|
|
Posted by faulkes on 01/07/08 05:33
On Jan 6, 11:36 pm, jc...@lycos.com wrote:
> Hello,
>
> I have a form that uses a basic passphrase to ensure an employee user
> is who they say they are. One field uses 'text' as the input type and
> the other uses 'password'. When a query has been run, a user can
> click the browser back button and the name is still there intact but
> the password field is blank. My question is, what would the 'SESSION'
> code look like that would allow a user to click their back button
> where the 'userpass' field holds the original passphrase in the same
> manner the browser holds the user name within the text field?
>
> thanks very much,
> John
>
> <td>User Name:</td><td align="left"><input type="text" name="username"
> size="29" maxlength="30" value=""></td></tr>
>
> <td>User Password:</td><td align="left"><input type="password"
> name="userpass" size="29" maxlength="30" value=""></td></tr>
iirc you would need to either save the plaintext password as either a
cookie or in the session that is newly created and do a callback
check.
It would be very bad to store it in either case as plaintext IMO.
[Back to original message]
|