| Re: calling a value into another php script... [message #182693 is a reply to message #182692] |
Thu, 29 August 2013 13:31   |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
|
Senior Member |
|
|
On 8/29/2013 9:06 AM, nag wrote:
> On Thursday, 29 August 2013 08:26:50 UTC+5:30, Jerry Stuckle wrote:
>> On 8/28/2013 9:35 PM, nag wrote:
>>
>>> Hi all,
>>
>>>
>>
>>> I am using an index.html to execute a php prog. First I am choosing a an option from a dropdown list, which will connect to a mail server. If the password is correct then it will open second html page. I want to call the code part into the
>>
>>> second html page. How can it be done?
>>
>>>
>>
>>> <form action=xyz.php method=POST>
>>
>>> <option selected>Select from list</option>
>>
>>> <option value="x23(at)xyz(dot)com">name1,code1</option>
>>
>>> <option value="y13(at)xyz(dot)com">name2,code2</option>
>>
>>> <option value="z33(at)xyz(dot)com">name3,code3</option>
>>
>>>
>>
>>>
>>
>>> thank you.
>>
>>>
>>
>>
>>
>> Not enough information for an intelligent response.
>>
>>
>>
>> Where is the password entered? If it's in the same form, you need to
>>
>> validate the password in your script before calling the mail server.
>>
>>
>>
>> And what mail server are you using? Most do not have a web interface,
>>
>> but you have to look at the mail server interface to see how it works.
>>
>>
>
> We are using intranet. Its pop3 mail server.
> calling as
>
> <form action=passwd.php method=POST>
>
This does not call the pop3 mail server. Or am I misunderstanding what
you mean?
>
>> Where is the password entered? If it's in the same form, you need to
>>
>> validate the password in your script before calling the mail server.
>
>
> <tr>
> <td width="131" height="22" bordercolor="#999999" align="left">
> <font face="Verdana" color="white" size="2"><B>Password</font></td>
> <td width="148" height="22" bordercolor="ffffe0"><font face="Verdana">
> <input type="password" size="20" value name="passwd" style="background-color: ffe6c1; font-family:Verdana; font-size:8pt; color:#111111; font-weight:bold"></font></td>
> </tr>
> </table>
> <p><br>
> <input name="mailserver" type=hidden value="xx.xx.x.xx"> </p>
> <input type=submit value=Login name=submit> </p>
> </center>
> </div>
>
> Actually the username part in email id is itself the code part which I have to print on the second html page. Presently I am asking the user to enter the value. It is leading to do mistake by the user.
>
> Thank you.
>
NEVER trust ANYTHING from the user - even hidden fields. They can too
easily be hacked (nothing says the information came from YOUR page - it
can easily be faked). This is especially true for things like email ids
and email addresses.
And the fact this is an intranet is immaterial.
If you want to pass something from one page to another, then use the
$_SESSION superglobal.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]