0

Ive created a fancy box driven login.. Now i wonder if can I directly compare the login username and password to mysql using php tags.?

Here's the initial coding but it doesn't work..please correct me..

<script type="text/javascript">

$("#login_form").bind("submit", function() {
if ($("#login_name") != <?php $row_rec_mem_accnt['user_name']; ?> || $("#login_pass")!= <?php $row_rec_mem_accnt['password']; ?>) {
	    $("#login_error").show();
	    $.fancybox.resize();
	    return false;
	}
$.fancybox.showActivity();

	$.ajax({
		type		: "POST",
		cache		: false,
		url		: "members_accnt.php",
		data		: $(this).serializeArray(),
		success		: function(data) {
					$.fancybox(data);
		}
	});

	return false;
});

 </script>

Thanks for helping!!

Edited by blocker: n/a

3
Contributors
7
Replies
10
Views
6 Years
Discussion Span
Last Post by blocker
0

Don't check login and pass in javascript, if security is what you want. You'll have to check things in php. If you don't mind, add quotes around the php tags or call json_encode on the variables.

0

Don't check login and pass in javascript, if security is what you want. You'll have to check things in php. If you don't mind, add quotes around the php tags or call json_encode on the variables.

Thank you twiss.

Ive modify the code to this and it works..But it only compares to the first row of the registered users list table...How to make it compare to all registered users?

So far here's the modified code:

$("#login_form").bind("submit", function() {

	//if ($("#login_name").val().length < 1 || $("#login_pass").val().length < 1) {
	if ($("#login_name").val() != '<?php echo $row_rec_mem_accnt['user_name']; ?>' || $("#login_pass").val() != '<?php echo $row_rec_mem_accnt['password']; ?>') {
	    $("#login_error").show();
	    $.fancybox.resize();
	    return false;
	}

Thank you for helping!

Edited by blocker: n/a

0

How do you store the users and passwords? If in a database, write a query that checks the login.

0

you probably shouldn't use jQuery to do the authentication, use PHP to do that.

0

you probably shouldn't use jQuery to do the authentication, use PHP to do that.

ok..ive created a function to check the login..please correct me if im wrong.

heres the function to check the login:

<?php
function login_compare($login_user,$login_pass){
mysql_select_db($database_nmpc_web_conn, $nmpc_web_conn); //?from where??
$rlogin = mysql_query("SELECT user_name, password, member_id FROM tbl_members_list WHERE user_name = '$login_user' and password = '$login_pass'") or die(mysql_error());
$istrue = mysql_num_rows($rlogin);
if($istrue > 0){
return true;
}else{
return false;
}
}
?>

And here is the script to pass the values to the function..please correct if this is wrong...

$("#login_form").bind("submit", function() {

if ('<?php login_compare($("#login_name").val(),$("#login_pass").val())=false ?>') {
	    $("#login_error").show();
	    $.fancybox.resize();
	    return false;
	}
)

thank you for helping!

Edited by blocker: n/a

0

Here is what I would go for

var login_to_check = $('#login_name').val();
var password_to_check = $('#login_pass').val();
$.ajax({
    url: "/post/checkpassword.php",
    type: "POST",
    data:login=login_to_check&password=password_to_check,
    success: function(){//success},
    error: function(){//error}
});

This actually do an ajax call to the checkpassword.php, posting the login and the password to that file. That will return either a true or a false, corresponding to the authentication results.

Oh and another thing, you might wanna hash the user's password, it kinda stored as plain text there :D

0

Here is what I would go for

var login_to_check = $('#login_name').val();
var password_to_check = $('#login_pass').val();
$.ajax({
    url: "/post/checkpassword.php",
    type: "POST",
    data:login=login_to_check&password=password_to_check,
    success: function(){//success},
    error: function(){//error}
});

This actually do an ajax call to the checkpassword.php, posting the login and the password to that file. That will return either a true or a false, corresponding to the authentication results.

Oh and another thing, you might wanna hash the user's password, it kinda stored as plain text there :D

Ive made someting like this but it gets an error:
Parse error: syntax error, unexpected '(', expecting T_VARIABLE or '$' in C:\wamp\www\nonescostmpc\index.php on line 382

$("#login_form").bind("submit", function() {
    var iflogintrue=new boolean(0);
	iflogintrue='<?php echo login_compare($("#login_name").val(), $("#login_pass").val()); ?>';
	if (iflogintrue==0) {
	    $("#login_error").show();
	    $.fancybox.resize();
	    return false;
	}

Thank You!

Edited by blocker: n/a

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.