<form method="POST" action="http://www.mypage.com/login.php" name="acc">
<input value="mylogin" name="login" size="19" maxlength="30" type="text">
<input maxlength="40" type="password" size="19" name="pass">
</form>
What is the encoded POST request? is it login=mylogin&pass=mypassword or should I use something with acc which is the name of form?
Use $_POST["name"] to receive a variable name from POST form. The name of form isn't necessary to receive arguments from it.
Related
I've an aspx form with a form tag as below and this form tag contains some sensitive info with hidden fields
<form id="payment_confirmation" target="myFrame" action='https://testsecureacceptance.cybersource.com/embedded/pay' method="post"/>
<input type="hidden" name="access_key" value="sensitivevalue1">
<input type="hidden" name="profile_id" value="sensitivevalue2">
<input type="hidden" name="transaction_uuid" value="<% Response.Write(getUUID()); %>">
<input type="hidden" name="signed_field_names" value="sensitivevalue3">
<input type="hidden" name="unsigned_field_names" value="card_type,card_number,card_expiry_date">
<input type="hidden" name="signed_date_time" value="<% Response.Write(getUTCDateTime()); %>">
<input type="hidden" name="locale" value="en">
<input type="submit" id="submit" name="submit" value="Submit"/>
</form>
When i click "Submit" it successfully post the values and user is "redirected" into the "https://testsecureacceptance.cybersource.com/embedded/pay" form but those hidden fields values are exposed to users (when they inspect the page). I can encrypt them but is there any other way i can post values and redirect from backend where values will not be exposed to users?
Thanks
In short, no. Hidden fields are only hidden from view on the screen and will always be available be available when viewing the source of the page when you are using web forms like this. You can use the viewstate, which will encode the fields and make them harder to read, but if it is truly sensitive information, you will need to properly encrypt that information.
Hope that helps.
I need to take the username, email and password a user enters in an html form (in index.aspx) and use it in an asp.net code in another page (register.aspx in a folder called 'u').
This is the form:
<form action="u/register.aspx" method="post" id="regForm">
<input type="text" name="fname" id="fname" placeholder="Full Name (Optional)" maxlength="16" />
<input type="text" name="uname" id="uname" placeholder="Username" maxlength="16" />
<input type="email" name="email" id="email" placeholder="Email Address" maxlength="32" />
<input type="password" name="pwd" id="pwd" placeholder="Password" maxlength="16" />
<input type="password" name="repwd" id="repwd" placeholder="Repeat Password" maxlength="16" />
<input type="submit" value="Sign Up" id="signup" />
</form>
But, when I'm using Request.QueryString["fname"] for example, it doesn't take 'fname' from the form, it just takes a null.
What can I do to solve this? Is there a different method I can use to achieve the wanted result?
Thanks a lot!
You are doing it wrong.
Request.QueryString contains information related to data added after ? in the URL (ex. http://www.contoso.com?mydata=1¶m2=yy).
You have to use Request.Form to access "POST" data.
QueryString will only give the parameters on the query string of the url check here.
If you want all the parameters you will need to use the Params property.
As others have already said Request.QueryString contains data after the ? in url.
You can use Request.Form or if you want the data as part of the url, you can change your form element method attribute to "get"
I am trying to put a button on my shiny app which calls out external website though a form/post request. The input values will change but here is a real example.
Example:
<form action="http://toppgene.cchmc.org/CheckInput.action" method="post">
<input type="hidden" name="query" value="TOPPFUN">
<input type="hidden" id="type" name="type" value="HGNC">
<input type="hidden" name="training_set" id="training_set" value="EGFR">
<input type="submit" class="mybutton">
</form>
PS: cross posted on shiny-discuss google group link
Thanks!
-Abhi
I have a simple asp.net page where a form action is done, which it takes to the 3d party url and that will return some data as a response. How can I achieve the job done without using static form action.
Below is the form action:
<form name="theForm" method="GET" action="page.aspx" >
<input type="hidden" name="asp" value="hidden values" />
<input type="hidden" name="url" value="http://www.google.com" />
<input type="submit" name="submit" />
</form>
Thanks in Advance.
All the examples I can find are in Visual Basic, but I am using C#.
I want to get the data that is in a textbox in a form.
My code so far:
<form action="login.aspx" method="get">
<p>Username: <input type="text" name="username" /></p>
<p>Password: <input type="text" name="password" /></p>
<input type="submit" value="Submit" />
</form>
So what could I do? Because I keep getting told to do this:
Dim UserName
UserName = Request.Form("UserName")
But it doesn't work in C#.
Don't need to do that on asp.net; simply change your markup like so:
<form action="login.aspx" method="post" runat="server">
<p>Username: <input type="text" name="username" runat="server" id="txtUsername" /></p>
<p>Password: <input type="text" name="password" runat="server" id="txtPassword"/></p>
<input type="submit" value="Submit" />
</form>
And on code behind:
string UserName= txtUsername.Value;
And yes, Shawn also caught a good one, you should use POST.
Your method should be POST.
<form action="login.aspx" method="post">
The sample code you posted is vb.net. C# has it's own syntax and keywords.
to get the value you can use the following (not an optimal solution for webforms)
string userName = Request.Form["UserName"];
I would suggest going through some c# tutorials to get a handle on the language. Here's the first one i found http://www.csharp-station.com/Tutorial.aspx