Solved

Login Submit - No Page Refresh

Posted on 2013-11-13
1
501 Views
Last Modified: 2013-11-13
My current login page if the login is incorrect the page refreshes and says that the username/pass is incorrect.  I want to do this so that it doesn't refresh the page.

<?php
  define("_VALID_PHP", true);
  require_once("init.php");
  
  if ($user->logged_in)
      redirect_to("/client/dashboard");
	  
	  
  if (isset($_POST['doLogin']))
      : $result = $user->login($_POST['username'], $_POST['password']);
  
  /* Login Successful */
  if ($result)
      : redirect_to("/client/dashboard");
  endif;
  endif;
?>
<?php include("header.php");?>
<div id="msgholder-alt"><?php print $core->showMsg;?></div>
    <div class="box">
      <form action="" method="post" id="login_form" name="login_form">
        <table width="100%" border="0" cellpadding="3" cellspacing="0" class="display">
          <tr>
            <th width="200"><strong>Username:</strong></th>
            <td><input name="username" type="text" size="45" maxlength="20" class="inputbox" /></td>
          </tr>
          <tr>
            <th><strong>Password:</strong></th>
            <td><input name="password" type="password" size="45" maxlength="20" class="inputbox" /></td>
          </tr>
          <tr>
            <td><input name="submit" value="Login Now" type="submit" class="button"/></td>
          </tr>
        </table>
        <input name="doLogin" type="hidden" value="1" />
      </form>
    </div>

Open in new window

0
Comment
Question by:N R
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 82

Accepted Solution

by:
leakim971 earned 500 total points
ID: 39645723
Put this in the head section of your page  :

<script src="//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script>
<script type="text/javascript">
$(document).ready(function() {
    $("#logindropdown img").click(function() {
          var u = $("#logindropdown input[name='username']").val();
          var p = $("#logindropdown input[name='password']").val();
          $.post("simple_login_to_attack.php", {username:u, password:p}, function(result) {
              if(result=="ok") location.href = "/client/dashboard";
              else alert("bad login/password");
          });
    })
})
</script>

Open in new window


with simple_login_to_attack.php:
<?php
  define("_VALID_PHP", true);
  require_once("init.php");
  if ($user->logged_in) die("ok");
  $result = $user->login($_POST['username'], $_POST['password']);
  if ($result) die("ok");
  die("fail");
?>

Open in new window

0

Featured Post

Don't Cry: How Liquid Web is Ensuring Security

WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article you'll learn how to use Ajax calls within your CodeIgniter application. To explain this, I'll illustrate how to implement a simple contact form to allow visitors to send you an email through your web site.
This article discusses four methods for overlaying images in a container on a web page
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question