• We've upgraded our forums. Please post any issues/requests in this thread.

Ajax Login Script

Joined
Mar 21, 2009
Messages
4,908 (1.54/day)
Likes
755
Location
Northampton,UK
System Name Spiderman
Processor AMD Ryzen 5 1600
Motherboard Asus Prime B350-Plus
Cooling AMD Wraith Spire Cooler/2x140mm Fractal Design case fans/1x120mm Fractal Design case fan
Memory TeamGroup Vulcan 16GB DDR4 2400MHZ CAS-13
Video Card(s) AMD Sapphire RX Vega 64 8GB
Storage SSD - OCZ ARC 100 256GB HDD - Western Digital Black 500GB+Western Digital Green 1TB
Display(s) Samsung C27F591 1080p 72Hz Monitor
Case Fractal Design Define R4 Titanium - Grey Window Version
Audio Device(s) onboard/Speakers: Logitech Z-4
Power Supply XFX Pro Semi Modular 650W
Mouse CMStorm Laser Mouse
Keyboard Corsair Strafe Cherry MX Red Keyboard
Software Windows 10 Professional 64-bit
#1
Hey guys i need some help with this login page of mine which implements the use of Ajax.
I have followed this tutorial:
http://www.91weblessons.com/php-ajax-login-validation-tutorial/
Now assuming if i have declared my variables correctly because when i enter the login details it echos "correct" but if i didn't it echo "enter correct details" or leave the text blank it ask me to fill the spaces.
The issue is its not parsing through to the index.php script correctly,i have to refresh the page for it to take me to the index page.
Any help or advice be great here's what my codes look like:
login.php:
<?php
session_start();
if(isset($_SESSION['LOGIN_STATUS']) && !empty($_SESSION['LOGIN_STATUS'])){
header('location:index.php');
}
?>

<head>

<title>PHP Ajax Login Validation Tutorial | 91 Web Lessons</title>

<script type="text/javascript" src="js/jquery-1.4.1.min.js"></script>
<script type="text/javascript">
function validLogin(){
var username=$('#username').val();
var pwd=$('#pwd').val();

var dataString = 'username='+ username + '&pwd='+ pwd;

$.ajax({
type: "POST",
url: "processed.php",
data: dataString,
cache: false,
success: function(result){
var result=trim(result);
$("#flash").hide();
if(result=='correct'){
window.location='list.php';
}
else{
$("#errorMessage").html(result);
}
}
});
}

function trim(str){
var str=str.replace(/^\s+|\s+$/,'');
return str;
}
</script>
</head>
<body>


<div id="wrapper">
<table align="center" class="login_box">
<tr><td colspan="2" id="errorMessage"></td></tr>
<tr>
<td>UserName</td>
<td><input type="text" name="username" id="username"></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="pwd" id="pwd"></td>
</tr>
<tr id="button_box">
<td>&nbsp</td>
<td><input type="button" name="submit" value="Submit" class="button" onclick="validLogin()"></td>
</tr>
<tr><td colspan="2" id="flash"></td></tr>
</table>
</div>



</body>
</html>
processed.php:
<?php
session_start();
include_once('johndb.php');
$message=array();
if(isset($_POST['username']) && !empty($_POST['username'])){
$username=mysql_real_escape_string($_POST['username']);
}else{
$message[]='Please enter username';
}

if(isset($_POST['pwd']) && !empty($_POST['pwd'])){
$pwd=mysql_real_escape_string($_POST['pwd']);
}else{
$message[]='Please enter password';
}

$countError=count($message);

if($countError > 0){
for($i=0;$i<$countError;$i++){
echo ucwords($message[$i]).'<br/><br/>';
}
}else{
$query="select * from signup where username='$username' and pwd='$pwd'";

$result=mysql_query($query);
$checkUser=mysql_num_rows($result);
if($checkUser > 0){
$_SESSION['LOGIN_STATUS']=true;
$_SESSION['username']=$username;
echo 'correct';
}else
{
echo ucwords('please enter correct user details');
}
}
?>
index.php:
<?php
session_start();
if(!isset($_SESSION['LOGIN_STATUS'])){
header('location:login.php');
}
?>
<html>
<head>
<title>PHP Ajax Login Validation Tutorial | 91 Web Lessons</title>
</head>
<body>
<div id="container">
<!--top section start-->

<div id='tutorialHead'>

<div class="tutorialLink"><a href="list.php" title="List"><h1>List</h1></a></div>

<div class="logout"><a href="logout.php" title="logout"><h1>Logout</h1></a></div>

</div>

<div id="wrapper">
<div class="user_intro"><h1>Welcome <?php echo $_SESSION['username'];?></h1></div>
</div>

</body>
</html>
logout.php:
<?php
session_start();
session_destroy();
header('location:login.php');
?>
 
Joined
Feb 21, 2014
Messages
204 (0.15/day)
Likes
45
Location
Finland
System Name WorstEVER
Processor Intel® Core™ i7-4770K
Motherboard MSI Z87-G45 GAMING
Cooling Thermalright Silver Arrow IB-E
Memory G.Skill 8GB (2x4GB) Sniper, DDR3 1600MHz, 9-9-9-24, 1.35V
Video Card(s) 7970 Matrix Platinum
Storage Samsung 840EVO / Samsung F1
Display(s) Crossover Blacktune 2763 AMG "PP"
Case Fractal Design Define R3
Audio Device(s) integrated
Power Supply Corsair HX 750 Gold
Software Win7 x64 ultimate
Benchmark Scores over 9000
#2
No encryption of the received password?
 
