tags:

views:

169

answers:

5
+1  Q: 

How to hide URL from users when submitting this form?

I have a form with many many fields...

When submitting these fields, I use the POST method which hides the actual variables passed along to the PHP page.

However, I can't get rid of the complete link.

Changing from GET to POST did make all the form fields invisible in the URL, but this part is still visible:

 mydomain.com/bin/query#

I want it to be invisible, or say:

 mydomain.com/search

I have mod_rewrite enabled so there is a possibility to do this with mod_rewrite I think, but I am new to mod_rewrite so I need your help...

How should I hide this URL?

If you need more input let me know...

+1  A: 

Try RewriteRule ^/search /bin/query then you can change your form action to /search

Keeper  2010-06-09 10:07:56
+3  A: 

When submitting a from you have to specify a action attribute for the form. I assume that your action is mydomain.com/bin/query# but you want it to be mydomain.com/search. Then you should use mydomain.com/search withing the action attibute and the following rewrite:

RewriteEngine on 
RewriteRule ^/search$ /bin/query [QSA,NC]

That would show mydomain.com/serach in the browsers URL.

EDIT: Using the QSA flag you can pass GET paremeters to your query script. The NC makes the rewrite case-insensitive.

Your form should look like this:

<form action="/search" method="post">
...
</form>
Kau-Boy  2010-06-09 10:09:43
Nice to see I'm not the only one who keeps making the "serach" typo
Manos Dilaverakis  2010-06-09 10:20:43
Kau-Boy  2010-06-09 10:27:23
+1  A: 

You shouldn't hide the URL, it is a waste of time.

The user's browser (which is under the control of the user) sends data to your server. Users will always be able to send whatever data they like to the form handler (since you can't tell the browser where to send it without making that information available to the user). Using mod_rewrite just changes the URL (so there is no security benefit from hiding it) and search engines don't make POST requests (so there is no SEO benefit).

If you are looking for a cosmetic benefit, then I really wouldn't worry about it. The number of users who would notice the URL the form submitted to is tiny, and the number who care is even smaller.

David Dorward  2010-06-09 10:16:08
+1  A: 

What you can do is issue a redirect following your form processing. 

// process form vars e.g.,
save_values($_POST);
// redirect
header('Location: /some/other/page');
exit;

Browser users will only see the page you eventually redirect too. It will still be possible to inspect the HTTP requests/responses to determine the location of the form processing if you know what you're doing.

rojoca  2010-06-09 10:51:44
+2  A: 

Supposing you're new in the web world, here is 2 rules for you to learn:

  1. According to HTTP standard, search must be done using GET method, not POST
  2. Hiding url is a nonsense. Though you can use mod_rewrite to beautify the URL, not to "hide" it.
  3. Hiding search variables is a nonsense, with no excuses. search must be done using GET method, not POST
Col. Shrapnel  2010-06-09 11:03:07
In my case, the form is submitted to a php page which uses POST to receive all the form fields and put them into variables. Then here i do queries on MySql database... This is the type of search I am talking about. Are you saying I should use GET instead of POST here? Why?
Camran  2010-06-09 11:19:23
@Camran no need to mention mysql here. every search in the world going this way. Your case is not exceptional one. Just look around: does google hide search variables? Or any other site? Why? Here you go: http://www.w3.org/Protocols/rfc2616/rfc2616.html "The GET method means retrieve whatever information". POST to save and GET to retrieve. That's why. There are ton of usability faults in the POST search. go try it in real, not in your imagination and see
Col. Shrapnel  2010-06-09 11:32:54
You are still not telling me why NOT to use POST? "Tons of usability faults" don't say much to me, and I have tried it in real, it works! I will post another Q about this, thanks...
Camran  2010-06-09 11:37:59
@Camran try F5 on search results
Col. Shrapnel  2010-06-09 11:49:58
One of the main issues is that a user will not be able to bookmark a "search query" he made. So he will always have to fill out the form again. But I don't agree, that using POST on searches should NEVER be done. Just in most cases it is not user friendly.
Kau-Boy  2010-06-09 14:18:14
@Col. Shrapnel: I think with hiding he actually wants to say that he wants to rewrite the URL. I would recommend to rewrite it but add the params with get to the URL.
Kau-Boy  2010-06-09 14:20:41

related questions

Autosizing Textarea
Regular expression for parsing links from a webpage?
What are good tools for creating compiled HTML help files (.chm)?
Looking for WYSIWYG HTML editor
Any reason not to start using the HTML 5 doctype?
HTML comments break down
HTML Comments Markup
Setting a div's height in HTML with CSS
Wrapping lists into columns
Is a "Confirm Email" input good practice when user changes email address?
<XMP> Tag
HTML version choice
Options for HTML scraping?
How do you disable browser Autocomplete on web form field / input tag?
How do I make a checkbox toggle from clicking on the text label as well?
Html CSS Editor
Wordpress theme development offline tools
How do I give my web sites an icon for iPhone?
In HTML, how to word-break on a dash?
Detecting font in JavaScript
How do you test layout design across multiple browsers/OSs?
How do I print an HTML document from a web service?
Multiple submit buttons on a HTML form
How can I determine a web user's time zone?
Why doesn't the percentage width child in absolutely positioned parent work in IE7?