show your content
}els{
   //show homepage
}
?>
双手揣兜 2024-12-25 01:00:36

您无法从 JavaScript 访问 POST 数据字段。

您所做的就是阻止真正的表单提交并从表单中获取数据。

form.onsubmit = function () { checkPwd(); return false; };

或者,如果您尝试进行某种验证,则需要从 checkPwd 返回一个布尔值并执行 form.onsubmit = checkPwd

You cannot access the POST data fields from JavaScript.

What you do is that you block the real form submission and get the data from the form.

form.onsubmit = function () { checkPwd(); return false; };

Or if you're trying to do some kind of a validation, you need to return a boolean value from checkPwd and do form.onsubmit = checkPwd

郁金香雨 2024-12-25 01:00:36

我可能是错的,但这通常不是用 PHP 完成的吗?

<?php
  if (isset($_POST['variable'])) {
   $first = $_POST['variable'];
   echo $first;
  }
?>

<form action="" method="POST">
   <input type="password" name="variable" />
   <input type="submit" />
</form>

这段代码会输出在表单中输入的密码。

I could be wrong but isn't this normally done with PHP?

<?php
  if (isset($_POST['variable'])) {
   $first = $_POST['variable'];
   echo $first;
  }
?>

<form action="" method="POST">
   <input type="password" name="variable" />
   <input type="submit" />
</form>

This code would spit out a password entered into a form.

空城缀染半城烟沙 2024-12-25 01:00:36

试试这个:

<form method="post" action="index.php" onsubmit="return checkPwd()">

checkPwd() 必须返回 false 以避免提交(如果有任何问题) o true 执行操作(如果一切正确)。

Try this:

<form method="post" action="index.php" onsubmit="return checkPwd()">

checkPwd() must return false to avoid the submission (If any problem) o true to perfom the action (If everythings is correct).

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文