•
•
•
•
What is DaniWeb IT Discussion Community?
You're currently browsing the JavaScript / DHTML / AJAX section within the Web Development category of DaniWeb, a massive community of 363,829 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 4,136 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Please support our JavaScript / DHTML / AJAX advertiser: Lunarpages Web Hosting
Views: 2540 | Replies: 18 | Solved
 |
•
•
Join Date: Jul 2006
Posts: 155
Reputation: 
Rep Power: 2
Solved Threads: 0
Junior Poster
hello, i'm trying to get http://superiorminitrucks.com/admin login functionality to work. It's my first logon script, which was tested to work, but I'm running out of brute force to get this one through...
<?php
//////**************************************/
//
// LOGIN PAGE
//
// Server-side:
// 1. Start a session
// 2. Clear the session
// 3. Generate a random challenge string
// 4. Save the challenge string in the session
// 5. Expose the challenge string to the page via a hidden input field
//
// Client-side:
// 1. When the completes the form and clicks on Login button
// 2. Validate the form (i.e. verify that all the fields have been filled out)
// 3. Set the hidden response field to HEX(MD5(server-generated-challenge + user-supplied-password))
// 4. Submit the form
//******************************/
session_start();
session_unset();
srand();
$challenge = "";
for ($i = 0; $i < 80; $i++) {
$challenge .= dechex(rand(0, 15));
}
$_SESSION[challenge] = $challenge;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Superior Mini Trucks</title>
<link href="../site.css" media="screen" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="../moo.js"> </script>
<script type="text/javascript" src="/admin/jmd5.js"> </script>
<script type="text/javascript">
var num = 0;
function login(num) {
var loginForm0 = document.getElementById("loginForm0");
var loginForm1 = document.getElementById("loginForm1");
var loginForm2 = document.getElementById("loginForm2");
var loginForm3 = document.getElementById("loginForm3");
var submitForm = document.getElementById("submitForm" + num);
if (loginForm0.username.value == "" && loginForm1.username.value == "" && loginForm2.username.value == "" && loginForm3.username.value == "") {
alert("Please enter your user name.");
return false;
}
if (loginForm0.password.value == "" && loginForm1.password.value == "" && loginForm2.password.value == "" && loginForm3.password.value == "") {
alert("Please enter your password.");
return false;
}
if(num == 0) {
submitForm.username.value = loginForm0.username.value;
submitForm.response.value =
hex_md5(<?php echo $challenge; ?>+loginForm0.password.value);
submitForm.submit(); }
if(num == 1) {
submitForm.username.value = loginForm1.username.value;
submitForm.response.value =
hex_md5(<?php echo $challenge; ?>+loginForm1.password.value);
submitForm.submit(); }
if(num == 2) {
submitForm.username.value = loginForm2.username.value;
submitForm.response.value =
hex_md5(<?php echo $challenge; ?>+loginForm2.password.value);
submitForm.submit(); }
if(num == 3) {
submitForm.username.value = loginForm3.username.value;
submitForm.response.value =
hex_md5(<?php echo $challenge; ?>+loginForm3.password.value);
submitForm.submit(); }
} // end login()
window.addEvent('domready', function() {
var mySlide_inventory = new Fx.Slide('test');
var mySlide_information = new Fx.Slide('test1');
var mySlide_options = new Fx.Slide('test2');
var mySlide_home = new Fx.Slide('test3');
mySlide_inventory.hide();
mySlide_information.hide();
mySlide_options.hide();
mySlide_home.hide();
$('slidein').addEvent('click', function(e){
e = new Event(e);
mySlide_inventory.slideIn();
e.stop();
