CODEWITHSUNDEEP
htmlbrowserautocomplete
henk.io
henk.io

Reputation: 306

Password and username displaying in input fields?

I have a silly problem that i just cant figure out. when i refresh my login page the password and username appears in the input fields. here is my code:

<?php include_once "includes/scripts.php"; ?>
<?php
session_start();
include_once ("includes/connect.php");
if (isset($_SESSION['logged_in'])) {
    header('location: admin_cms.php');
}else{
    if (isset($_POST['username'], $_POST['password'])){
        $username = $_POST['username'];
        $password = md5($_POST['password']);
        if (empty($username) or empty($password)){
            $error = '<p>NOTE: Fields are blank</p>';   
        }else{
            $query = $pdo->prepare("SELECT * FROM users WHERE user_name = ? AND user_password =?");
            $query->bindValue(1, $username);
            $query->bindValue(2, $password);
            $query->execute();
            $num = $query->rowCount();
            if ($num == 1){
                $_SESSION['logged_in'] = true;
                header('location: admin_cms.php');
                exit();
            }else{
                $error = "<p>NOTE: The username or password is incorrect</p>";  
            }
        }
    }
    ?>
    <div id="login_container">
        <br><img src="images/camelhorst_logo_full.png" style="margin-top:38px;">
        <h1>LOGIN<img src="images/three_column_grid_line.png" alt="line"></h1>
        <form  acton = "admin.php" method="post" autocompleate="off">
            <label>Username:</label>
            <input type="text" name="username" placeholder="Your Username" required>
            <label>Password:</label>
            <input type="password" name="password" placeholder="Your Password" required>
            <input type="submit"  value="Login" name="submit_login">
        </form>
        <?php if (isset($error))
        {echo $error;}?>
      <p id="copyright_admin"> © CAMELHORSE CREATIVE STUDIO 2013 </p>
    </div><!--login_container-->

    <?php } ?>
</body>
</html>

Please can someone help me with this and also if anyone sees a issue that might be a security issue please correct me?

My Login screen when i open the page or refresh

Upvotes: 4

Views: 7143

Answers (2)

Lance
Lance

Reputation: 4820

By default, the autocomplete attribute is set to "on." Turning it off will prevent your browser from displaying other values that may have been stored. I'm pretty sure that the autocomplete attribute doesn't work inside of form tags. Inside of the input tag that you want to edit, put

autocomplete="off"

More info here

Upvotes: 2

exussum
exussum

Reputation: 18550

at the end of the inputs put autocomplete="off"

example

 <input type="password" name="password" placeholder="Your Password" required autocomplete="off">

Place Holder may also be filling it so you could remove that 

 <input type="password" name="password" required autocomplete="off">

You can also put the autocomplete="off" in the form tag

Upvotes: 8

Related Questions