How does it work?

There is something like form:
<table border="0" cellpadding="0" cellspacing="0" class="tblcalss" height="65" width="40%"> 
 the <tr> 
 <td class="whitebold" height="37" align="right" width="20%" id="account">Account</td> 
 <td class="whitebold" height="37" align="center" width="2%">:</td> 
 <td width="78%"> <input id="txt_Username" class="input_login" name="txt_Username" type="text" maxlength="31"></td> 
 </tr> 
 the <tr> 
 <td class="whitebold" align="right" id="Password">Password</td> 
 <td class="whitebold" align="center" >:</td> 
 <td> <input id="txt_Password" class="input_login" name="txt_Password" type="password">
 <button id="button" class="submit" name="Submit" onClick="SubmitForm();" type="button">Login</button></td> 
 </tr> 
 </table>


There's this javascript:

function SubmitForm() {
 var Username = document.getElementById('txt_Username');
 var Password = document.getElementById('txt_Password');
 var appName = navigator.appName;
 var version = navigator.appVersion;
/*?????????COOKIE????*/
 //function MD5(str) { return hex_md5(str); }
 //GetRandCnt function() { return 178504; }
 var cookie = document.cookie;
 if ("" != cookie) {
 var date = new Date();
date.setTime(date.getTime()-10000);
 cookie22 var = cookie + ";expires=" + date.toGMTString();
document.cookie=cookie22;
 } 

 var cnt = GetRandCnt();
 var cookie2 = "Cookie=" + "tid=" + MD5("" + cnt) + MD5(Username.value + cnt ) + MD5(MD5(Password.value) + cnt) + ":" + "Language:" + Language + ":" +"id=-1;path=/";

 document.cookie = cookie2;

 Username.disabled = true;
 Password.disabled = true;

window.location.replace('/login.cgi');
 return true;
}


I understand that /login.cgi waiting for some kind of cookie? Which is formed in var cookie2?

How can any of this code above, to understand how to form a "string", something like /login.cgi?name=admin&pass=admin&cookie=1231234...something else.... (I do not stick)

Which would then past the form into the address bar to enter site.ru/login.cgi?name=admin&pass=admin&cookie=1231234
and log where it is necessary (knowing of course login, password)?
March 19th 20 at 08:58
1 answer
March 19th 20 at 09:00
I understand that /login.cgi waiting for some kind of cookie? Which is formed in var cookie2?

How can any of this code above, to understand how to form a "string",

Yes, he is. Yes, formed. To understand something is possible but "string" is not needed, because no one waiting. Waiting for cookies.

Open your textbook or Wikipedia and read what is a cookie.

And anyway, this script is better to throw the whole - it's not safe.

Find more questions by tags JavaScript