I tried few example but nothing works. But i got the alert so i really don't understand. Why am I getting alert when my form doesn't send any data? If I work with a input everything works fine. I also tried to put my script in my js file but still the same result.jquery点击<a tag not working with my parameter
<form action="includes/process_login.php" method="post" name="login_form">
<li class='mainMenu menuDeroulant' id='btnGames'>
Jeu <img class='arrow' src="Styles/Images/triangle.png" alt="">
</li>
<li class='mainMenu' id='btnReward'>Récompenses <img class='arrow' src="Styles/Images/triangle.png" alt=""></li>
<input class='loginInfo' type="text" placeholder='Username' name="email">
<input class='loginInfo' type="password" placeholder='Password' name="password" id="password">
<li id='btnJouer' class='mainMenu'>JOUER</li>
<li class='mainMenu' id='btnPlayer'>Player <img class='arrow' src="Styles/Images/triangle.png" alt=""></li>
<li id='btnAdmin' class='mainMenu menuDeroulant'>Admin <img class='arrow' src="Styles/Images/triangle.png" alt=""></li>
<li class="mainMenu loginInfo"><img src="Styles/Images/facebookBtn.png" alt=""></li>
<li class='mainMenu loginInfo'><a id="myanchorid" href="#">Connexion</a></li>
<li class='mainMenu loginInfo'>Inscription</li>
<a href="indexEN.php"><li class='mainMenu'>EN</li></a>
</form>
<script>
$(function(){
function yourfunction(event) {
alert('some anchor clicked');
formhash(this.form, this.form.password);
return false;
}
$('#myanchorid').click(yourfunction);
$('a.anchorclass').click(yourfunction);
$('#anchorlist > a').click(yourfunction);
});
</script>
my js file:
function formhash(form, password) {
// Create a new element input, this will be our hashed password field.
var p = document.createElement("input");
// Add the new element to our form.
form.appendChild(p);
p.name = "p";
p.type = "hidden";
p.value = hex_sha512(password.value);
// Make sure the plaintext password doesn't get sent.
password.value = "";
// Finally submit the form.
form.submit();
}
不要在客户端做密码散列。它就像使用纯文本密码而不散列任何人拦截这可以简单地重新发送完全相同的东西,从而使任何像这样的功能相当于使用密码直接。 – Alupotha 2015-04-03 14:53:55
最好的方法 - 使用https,它可以让你免于中间人攻击! – Legendary 2015-04-03 14:59:32
好的我应该怎么做才能提高安全性? – 2015-04-03 15:00:40