PHWinfo - Afficher un message - Website Security - Preventing Users storing their login details intheir browser...

20/02/2008, 11h29

Danish wrote:
> On Feb 14, 8:59Âpm, Tony <nos...@example.com> wrote:
>
>> Not tested, but pretty sure it would work: Add a generated timestamp or
>> random string to the input name:
>> <input type="password" name="password_74234915">
>
> If I do end up taking this approach how would my program know what field
> name to expect?

Why does it need to know which field to expect? Just loop through *all*
the fields and find one which starts with "password_".

--
Toby A Inkster BSc (Hons) ARCS
[Geek of HTML/SQL/Perl/PHP/Python/Apache/Linux]
[OS: Linux 2.6.17.14-mm-desktop-9mdvsmp, up 21 days, 16:46.]

Bottled Water
http://tobyinkster.co.uk/blog/2008/02/18/bottled-water/

20/02/2008, 11h29	#11
Toby A Inkster Messages: n/a Hébergeur:	Re: Website Security - Preventing Users storing their login detailsin their browser... Danish wrote: > On Feb 14, 8:59Âpm, Tony <nos...@example.com> wrote: > >> Not tested, but pretty sure it would work: Add a generated timestamp or >> random string to the input name: >> <input type="password" name="password_74234915"> > > If I do end up taking this approach how would my program know what field > name to expect? Why does it need to know which field to expect? Just loop through all the fields and find one which starts with "password_". -- Toby A Inkster BSc (Hons) ARCS [Geek of HTML/SQL/Perl/PHP/Python/Apache/Linux] [OS: Linux 2.6.17.14-mm-desktop-9mdvsmp, up 21 days, 16:46.] Bottled Water http://tobyinkster.co.uk/blog/2008/02/18/bottled-water/