Is this Possible....?

Question

PinoyDev -3 Posting Whiz in Training

13 Years Ago

Ive created a fancy box driven login.. Now i wonder if can I directly compare the login username and password to mysql using php tags.?

Here's the initial coding but it doesn't work..please correct me..

<script type="text/javascript">

$("#login_form").bind("submit", function() {
if ($("#login_name") != <?php $row_rec_mem_accnt['user_name']; ?> || $("#login_pass")!= <?php $row_rec_mem_accnt['password']; ?>) {
	    $("#login_error").show();
	    $.fancybox.resize();
	    return false;
	}
$.fancybox.showActivity();

	$.ajax({
		type		: "POST",
		cache		: false,
		url		: "members_accnt.php",
		data		: $(this).serializeArray(),
		success		: function(data) {
					$.fancybox(data);
		}
	});

	return false;
});

 </script>

Thanks for helping!!

javascript

Edited 13 Years Ago by PinoyDev because: n/a

3 Contributors
7 Replies
170 Views
2 Days Discussion Span
Latest Post 13 Years Ago Latest Post by PinoyDev

twiss 155 Veteran Poster

13 Years Ago

Don't check login and pass in javascript, if security is what you want. You'll have to check things in php. If you don't mind, add quotes around the php tags or call json_encode on the variables.

twiss 155 Veteran Poster

13 Years Ago

How do you store the users and passwords? If in a database, write a query that checks the login.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

PinoyDev -3 Posting Whiz in Training · Answer 1 · 2011-06-04T16:20:45+00:00

Don't check login and pass in javascript, if security is what you want. You'll have to check things in php. If you don't mind, add quotes around the php tags or call json_encode on the variables.

Thank you twiss.

Ive modify the code to this and it works..But it only compares to the first row of the registered users list table...How to make it compare to all registered users?

So far here's the modified code:

$("#login_form").bind("submit", function() {

	//if ($("#login_name").val().length < 1 || $("#login_pass").val().length < 1) {
	if ($("#login_name").val() != '<?php echo $row_rec_mem_accnt['user_name']; ?>' || $("#login_pass").val() != '<?php echo $row_rec_mem_accnt['password']; ?>') {
	    $("#login_error").show();
	    $.fancybox.resize();
	    return false;
	}

Thank you for helping!

dekarvn 0 Newbie Poster · Answer 2 · 2011-06-06T12:24:45+00:00

you probably shouldn't use jQuery to do the authentication, use PHP to do that.

PinoyDev -3 Posting Whiz in Training · Answer 3 · 2011-06-06T13:21:16+00:00

you probably shouldn't use jQuery to do the authentication, use PHP to do that.

ok..ive created a function to check the login..please correct me if im wrong.

heres the function to check the login:

<?php
function login_compare($login_user,$login_pass){
mysql_select_db($database_nmpc_web_conn, $nmpc_web_conn); //?from where??
$rlogin = mysql_query("SELECT user_name, password, member_id FROM tbl_members_list WHERE user_name = '$login_user' and password = '$login_pass'") or die(mysql_error());
$istrue = mysql_num_rows($rlogin);
if($istrue > 0){
return true;
}else{
return false;
}
}
?>

And here is the script to pass the values to the function..please correct if this is wrong...

$("#login_form").bind("submit", function() {

if ('<?php login_compare($("#login_name").val(),$("#login_pass").val())=false ?>') {
	    $("#login_error").show();
	    $.fancybox.resize();
	    return false;
	}
)

thank you for helping!

dekarvn 0 Newbie Poster · Answer 4 · 2011-06-06T15:07:09+00:00

Here is what I would go for

var login_to_check = $('#login_name').val();
var password_to_check = $('#login_pass').val();
$.ajax({
    url: "/post/checkpassword.php",
    type: "POST",
    data:login=login_to_check&password=password_to_check,
    success: function(){//success},
    error: function(){//error}
});

This actually do an ajax call to the checkpassword.php, posting the login and the password to that file. That will return either a true or a false, corresponding to the authentication results.

Oh and another thing, you might wanna hash the user's password, it kinda stored as plain text there :D

PinoyDev -3 Posting Whiz in Training · Answer 5 · 2011-06-06T15:15:20+00:00

Here is what I would go for
var login_to_check = $('#login_name').val();
var password_to_check = $('#login_pass').val();
$.ajax({
    url: "/post/checkpassword.php",
    type: "POST",
    data:login=login_to_check&password=password_to_check,
    success: function(){//success},
    error: function(){//error}
});
This actually do an ajax call to the checkpassword.php, posting the login and the password to that file. That will return either a true or a false, corresponding to the authentication results.
Oh and another thing, you might wanna hash the user's password, it kinda stored as plain text there :D

Ive made someting like this but it gets an error:
Parse error: syntax error, unexpected '(', expecting T_VARIABLE or '$' in C:\wamp\www\nonescostmpc\index.php on line 382

$("#login_form").bind("submit", function() {
    var iflogintrue=new boolean(0);
	iflogintrue='<?php echo login_compare($("#login_name").val(), $("#login_pass").val()); ?>';
	if (iflogintrue==0) {
	    $("#login_error").show();
	    $.fancybox.resize();
	    return false;
	}

Thank You!