如何获取通过表单发布的密码?
我有一个显示密码字段的表单,当表单发布时,我在页面加载期间调用 JavaScript 函数 - 当我检索密码字段时,它永远不会有我输入的密码,它是空的。如果我尝试访问已发布表单的内容,从 onload 调用 javascript 函数是否是错误的方法?
<!DOCTYPE html>
<html>
<script type="text/javascript">
function checkPwd()
{
// okay the form was posted and we got called from onload, now get the post'd password
var thePwd = document.getElementById("theUsersPassword").value;
alert("the var thePwd is: " + thePwd);
}
</script>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Beta:</title>
</head>
<body onload="checkPwd()">
<form method="post" action="index.php">
Beta: <input id="theUsersPassword" name="usersPassword" type="password"><br/>
<input type="submit" value="Submit" />
</form>
</body>
</html>
I have a form that displays a password field and when the form is posted I call a javascript function during the page's onload -- and when I retrieve the password field it never has the password I entered, it's empty. Is calling a javascript function from onload the wrong approach here if I'm trying access the contents of the posted form?
<!DOCTYPE html>
<html>
<script type="text/javascript">
function checkPwd()
{
// okay the form was posted and we got called from onload, now get the post'd password
var thePwd = document.getElementById("theUsersPassword").value;
alert("the var thePwd is: " + thePwd);
}
</script>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Beta:</title>
</head>
<body onload="checkPwd()">
<form method="post" action="index.php">
Beta: <input id="theUsersPassword" name="usersPassword" type="password"><br/>
<input type="submit" value="Submit" />
</form>
</body>
</html>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(5)
我想您不想检查输入加载,您想在表单提交时检查它,对吧?因为在加载时用户还没有机会输入任何内容。
如果您想在提交时执行此操作,只需将表单标记更改为:
I guess you don't want to check the input onload, you want to check it when the form submits right? Because at onload the user hasn't had the chance to enter anything yet.
If you want to do it onsubmit, just change your form tag to this:
那是因为该元素不再存在。
Javascript 只在一页上运行,因此如果您
这样做,它将找不到它,因为没有具有该 ID 的元素。
您可以在 javascript 中通过将密码存储在 cookie 中或通过 LocalStorage api 检索密码来完成此操作,但我什至不会向您展示如何执行此操作,因为它不安全。
Javascript 是一种客户端语言,因此您用它编写的任何代码都会发送到浏览器。这意味着每个用户都可以查看和操作您的代码。
您应该使用服务器端语言(例如 PHP)来完成此操作。
在 php 中,您可以简单地将值与您期望的密码进行比较。
有两种方法可以将数据从表单发送到服务器:使用 POST 方法或使用 GET 方法。 Get 方法用于发送支持的信息,并以以下形式附加到 url 中,
这对于需要安全的信息来说不是一个好主意,因为 url 有最大长度(不同浏览器不同) ,所以当你发送密码信息时,应该使用POST方法。
因此,您的登录表单可能如下所示
现在,在 securepage.php 中,您可以执行以下操作:
That's because the element doesn't exist anymore.
Javascript only runs on one page, so if you do
it won't find it because there is no element with that ID.
You could do it in javascript by storing the password in a cookie, or retrieving it via the LocalStorage api, but I'm not even going to show you how to do that, because it's unsafe.
Javascript is a client side language, so any code you write in it, is sent to the browser. This means that every user can view and manipulate your code.
You should do it with a server side language such as PHP.
In php, you can simply compare the value to the pasword you expect.
There are 2 ways to sent data from a form to the server: using the POST method, or using the GET method. The Get method is used for sending shorer pieces of information, and are appended to the url in the form of
This is not a good idea for information that needs to be secure, and since a url has a maximum length (different for different browsers), so when you send password information, you should use the POST method.
So, your login form could look like this
Now, in securedpage.php, you could do something like this:
您无法从 JavaScript 访问 POST 数据字段。
您所做的就是阻止真正的表单提交并从表单中获取数据。
或者,如果您尝试进行某种验证,则需要从
checkPwd
返回一个布尔值并执行form.onsubmit = checkPwd
You cannot access the POST data fields from JavaScript.
What you do is that you block the real form submission and get the data from the form.
Or if you're trying to do some kind of a validation, you need to return a boolean value from
checkPwd
and doform.onsubmit = checkPwd
我可能是错的,但这通常不是用 PHP 完成的吗?
这段代码会输出在表单中输入的密码。
I could be wrong but isn't this normally done with PHP?
This code would spit out a password entered into a form.
试试这个:
checkPwd()
必须返回false
以避免提交(如果有任何问题) otrue
执行操作(如果一切正确)。Try this:
checkPwd()
must returnfalse
to avoid the submission (If any problem) otrue
to perfom the action (If everythings is correct).