});
$('slideout').addEvent('click', function(e){
e = new Event(e);
mySlide_inventory.slideOut();
e.stop();
});
$('toggle').addEvent('click', function(e){
e = new Event(e);
mySlide_inventory.toggle();
e.stop();
});
$('hide').addEvent('click', function(e){
e = new Event(e);
mySlide_inventory.hide();
e.stop();
});
$('slidein1').addEvent('click', function(e){
e = new Event(e);
mySlide_information.slideIn();
e.stop();
});
$('slideout1').addEvent('click', function(e){
e = new Event(e);
mySlide_information.slideOut();
e.stop();
});
$('toggle1').addEvent('click', function(e){
e = new Event(e);
mySlide_information.toggle();
e.stop();
});
$('hide1').addEvent('click', function(e){
e = new Event(e);
mySlide_information.hide();
e.stop();
});
$('slidein2').addEvent('click', function(e){
e = new Event(e);
mySlide_options.slideIn();
e.stop();
});
$('slideout2').addEvent('click', function(e){
e = new Event(e);
mySlide_options.slideOut();
e.stop();
});
$('toggle2').addEvent('click', function(e){
e = new Event(e);
mySlide_options.toggle();
e.stop();
});
$('hide2').addEvent('click', function(e){
e = new Event(e);
mySlide_options.hide();
e.stop();
});
$('slidein3').addEvent('click', function(e){
e = new Event(e);
mySlide_home.slideIn();
e.stop();
});
$('slideout3').addEvent('click', function(e){
e = new Event(e);
mySlide_home.slideOut();
e.stop();
});
$('toggle3').addEvent('click', function(e){
e = new Event(e);
mySlide_home.toggle();
e.stop();
});
$('hide3').addEvent('click', function(e){
e = new Event(e);
mySlide_home.hide();
e.stop();
});
});
</script>
<style type="text/css">
body {
text-align: left;
}
#test, #test1, #test2, #test3 {
background: #222;
color: #fff;
padding: 10px;
margin: 20px;
}
#test {
border: 10px solid saddlebrown;
}
#test1 {
border: 10px solid darkgoldenrod;
}
#test2 {
border: 10px solid darkkhaki;
}
#test3 {
border: 10px solid olive;
}
a {
text-size: large;
font-weight: bold;
text-decoration: none;
outline: none;
color: white;
border-bottom: 2px solid white;
}
</style>
</head>
<body>
<blockquote>
<h3 style="color: white;" class="section">Please Login</h3>
<a id="slideout" href="#"></a><a id="slidein" href="#"></a> <a id="toggle" href="#">Home</a><a id="hide" href="#"></a>
<div id="test">
<form id="loginForm0" action="#" method="post">
<table>
<?php if (isset($_REQUEST[error])) { ?>
<tr>
<td>Error</td>
<td style="color: red;"><?php echo $_REQUEST[error]; ?></td>
</tr>
<?php } ?>
<tr>
<td>User Name</td>
<td><input type="text" name="username"/></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="password"/></td>
</tr>
<tr>
<td> </td>
<td>
<input type="hidden" name="challenge" value="<?php echo $challenge; ?>"/>
<input type="button" name="submit" value="Login" onclick="login(0);"/>
</td>
</tr>
</table>
</form>
<form id="submitForm0" action="authenticate.php" method="post">
<div>
<input type="hidden" name="username"/>
<input type="hidden" name="response"/>
</div>
</form>
</div>
<a id="slideout1" href="#"></a> <a id="slidein1" href="#"></a> <a id="toggle1" href="#">Inventory</a> <a id="hide1" href="#"></a>
<div id="test1">
<form id="loginForm1" action="#" method="post">
<table>
<?php if (isset($_REQUEST[error])) { ?>
<tr>
<td>Error</td>
<td style="color: red;"><?php echo $_REQUEST[error]; ?></td>
</tr>
<?php } ?>
<tr>
<td>User Name</td>
<td><input type="text" name="username"/></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="password"/></td>
</tr>
<tr>
<td> </td>
<td>
<input type="hidden" name="challenge" value="<?php echo $challenge; ?>"/>
<input type="button" name="submit" value="Login" onclick="login(1);"/>
</td>
</tr>
</table>
</form>
<form id="submitForm1" action="authenticate1.php" method="post">
