Is the password sent as text in this after sending php?

Question

Is the password sent as text in this after sending php?

I was looking for simple hashing with passwords in the login form. I came across this http://tinsology.net/2009/06/creating-a-secure-login-system-the-right-way/ . here he hashes the password, creates salt, and then hashes the password and salt again. I create the login form myself, this is abc.php

<form name="register" action="register.php" method="post">
Username: <input type="text" name="username" maxlength="30" />
Password: <input type="password" name="pass1" />
Password Again: <input type="password" name="pass2" />
<input type="submit" value="Register" />
</form>

after sending goes register.php, it has

$u=$_REQUEST['username'];
$p=$_REQUEST['pass1'];
//salt create function
//hashing code
//final hash password

and then sends $ u and the 'final password' to the database.

Question: my question is to submit the form from abc.php, does the password go like text?

, , - , , , , $_REQUEST, , , , , -.

+5

php

Nikhar 08 . '12 8:36

5

HTTP- HTTP Get, . HTTP Post HTTP Get , - , , - ..

, HTTPS. HTTPS, .

+6

Niyoko Yuliawan 08 . '12 8:40

"" . - , (.. - ).

, SSL, .

+2

Steve Rukuts 08 . '12 8:40

, .

If you use SSL (https), the full connection between the browser and your web server is encrypted (therefore data cannot be read by a third party), but if you use http to anyone who can see the traffic, see the password

+2

Daniel Kurka Jan 08 '12 at 8:40

source share

The code you are referring to applies only to the password store, so yes, the password will be transmitted over the Internet in clear text, and yes, someone can intercept it, for example, at a WiFi access point.

The best, most proven solution is to use SSL to log in.

+2

Joachim Isaksson Jan 08 '12 at 8:42

source share

Daan Pape · Accepted Answer · 2012-01-08T08:51:46+0000

. HTTPS. - HTTP- javascript. . , https, , .

Is the password sent as text in this after sending php?

More articles: