Code: Select all
<input type="password" name="password" value="<?php echo htmlentities($password); ?>" />Moderator: General Moderators
Code: Select all
<input type="password" name="password" value="<?php echo htmlentities($password); ?>" />I wouldn't ever want / need to echo back the password into the password field if it was just a login... this is for a "register for an account" form.Only in cases where a user mistypes their username (which is extremely rare in my experience), is it beneficial to the user to have the password field filled in.
Because you are sending a password in cleartext, allowing anyone with a sniffer on the network to read that password.The Ninja Space Goat wrote:but why? that is what I'm getting at... it's always been said that it's "not a good idea"... but that isn't good enough for me. I want a reason.