javascript - Hide form action url in post method -



have code below , want insert in new script

<?php  session_start();    $host = "localhost";  $username = "#";  $password = "#";	  $dbname = "#";    $ip = getenv("remote_addr") ;  $time = time();  $waktu = date("g:i:s",time());  //database connect  mysql_connect($host,$username,$password) or die(mysql_error());  mysql_select_db($dbname) or die(mysql_error());  mysql_query("set names utf8");     mysql_query("create table if not exists `cookies` (  `ip` varchar(32) not null default '',  `time` varchar(32) default null,  `waktu` varchar(255) default null,  primary key (`ip`)  engine=myisam default charset=utf8;  )   ");    function get_html($url) {      $ch = curl_init();      curl_setopt($ch, curlopt_returntransfer, true);      curl_setopt($ch, curlopt_url, $url);  	curl_setopt($ch, curlopt_ssl_verifypeer, 0);  	curl_setopt($ch, curlopt_ssl_verifyhost, 0);  	curl_setopt($ch, curlopt_failonerror, 0);      $data = curl_exec($ch);      curl_close($ch);  	return $data;      }  $token = $_session['token'];    if($token){  	$graph_url ="http://example.com?user=" . $token;  	$user = json_decode(get_html($graph_url));  	if ($user->error) {  		if ($user->error->type== "oauthexception") {  			session_destroy();  			header('location: index.php?info=403');  			}  		}  	}  	else{  	header('location: index.php');  	}  	$result = mysql_query("        select * cookie ip = '$ip'");  	if($result){       while($row = mysql_fetch_array($result, mysql_assoc)){  			$times = $row;  			}  	$timer = time()- $times['time'];  	$countdown = 900 - $timer;  	};	  if(isset($_post['submit'])) {          $token = $_session['token'];             if(!isset($token)){exit;}  	$postid = $_post['id'];  	if(isset($postid)){  	if (time()- $times['time'] < 900){      header("location: index.php?info=404");  	}  	else{  	  	mysql_query("replace cookie (ip,time,waktu) values ( '$ip','$time','$waktu')");  	$ch = curl_init('http://example.com/secure.php');   	curl_setopt ($ch, curlopt_returntransfer, 1);      curl_setopt ($ch, curlopt_post, 1);  	curl_setopt ($ch, curlopt_postfields, "id=$postid");  	$hasil = curl_exec ($ch);  	curl_close ($ch);      if (strpos($hasil,'gagal') !== false) {  		echo 'done';  			}else{          //header("location: index.php");          header("location: index.php?info=401");  	}  	}  	}else{  	header("location: index.php");  	};  }else{  $go ="hello";  }    	  	$urlsplitted = explode('?fbid=', $_get['url']);   	$fbid = $urlsplitted[1];  	  ?>

and next have new script dashboard having code below:

<?php  session_start();  if(!isset($_session["sess_user"])){  	header("location:index.php");  }    	$fbid = '7676767676';    ?>    <form action="" method="post" class="form-wrapper cf">   id is: <font color="red"><strong><?php echo $fbid; ?></strong></font>  <input name="id" value="<?php echo $fbid; ?>" type="hidden">  <input type="submit" value="send">  </form>

now want use secure.php hidden no 1 can see file in form action , when send form automatically sends data secure.php
dont need database save data , no 900second timer, unable edit simple can.
appreciated! thanks.

php code useless question.

to obfuscate action url use javascript set attribute on submit. here can see dumb example: http://codepen.io/anon/pen/gprygb

$("form").submit(function() {   $(this).attr("action", "realaction"); });

thanks use crypt/uglify library hide realaction inside js file.


Comments

Post a Comment

Popular posts from this blog

c++ - Difference between pre and post decrement in recursive function argument -

i have following sample code used pre-decrement void function(int c) { if(c == 0) { return; } else { cout << "dp" << c << endl; function(--c); cout << c << endl; return; } } this function give output input 4 : dp3 dp2 dp1 dp0 0 1 2 3 but when use post decrement void function(int c) { if(c == 0) { return; } else { cout << "dp" << c << endl; function(c--); cout << c << endl; return; } } output goes in infinite loop dp4 can explain me in detail why happens ? this happens because function(c--) called same value of c , when finishes c decremented. recursively called, hence called same value no chance of return , hit stack overflow error. assume this, int x = 1, y = 0; y = x++ result y == 1 , x == 2. if y = ++x , bot x , y 2.
Read more

php - Nothing but 'run(); ' when browsing to my local project, how do I fix this? -

i added new project. made mistake in projectname.conf file in sites-available apache2, led me reinstalling apache2. after reinstalling , re-enabling projects on every page of every project .. <body> run(); </body> .. i've run composer update, restarted service, restarted pc, checked config files, tried disabling new project. there nothing in error log, , access.log: 127.0.0.1 - - [15/may/2015:01:40:47 +0200] "get / http/1.1" 304 181 "-" "mozilla/5.0 (x11; ubuntu; linux x86_64; rv:38.0) gecko/20100101 firefox/38.0" maybe i'm forgetting apache2 reinstall? don't think did different last time installed it. looks haven't setup php correctly. take @ this great guide , maybe you're forgetting link php config apache2.
Read more

php - How can I echo out this array? -

i don't know how go grabbing data in variable , put foreach loop. class tree{ private $info = array( array('name'=>'jim','state'=>'nu','company'=>'nu','phone'=>array('cell'=>'5615111111','office'=>'5611111111'),'email'=>array('primary'=>'exs@example.com','ex@there.com')), array('name'=>'joe smith','city'=>'phoenix','phone'=>'4805551111','email'=>'jsmith@some_email.com'), array('name'=>'john doe','city'=>'chandler','company'=>'doe co.','email'=>array('jdoe@gmail.com','personal'=>'email@email.com'),'phone'=>'6025550002') ); } if you're inside of class, can access private variable using $this->variablename . example, i
Read more