Joined
Mar 21, 2009
Messages
4,908 (1.54/day)
Likes
755
Location
Northampton,UK
System Name Spiderman
Processor AMD Ryzen 5 1600
Motherboard Asus Prime B350-Plus
Cooling AMD Wraith Spire Cooler/2x140mm Fractal Design case fans/1x120mm Fractal Design case fan
Memory TeamGroup Vulcan 16GB DDR4 2400MHZ CAS-13
Video Card(s) AMD Sapphire RX Vega 64 8GB
Storage SSD - OCZ ARC 100 256GB HDD - Western Digital Black 500GB+Western Digital Green 1TB
Display(s) Samsung C27F591 1080p 72Hz Monitor
Case Fractal Design Define R4 Titanium - Grey Window Version
Audio Device(s) onboard/Speakers: Logitech Z-4
Power Supply XFX Pro Semi Modular 650W
Mouse CMStorm Laser Mouse
Keyboard Corsair Strafe Cherry MX Red Keyboard
Software Windows 10 Professional 64-bit
#3
The only encryption i got is it display the stars instead of actual text when entered.
 
Joined
May 27, 2008
Messages
3,577 (1.03/day)
Likes
533
Location
Huddersfield, uk
Processor E8200
Motherboard Asus P5KC
Cooling cooler master hyper tx3, 2x 120mm, 1x 80mm
Memory 4 GB DDR3 OCZ Black Edition
Video Card(s) Gigabyte HD 2600xt silent pipe II
Storage 500GB WD Sata / 60 GB Samsung IDE
Display(s) 20" samusng LCD, gaming at 1680 x 1050
Case some old amd thing
Audio Device(s) onboard
Power Supply 650W
Software Windows 8.1, with 'start is back' obviously
Benchmark Scores It boots whilst im still young so im pleased with that.
#4
Code:
$("#flash").hide();
if(result=='correct'){
window.location='list.php';
}
What is list.php?

In your login page your redirecting to list.php after a successful ajax call. Maybe that's causing problems?
 
Joined
Mar 21, 2009
Messages
4,908 (1.54/day)
Likes
755
Location
Northampton,UK
System Name Spiderman
Processor AMD Ryzen 5 1600
Motherboard Asus Prime B350-Plus
Cooling AMD Wraith Spire Cooler/2x140mm Fractal Design case fans/1x120mm Fractal Design case fan
Memory TeamGroup Vulcan 16GB DDR4 2400MHZ CAS-13
Video Card(s) AMD Sapphire RX Vega 64 8GB
Storage SSD - OCZ ARC 100 256GB HDD - Western Digital Black 500GB+Western Digital Green 1TB
Display(s) Samsung C27F591 1080p 72Hz Monitor
Case Fractal Design Define R4 Titanium - Grey Window Version
Audio Device(s) onboard/Speakers: Logitech Z-4
Power Supply XFX Pro Semi Modular 650W
Mouse CMStorm Laser Mouse
Keyboard Corsair Strafe Cherry MX Red Keyboard
Software Windows 10 Professional 64-bit
#5
To be honest the index.php was a test page,i have managed to get to direct it to the list.php which is my intended page. However instead of automatically directing me to the list page it only echos "correct" and i have to refresh my browser to display the list page.
 
Joined
May 27, 2008
Messages
3,577 (1.03/day)
Likes
533
Location
Huddersfield, uk
Processor E8200
Motherboard Asus P5KC
Cooling cooler master hyper tx3, 2x 120mm, 1x 80mm
Memory 4 GB DDR3 OCZ Black Edition
Video Card(s) Gigabyte HD 2600xt silent pipe II
Storage 500GB WD Sata / 60 GB Samsung IDE
Display(s) 20" samusng LCD, gaming at 1680 x 1050
Case some old amd thing
Audio Device(s) onboard
Power Supply 650W
Software Windows 8.1, with 'start is back' obviously
Benchmark Scores It boots whilst im still young so im pleased with that.
#6
Excuse me but i have never used PHP before however, when making an AJAX call with AngularJS and NodeJS server side you cannot perform redirects server side due to it being an ajax call. Im assuming that your redirect is client side. I know window.location is a JavaScript thing but didn't know it there was something similar to PHP

If you stick a break point on the window.location. Is it being hit? is the result variable the value your expecting? Can there be caching issues or issues with the browser prevent the redirect?
 
Joined
Aug 10, 2007
Messages
4,058 (1.07/day)
Likes
1,122
Location
Geneva, FL, USA
Processor Intel i5-6600
Motherboard ASRock H170M-ITX
Cooling Cooler Master Geminii S524
Memory G.Skill DDR4-2133 16GB (8GB x 2)
Video Card(s) Gigabyte R9-380X 4GB
Storage Samsung 950 EVO 250GB (mSATA)
Display(s) LG 29UM69G-B 2560x1080 IPS
Case Lian Li PC-Q25
Audio Device(s) Realtek ALC892
Power Supply Seasonic SS-460FL2
Mouse Logitech G700s
Keyboard Logitech G110
Software Windows 10 Pro
#7
Don't see from a glance where it's failing, but a quick tip:

PHP:
if( !isset($_SESSION['LOGIN_STATUS']) ) {
    header('location:login.php');
    exit;
}
When using header() in this fashion you'll want to stop processing by exit. Header() will send an http header but the processing will continue and output sent to the requestor. In your example the worst is that you'll throw a undefined index notice ( echo $_SESSION['username']; ), but if you had somewhat important information information on that page it could be captured by anyone, not just those that have an account.