I'm totally new to javascript and fairly new to php... so...
I have a javascript login form that takes a users email and password, validates through a mysql database and gains entry to a folder that is protected by a htaccess file. This is set up to integrate with a PayPal subscription.
All OK so far.
The problem I have is that the folder contains several php files that require session data. Can anyone tell me if there is a way that the user email and password entered into the javascript form can be used as a hidden login for the php files. I want to avoid a second login for obvious reasons.
The javascript is below. I don't have a problem with making a php login work from a form, but how can I hide the form and use the javascript data?
window.onload = function()
{
var anchors = document.getElementsByTagName("a");
for (var foo = 0; foo < anchors.length; foo++) {
if (anchors[foo].className == "httpauth") {
if ( (BrowserDetect.browser != 'Safari') && (BrowserDetect.browser != 'Opera') ) {
createForm(anchors[foo]);
}
}
}
}
function createForm(httpauth)
{
var form = document.createElement("form");
form.action = httpauth.href;
form.method = "get";
form.onsubmit = login;
form.id = httpauth.id;
var username = document.createElement("label");
var usernameInput = document.createElement("input");
usernameInput.name = "username";
usernameInput.type = "text";
usernameInput.id = httpauth.id + "-username";
username.appendChild(document.createTextNode("Username : "));
username.appendChild(usernameInput);
var password = document.createElement("label");
var passwordInput = document.createElement("input");
passwordInput.name = "password";
passwordInput.type = "password";
passwordInput.id = httpauth.id + "-password";
password.appendChild(document.createTextNode("Password : "));
password.appendChild(passwordInput);
var submit = document.createElement("input");
submit.type = "submit";
submit.value = "Log in";
form.appendChild(username);
form.appendChild(password);
form.appendChild(submit);
var logoutLink = document.createElement("a");
/*logoutLink.href = "#";
logoutLink.onclick = logout;
logoutLink.appendChild(document.createTextNode("Log out"));
form.appendChild(logoutLink);*/
httpauth.parentNode.replaceChild(form, httpauth);
}
function getHTTPObject() {
var xmlhttp = false;
if (typeof XMLHttpRequest != 'undefined') {
try {
xmlhttp = new XMLHttpRequest();
} catch (e) {
xmlhttp = false;
}
} else {
/*@cc_on
@if (@_jscript_version >= 5)
try {
xmlhttp = new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
try {
xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
} catch (E) {
xmlhttp = false;
}
}
@end @*/
}
return xmlhttp;
}
function login()
{
var username = document.getElementById(this.id + "-username").value;
var password = document.getElementById(this.id + "-password").value;
var http = getHTTPObject();
//var url = "http://" + username + ":" + password + "@" + this.action.substr(7);
var url = this.action;
http.open("get", url, false, username, password);
http.send("");
if (http.status == 200) {
document.location = url;
} else {
alert("Incorrect username and/or password!");
}
return false;
}
function logout()
{
var http = getHTTPObject();
http.open("get", this.parentNode.action, false, "null", "null");
http.send("");
alert("You have been logged out.");
return false;
}
//http://www.quirksmode.org/js/detect.html
var BrowserDetect = {
init: function () {
this.browser = this.searchString(this.dataBrowser) || "An unknown browser";
this.version = this.searchVersion(navigator.userAgent)
|| this.searchVersion(navigator.appVersion)
|| "an unknown version";
this.OS = this.searchString(this.dataOS) || "an unknown OS";
},
searchString: function (data) {
for (var i=0;i<data.length;i++) {
var dataString = data[i].string;
var dataProp = data[i].prop;
this.versionSearchString = data[i].versionSearch || data[i].identity;
if (dataString) {
if (dataString.indexOf(data[i].subString) != -1)
return data[i].identity;
}
else if (dataProp)
return data[i].identity;
}
},
searchVersion: function (dataString) {
var index = dataString.indexOf(this.versionSearchString);
if (index == -1) return;
return parseFloat(dataString.substring(index+this.versionSearchString.length+1));
},
dataBrowser: [
{ string: navigator.userAgent,
subString: "OmniWeb",
versionSearch: "OmniWeb/",
identity: "OmniWeb"
},
{
string: navigator.vendor,
subString: "Apple",
identity: "Safari"
},
{
prop: window.opera,
identity: "Opera"
},
{
string: navigator.vendor,
subString: "iCab",
identity: "iCab"
},
{
string: navigator.vendor,
subString: "KDE",
identity: "Konqueror"
},
{
string: navigator.userAgent,
subString: "Firefox",
identity: "Firefox"
},
{
string: navigator.vendor,
subString: "Camino",
identity: "Camino"
},
{ // for newer Netscapes (6+)
string: navigator.userAgent,
subString: "Netscape",
identity: "Netscape"
},
{
string: navigator.userAgent,
subString: "MSIE",
identity: "Explorer",
versionSearch: "MSIE"
},
{
string: navigator.userAgent,
subString: "Gecko",
identity: "Mozilla",
versionSearch: "rv"
},
{ // for older Netscapes (4-)
string: navigator.userAgent,
subString: "Mozilla",
identity: "Netscape",
versionSearch: "Mozilla"
}
],
dataOS : [
{
string: navigator.platform,
subString: "Win",
identity: "Windows"
},
{
string: navigator.platform,
subString: "Mac",
identity: "Mac"
},
{
string: navigator.platform,
subString: "Linux",
identity: "Linux"
}
]
};
BrowserDetect.init();