Member Avatar for mahul000

Here is a problem faced by me while handling the GET request method :

suppose the login form has user-id and password fields as text boxes. now after clicking on "sign-in" button the address bar of the following page(i.e the homepage of a particular member) shows:

<serverURL>.php?id=<someID>&pass=<somePass>

- where "id" and "pass" are the names of above mentioned textfields of login form. The technique works fine, except the password is clearly displayed in the address bar. Any person havig very little intelligence will at once decode it and know the password of the user beside him. Now my qtn is, how to tackle with this shortcoming ?

REMEMBER: I have to do it by GET method only, and not by POST !

  • 2 Contributors
  • 1 Reply
  • 121 Views
  • 1 Day Discussion Span
  • Latest Post Latest Post by tgreer
Member Avatar for tgreer

Please use code tags. Please use English, rather than bizarre abbreviations.

What you're describing is normal behavior for the "GET" method. By definition, GET places values on the querystring. Sorry.

There is no way to secure a website using either GET or POST.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.