0

I have a form with email and password validation. When password is wrong the box password has to be red to show that something go wrong, i do that adding a "vermei" class.

I have to do this in PHP, already attempted:

$dom=new DOMDocument;
$dom->loadHTML($html);
$input=$dom->getElementById('password');
foreach($input as $pd){
    $pd->setAttribute('class', $pd->getAttribute('class').' vermei');
}
$html = $dom->saveHTML(); // return 'variable $html not found'

and

echo '<script>
        alert("Password Incorrect!");
        history.go(-1); //work until this part, the code below do not run. 
 //I did this go back cuz when form is submitted, go to config.php, and
 // this code back to sign in page
        var password = document.getElementById("password");
        document.getElementById("password").focus();
        password.classList.add("vermei");
    </script>';

Someone can help me with adding a "vermei" class in Password input?

Improve this question
8
  • 1
    and what is the problem? Commented Jan 11, 2022 at 17:32
  • 3
    getElementById just returns a single element, not a list. You don't need the loop. Commented Jan 11, 2022 at 17:33
  • @daremachine both codes does not add a vermei class to html, and nothing happen Commented Jan 11, 2022 at 17:35
  • 1
    Neither of these approaches make sense to me. In the first approach you appear to be overwriting an HTML file, when and why would you be doing that? And in the second approach you immediately redirect the user back to the previous page, so any code running after that is moot. Where are you performing the validation of the password input? It's not clear to me what the overall logic flow is here. But how you update the UI is going to entirely depend on that. Commented Jan 11, 2022 at 17:36
  • 1
    As an aside... If this is a login form then you shouldn't tell them which input was incorrect. All the user should know is that the login failed. Telling them that the username was correct but the password was not gives an attacker information. Not much information, and potentially something they could get otherwise, but it's best not to get into the habit of giving information to unauthenticated users. Commented Jan 11, 2022 at 17:38

1 Answer 1

Reset to default
0

Your first code doesn't work because $input is a single element, not a list, so you can't loop over it. Replace the loop with just:

$input->setAttribute("class", $input->getAttribute("class") . " vermei");

Normally you would do this in the code that outputs the form, e.g.

<form>
    ...
    Password: <input id="password" type="password" name="password" <?php if ($password_incorrect) echo 'class="vermei"'; ?>>
    ...
</form>
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.