<div>
<input type="hidden" name="username"/>
<input type="hidden" name="response"/>
</div>
</form>
</div>
<a id="slideout2" href="#"></a> <a id="slidein2" href="#"></a> <a id="toggle2" href="#">Information</a><a id="hide2" href="#"></a>
<div id="test2">
<form id="loginForm2" action="#" method="post">
<table>
<?php if (isset($_REQUEST[error])) { ?>
<tr>
<td>Error</td>
<td style="color: red;"><?php echo $_REQUEST[error]; ?></td>
</tr>
<?php } ?>
<tr>
<td>User Name</td>
<td><input type="text" name="username"/></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="password"/></td>
</tr>
<tr>
<td> </td>
<td>
<input type="hidden" name="challenge" value="<?php echo $challenge; ?>"/>
<input type="button" name="submit" value="Login" onclick="login(2);"/>
</td>
</tr>
</table>
</form>
<form id="submitForm2" action="authenticate2.php" method="post">
<div>
<input type="hidden" name="username"/>
<input type="hidden" name="response"/>
</div>
</form>
</div>
<a id="slideout3" href="#"></a><a id="slidein3" href="#"></a> <a id="toggle3" href="#">Options</a><a id="hide3" href="#"></a>
<div id="test3">
<form id="loginForm3" action="#" method="post">
<table>
<?php if (isset($_REQUEST[error])) { ?>
<tr>
<td>Error</td>
<td style="color: red;"><?php echo $_REQUEST[error]; ?></td>
</tr>
<?php } ?>
<tr>
<td>User Name</td>
<td><input type="text" name="username"/></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="password"/></td>
</tr>
<tr>
<td> </td>
<td>
<input type="hidden" name="challenge" value="<?php echo $challenge; ?>"/>
<input type="button" name="submit" value="Login" onclick="login(3);"/>
</td>
</tr>
</table>
</form>
<form id="submitForm3" action="authenticate3.php" method="post">
<div>
<input type="hidden" name="username"/>
<input type="hidden" name="response"/>
</div>
</form>
</div>
</blockquote>
</body>
</html>
•
•
Join Date: Jul 2006
Posts: 155
Reputation:
Rep Power: 2
Solved Threads: 0
Junior Poster
It's my first logon script. It works until I try to change the action by validating radio button selection.. Help is greatly appreciated. I've been working on this steadily for days.
<?php
/////////////////////////////////////////////////////////////////////////////
//
// LOGIN PAGE
//
// Server-side:
// 1. Start a session
// 2. Clear the session
// 3. Generate a random challenge string
// 4. Save the challenge string in the session
// 5. Expose the challenge string to the page via a hidden input field
//
// Client-side:
// 1. When the completes the form and clicks on Login button
// 2. Validate the form (i.e. verify that all the fields have been filled out)
// 3. Set the hidden response field to HEX(MD5(server-generated-challenge + user-supplied-password))
// 4. Submit the form
//////////////////////////////////////////////////////////////////////////////////
session_start();
session_unset();
srand();
$challenge = "";
for ($i = 0; $i < 80; $i++) {
$challenge .= dechex(rand(0, 15));
}
$_SESSION[challenge] = $challenge;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Login</title>
<script type="text/javascript" src="/admin/jmd5.js"></script>
<script type="text/javascript">
function login() {
var loginForm = document.getElementById("loginForm");
if (loginForm.username.value == "") {
alert("Please enter your user name.");
return false;
}
if (loginForm.password.value == "") {
alert("Please enter your password.");
return false;
}
var homePanel;
var inventoryPanel;
var informationPanel;
var optionsPanel;
var homePanel = document.getElementById("home");
var inventoryPanel =document.getElementById("inventory");
var informationPanel =document.getElementById("information");
var optionsPanel =document.getElementById("options");
