POST form variables to another php file after validation
Question
<?php
//index.php
session_start();
if (isset($_SESSION['username'])) {
header('Location: Pro_Lesson.php');
}
if (isset($_POST['username'], $_POST['password'])){
if(empty($_POST['username']) || empty( $_POST['password'])){
echo "username or password are empty";
}else {
header('Location: login.php');
}
}
?>
<html>
<head>
</head>
<body>
<h3>User Login</h3>
<table border="0">
<form method="POST" action="index.php">
<tr><td>Username</td><td>:</td><td><input type="text" name="username" size="20"></td></tr>
<tr><td>Password</td><td>:</td><td><input type="password" name="password" size="20"></td></tr>
<tr><td> </td><td> </td><td><input type="submit" value="Login"></td></tr>
</form>
</table>
</body>
</html>
how can I post the form data to another php page after success validation for username and password ? and is it secure ?
2 answers
solution1
2 ACCPTED 2012-10-17 02:40:01
You could do it:
$_SESSION['posted'] = $_POST;
In other php page:
print_r($_SESSION['posted']);
solution2
0 2012-10-17 02:43:24
I'm not really sure what you are asking, but I'll take a stab.
You probably only care about the username (or a userid). What you should do is store that the user authenticated in a cookie (or session based cookie). Just storing the user's username (or user id) in a user editable cookie is a Very Bad Idea (tm). What you should do is have a table on the backend of session IDs which the cookie stores a randomized hash of the primary ID then you could use that to look up what information you stored about that user. Seems complicated, but it's really not. I can expand more on this if you would like.
You could do what felipsmartins suggests, but you shouldn't be storing the user's password anywhere.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.