Home/ Questions/Q 4267450
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-21T06:54:04+00:00

I have form in my html page <form id=login_form method=POST action=index.php> <table> <tr> <td><label

  • 0

I have form in my html page

<form id="login_form" method="POST" action="index.php">
    <table>
        <tr>
            <td><label style="color:#47A3FF;" for="name" title="User name">
                Username</label></td>
            <td><input style="color:#47A3FF;" dojoType="dijit.form.TextBox"
                type="text" name="username"></td>
        </tr>
        <tr>
            <td><label style="color:#47A3FF;" for="loc">Password: </label></td>
            <td><input style="color:#47A3FF;" dojoType="dijit.form.TextBox"
                type="password" name="password"></td>
        </tr>
        <tr>
            <td colspan="2" align="center">
                <button dojoType="dijit.form.Button"  class="soria" style="border: 1px solid black; float:right;"
                type="submit">Login</button></td>
        </tr>
    </table>
</form>

Do I need to use SHA256 when I send username and password over network ? How to use SHA256 over those data ( I have function sha256_hash which use string and return hashed value, but I don’t know where to call that function ) ?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You should hash the desired values when the form is submitted.

    I guess something like this should work :

    HTML

    <form onsubmit="return myOnSubmit(this);">

    JavaScript

    function myOnSubmit(aForm) {
    //Getting the two input objects
    var inputUsername = aForm['username'];
    var inputPassword = aForm['password'];

    //Hashing the values before submitting
    inputUsername.value = sha256_hash(inputUsername.value);
    inputPassword.value = sha256_hash(inputPassword.value);

    //Submitting
    return true;
}

    EDIT :
    Because of the ‘Hashing the values before submitting’ part, it will not work if you have a maxlength property, because hashed values are much longer than just the clear password.

    If you MUST use a maximum length, then you would need to implement HIDDEN FIELDS and changing those values, and making sure the fields containing the clear data aren’t submitted (outside of the <FORM> tag).

    • 0