[RESOLVED] Change this javascript to post with url

Simplyput

I have found this code below and converted it to use another CMS. I am trying to take the information and post it to another login form with the url. This code renders but shows the raw username and password in the browser. I tried a few methods I have found on line with dismal results. Every example I have tried or seen does not have the dbescapestring. How can I convert this to post with the varrs below?

function jrBridge_PHP_Nuke_login($data)
{
echo "<script type=\"text/javascript\">top.location.replace ('http://..../modules.php?name=Your_Account&file=index&op=login&username=". dbEscapeString($data['user_nickname']) ."&user_password=". dbEscapeString($_data['user_password']) ."')</script>";
return(true);
}

Simplyput

Okay I think this will work but I am stuck on one piece of the code.

function post_to_url(path, params, method) {
        method = method || "post";

    var form = document.createElement("form");

    //move the submit function to another variable
    //so that it doesn't get over written
    form._submit_function_ = form.submit;

    form.setAttribute("method", method);
    form.setAttribute("action", path);

    for(var key in params) {
        var hiddenField = document.createElement("input");
        hiddenField.setAttribute("type", "hidden");
        hiddenField.setAttribute("name", ulogin);
        hiddenField.setAttribute("value", params[key]);

        form.appendChild(hiddenField);
    }

    document.body.appendChild(form);
    form._submit_function_(); //call the renamed function
}
post_to_url("http://xxx./index.php?name=Your_Account/", { submit: "submit" } ); //works!

I am lost on what should replace parmams key. Should this be the dbEscapeString($_data['user_nickname']) or do I leave off the dbescape?

hiddenField.setAttribute("value", ($_data['user_nickname']));

Or

hiddenField.setAttribute("value", dbEscapeString($_data['user_nickname']));

Simplyput

I did more research and figured out I had it all wrong and made the correct changes to the code and it was not the solution I needed. so I will mark this resolved.