if(homePanel.checked) document.getElementById("submitForm").action="home_page_control.php";
else if(inventoryPanel.checked) document.getElementById("submitForm").action="inventory_control.php";
else if(informationPanel.checked) document.getElementById("submitForm").action="information_control.php";
else if(inventoryPanel.checked) document.getElementById("submitForm").action="options_control.php";
else
alert("Please select an administration panel.");
var submitForm = document.getElementById("submitForm");
submitForm.username.value = loginForm.username.value;
submitForm.response.value =
hex_md5(loginForm.challenge.value+loginForm.password.value);
submitForm.submit();
}
</script>
<style type="text/css">
body {
background: #CCCC99;
outline: none;
}
input {
outline: none;
}
</style>
</head>
<body>
<blockquote>
<fieldset style="background: #FFFFCC;"><legend style="background: #669966; height: 30px; width: auto; padding: 5px; border: 1px solid #222; color: #fff; letter-spacing: 3px; font-weight: bold; font-size: 18px; font-family: Arial, Helvetica, sans-serif">Please Login</legend>
<form id="loginForm" action="#" method="post">
<table width="381" height="244">
<?php if (isset($_REQUEST[error])) { ?>
<tr>
<td>Error</td>
<td style="color: red;"> </td>
<td style="color: red;"> </td>
<td style="color: red;"><?php echo $_REQUEST[error]; ?></td>
</tr>
<?php } ?>
<tr>
<td>User Name</td>
<td> </td>
<td> </td>
<td><input type="text" size="28" name="username"/></td>
</tr>
<tr>
<td>Password</td>
<td> </td>
<td> </td>
<td><input type="password" size="28" name="password"/></td>
</tr>
<tr>
<td> Select Control Panel </td>
<td> </td>
<td> </td>
<td><label>
<input type="radio" name="select_panel" value="home" id="home" />
Home</label></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td> </td>
<td><label>
<input type="radio" name="select_panel" value="inventory" id="inventory" />
Inventory</label></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td> </td>
<td><label>
<input type="radio" name="select_panel" value="information" id="information" />
Information</label></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td> </td>
<td><label>
<input type="radio" name="select_panel" value="options" id="options" />
Options</label></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td> </td>
<td style="text-align: right; padding-right: 30px;">
<input type="hidden" name="challenge" value="<?php echo $challenge; ?>"/>
<input type="button" name="submit" value="Login" onclick="login();"/> </td>
</tr>
</table>
</form>
<form id="submitForm" [[[ action removed from here ]]] method="post">
<div>
<input type="hidden" name="username"/>
<input type="hidden" name="response"/>
</div>
</form>
</fieldset>
</blockquote>
</body>
</html>•
•
Join Date: Mar 2008
Posts: 165
Reputation:
Rep Power: 1
Solved Threads: 16
Junior Poster
If I understand you correctly.... U are struggling with validating radiobutton (i.e) U wana make sure that one of them are seleceted well if thats the case, we can attempt to fix by doing the following, not that I know but I think u need to group ur radio buttons, that means u cant validate each one them, and thats why they merely use the for loop to validate radio buttons
now lets try this solution and see where it takes us
now lets try this solution and see where it takes us
javascript Syntax (Toggle Plain Text)
Last edited by Traicey : May 14th, 2008 at 6:40 am.
Some people get so rich they lose all respect for humanity. That's how rich I want to be.
•
•
Join Date: Jul 2006
Posts: 155
Reputation:
Rep Power: 2
Solved Threads: 0
Junior Poster
This worked. (Sorry for the spacing mess... man I miss gedit....)
