Unable To Login In Proper Email And Name
Solution 1:
A few things to consider:
1.) You are not using parameterized sql queries thus leaving your db open to sql injection. I changed your query structure to demonstrate how to use parameterized queries. Please stop doing it the way are doing it. Here is a link on this subject. Read it, bookmark it, and refer to it until you understand it. It's that important and not hard once you do it a few times.
https://websitebeaver.com/prepared-statements-in-php-mysqli-to-prevent-sql-injection
2.) When you use ajax here is what it happening. Your main html page is sending out an ajax query to another page. That page receives the response, does whatever code, and then sends an answer back to the main html page's ajax function that sent the request.
That response is received in the success block of the ajax function. The easiest way to pass data back and forth in my opinion is using the JSON format.
3.) Anything echoed in php will be sent to the ajax function.
4.)The data in my example is a json string not a json object so you have to convert the string to a json object.
5.)When building new code, do it in small blocks and do not move on until whatever you are working on works how you would expect. Then embellish the working code to do what you want. This will save you hours in troubleshooting and help you figure out the best workflow of your code before you spend hours coding what you think is going to happen.
6.) You can use name and emails for validating a login, but names are common and people can share emails. I would do something like an email/username and a password. For passwords use the php's native password functions.
http://php.net/manual/en/faq.passwords.php
So here is an example that should get you on the right track.
On your login.php change your ajax function to this:
$.ajax({
type: "POST",
url: "success.php",
data: formData,
processData: false,
contentType: false,
cache: false,
dataType: 'application/json; charset=utf-8',
success: function(response){
console.log('Ajax tried.');
console.log(response);
var data = JSON.parse(response); //Change from string to object.console.log(data);
if (data['success']) {
console.log('It worked!!!!');
//The user's name and email returned a //result from the user's table.
} else{
console.log('You have an error.');
console.log(data['errors']);
//Here are your errors. Do something with them.
}
}
});
Change your success.php to this:
<?php
session_start(); //Always do first.$mysqli = mysqli_connect("localhost","root","","ajax1");
if (isset($_SESSION['id'])){ //<--This should not be here. This should//be tested for on the login.php page.$errors['logged_in'] = TRUE;
}
//Checking is user existing in the database or not$query = "SELECT * FROM `users` WHERE name=? and email=?"; //<--Use placeholders.//Remember this: Prepare, bind, Execute.$stmt = $mysqli->prepare($query); //Prepare$stmt->bind_param("ss", $_POST['name'], $_POST['email']); //Bind$stmt->execute(); //Execute.$result = $stmt->get_result()->fetch_assoc();
if($result){
$_SESSION['name'] = $result['name']; //Safer to use data from db instead of post.$_SESSION['id'] = $result['userid'];
}else{
$errors['user_exists'] = FALSE;
}
$stmt->close(); //Important to free up resources for your next query.$response = array();
if(isset($errors) && $errors){
$response['success'] = FALSE;
$response['errors'] = $errors;
} else{
$response['success'] = TRUE;
}
echo json_encode($response); //<-- This is what gets sent back to ajax function.?>Hope this helps:)
Post a Comment for "Unable To Login In Proper Email And Name"