Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations MikeeOK on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

how to have 1 form field verify another 2

Status
Not open for further replies.
deecee

deecee

Technical User
Aug 25, 2001
1,678
US
This is for an edit personal info form. I have a password and verify password field. I would like to verify that they both equal each other via php rather than javascript.

How can i have this done and have the same page process it. I might be able to do this over two pages but i dont really know how php_self works. and ive tried it but i cannot figure it out. It seems simple but for some reason im just blocking it out.

thanks in advance

<signature>
sometime you just gotta say &quot;WHAT THE @#*% !!&quot;
</signature>
 
Sort by date Sort by votes
PHP is an acronym for pre-hypertext-processor. This means that PHP runs server side and not in the browser. Once your visitor types stuff into the page it has left the server for a long time....
You will need to use JavaScript if you want validation within the browser.

You can use PHP if you post to a PHP script that first evaluates both entries and displayes an error page when they are not identical.
 
Upvote 0 Downvote
thank you -- i guess i will have to use j-script

<signature>
sometime you just gotta say &quot;WHAT THE @#*% !!&quot;
</signature>
 
Upvote 0 Downvote
i think i should add to this and say that, i hope u aware that if u use javaScript the passwords will be available 4 all to see, as DRJ478 has already said, JS is client side and not server side, hence all code is is veiwable by the client. this is not ideal 4 a password scenario as u can imagine. [thumbsdown] this could lead to loss of confidence from ur clients (if there are clients involved). good luck with ur site [2thumbsup] anyway, as u sound like its bin a struggle (arnt they all).

To err is human, to completely mess up takes a computer.
 
Upvote 0 Downvote
dint even think about that..i guess ill just process the form to another page. thanks

<signature>
sometime you just gotta say &quot;WHAT THE @#*% !!&quot;
</signature>
 
Upvote 0 Downvote
The password would not need to be available for all to see if you used javascript, no more than they're available for all to see as the page is submitted anyway.

You have two fields on one page, if you want to verify their equivalence -before- they submit the form successfully Javascript is absolutely the right way to do it. If you'd rather do it after they submit and then redraw the form with the correct values already filled in, then PHP is the right choice.

Both are completely acceptable and equally secure if implemented properly, but the javascript solution is circumvented by the user just turning off javascript on their browser.

-Rob
 
Upvote 0 Downvote
but surly the script can be viewed from view source

To err is human, to completely mess up takes a computer.
 
Upvote 0 Downvote
Sure it can, but the script wouldn't contain the password, the script would have something akin to...
Code: 
pwd = document.form1.password_field;
pwd_verify = document.form1.password_verify;

if (pwd != pwd_verify) {
  alert(&quot;Passwords do not match!&quot;);
  document.form1.password_field.value = &quot;&quot;;
  document.form1.password_verify = &quot;&quot;;
  document.form1.password_field.focus = true;
} else {
  document.form1.submit();
}

*Disclaimer, I'm typing that as pseudo-code, I always have to look up syntax when I do javascript.

-Rob
 
Upvote 0 Downvote
I think the confusion here is that csniffer is thinking about a login page, whereas it is actually just a page to edit your info. In the case of a login page, then using javascript would be incredibly dumb as all the passwords would have to be hardcoded into the page. In this case, however, it presumably doesn't need to check as the user should already be logged in, so it should be fine.
 
Upvote 0 Downvote
yes ur right there KEMPCDJR i apologise i did not read the original ? correctly [nosmiley] but even so the way i see it is that the info from the edited form would have to be resubmitted and is therefore viewable by packet sniffing as there is no encryption facilities in JS, but i may be wrong on this. perhaps u could put me right as i am by no means a network or JS guru.

To err is human, to completely mess up takes a computer.
 
Upvote 0 Downvote
However you do it, the form information is being submitted to the server, it has to be for anything to use it. Strangly enough, the exception is javascript, which can intercept the submission and carry out its own processing.
 
Upvote 0 Downvote
Yeah, the encryption needs to be done point to point one way or the other, so javascript won't affect the packet sniffing aspect, either that will be set up or it won't.

-Rob
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

W
  • Locked
  • Question
how to send checked row data in php
Replies
0
Views
525
wiltang2004
W
R
  • Locked
  • Question
How Can I Use MySQL To Send Data To An Email
Replies
1
Views
733
Chris Miller
Chris Miller
P
  • Locked
  • Question
JPgraph - How to stop a line graph from dropping to zero?
Replies
2
Views
795
Chris Miller
Chris Miller
rogerte
  • Locked
  • Question
How to parse associative array
Replies
13
Views
3K
Chris Miller
Chris Miller
EdLentz
  • Locked
  • Question
I need a simple example of how to send a table of info .
Replies
8
Views
1K
EdLentz
EdLentz

Part and Inventory Search

Sponsor

Back
Top