<script type="text/javascript">
function login() {
var loginForm = document.getElementById("loginForm");
if (loginForm.username.value == "") {
alert("Please enter your user name.");
return false;
}
if (loginForm.password.value == "") {
alert("Please enter your password.");
return false;
}
var submitForm = document.getElementById("submitForm");
submitForm.username.value = loginForm.username.value;
submitForm.response.value =
hex_md5(loginForm.challenge.value+loginForm.password.value);
submitForm.submit();
}
function changeAction() {
var homePanel = document.getElementById("home");
var inventoryPanel =document.getElementById("inventory");
var informationPanel =document.getElementById("information");
var optionsPanel =document.getElementById("options");
var submitFormAction = document.getElementById("submitForm");
if(homePanel.checked) {
submitFormAction.action="authenticate.php";
login();
}
else if(inventoryPanel.checked) {
submitFormAction.action="authenticate1.php";
login();
}
else if(informationPanel.checked) {
submitFormAction.action="authenticate2.php";
login();
}
else if(optionsPanel.checked) {
submitFormAction.action="authenticate3.php";
login();
}
else {
alert("Please select an administration panel.");
return false;
}
}
</script>•
•
Join Date: Dec 2004
Location: London or Slovakia
Posts: 1,788
Reputation:
Rep Power: 8
Solved Threads: 187
Any reason for this complicated approach, mix of PHP and JavaScript if you can do it better with PHP on its own?
PS after merge: Please do not flood forum with multiple posts!
PS after merge: Please do not flood forum with multiple posts!
Last edited by peter_budo : May 14th, 2008 at 1:47 pm. Reason: After merge comment
Learn to see in another's calamity the ills which you should avoid.
Publilius Syrus
(~100 BC)
If we helped you to solve your problem, answered your question please mark your post as SOLVED.
Publilius Syrus
(~100 BC)
If we helped you to solve your problem, answered your question please mark your post as SOLVED.
•
•
Join Date: Jul 2006
Posts: 155
Reputation:
Rep Power: 2
Solved Threads: 0
Junior Poster
Nevermind, Mister. I solved it myself, complex as it is...
•
•
Join Date: Mar 2008
Posts: 165
Reputation:
Rep Power: 1
Solved Threads: 16
Junior Poster
•
•
•
•
Originally Posted by tefflox
Nevermind, Mister. I solved it myself, complex as it is...
Some people get so rich they lose all respect for humanity. That's how rich I want to be.
•
•
Join Date: Dec 2004
Location: London or Slovakia
Posts: 1,788
Reputation:
Rep Power: 8
Solved Threads: 187
@Traicey the complex code is mainly not his. Original code provide nice PHP implementation which tefflox took it and loaded with various bits and pieces of JavaScript
PS: I'm marking it as solved based on original poster comment "I solved it myself"
PS2: Please try to use proper English as "leet" speak or "chatroom" peak is not welcome here. Thank you for understanding
PS: I'm marking it as solved based on original poster comment "I solved it myself"
PS2: Please try to use proper English as "leet" speak or "chatroom" peak is not welcome here. Thank you for understanding
Learn to see in another's calamity the ills which you should avoid.
Publilius Syrus
(~100 BC)
If we helped you to solve your problem, answered your question please mark your post as SOLVED.
Publilius Syrus
(~100 BC)
If we helped you to solve your problem, answered your question please mark your post as SOLVED.
•
•
Join Date: Mar 2008
Posts: 165
Reputation:
Rep Power: 1
Solved Threads: 16
Junior Poster
•
•
•
•
Originally Posted by Peter_Budo
Traicey the complex code is mainly not his
We may rather call it plagiarism than just a plain homework, Anyways Im just glad I dont have to go through all that, mainly trying to fascinate or impress Daniweb's Gurus with the code that is not my own making
•
•
Join Date: Jul 2006
Posts: 155
Reputation:
Rep Power: 2
Solved Threads: 0
Junior Poster
You moderators have too much time on your hands. I'm not here to learn the ropes. I'm here to get help. If it takes three moderators and eight PM's to tell me somthing trivial, daniweb is beginning to look like history.
That JS code is all mine, bizzo.
Good night and good luck!
That JS code is all mine, bizzo.
Good night and good luck!
|
•
•
•
•
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
•
•
•
•
•
•
•
•
DaniWeb JavaScript / DHTML / AJAX Marketplace
Linear Mode
- Previous Thread: suckerfish hover or submit on IE
- Next Thread: Pull down menue using getElemntById --Help Please
