0

Whenever I click the submit button of my login, I'm taken to a blank page which has the texts "403 Forbidden", I feel that this may be due to the URL of my login page as it is "mywebsite.com8:8888/login/" and is hosted on a different port (I'm using Tornado web server).

HTML

 <form method="POST">
      <fieldset id="inputs">
        <input name="username" id="username" required>   
        <input name="password" id="password" type="password" name="Password" placeholder="Password" required>
      </fieldset>
      <fieldset id="actions">
        <input type="submit" id="submit" value="Log in" name="submit">
        <label><input type="checkbox" checked="checked"> Keep me signed in</label>
      </fieldset> 
     </form> <div id="container"></div>

PHP

<?php header('Access-Control-Allow-Origin: *'); ?>
<?php
if (isset($_POST['submit'])){
session_start(); 
error_reporting(0); 

    $username = $_POST['username'];
    $password = md5($_POST['password']);

        $connection = mysql_connect("localhost", "moot", "lmlkmklmklmkl"); // Establishing Connection with Server
$db = mysql_select_db("snamr", $connection); // Selecting Database from Server
        $sql="SELECT * FROM accs WHERE name='$username' and password='$password'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
$check = mysql_query("SELECT active FROM accs WHERE name = '$username'");
while($rows=mysql_fetch_assoc($check)){
      $active = $rows['active'];
}

// If result matched $myusername and $mypassword, table row must be 1 row
if($count!=1){
echo "Wrong Username or Password";
}
elseif ($active == 0) {
echo "Your account isn't active!";
}
else {
    $_SESSION['username'] = $username; 
}
$time = time();
$setLogged= mysql_query("UPDATE accs SET loginstatus = '$time' WHERE name = '$username'") or die(mysql_error());
}
}
?>

JAVASCRIPT WHICH LOADS THE PHP INTO HTML (good reasons for this)

    <script type="text/javascript">     
$(document).ready(function(){
    $("#container").load('http://mywebsite.com/sname/signing.php');
  });
</script>

The login form along with the PHP works with all other files on my default port but when I take the code to my files hosted on port 8888 things go wrong. Hence why I think the main issue may be in the domain.

Any solutions?

KingAlfredChameleon
  • 407
  • 6
  • 18
  • JS will not load a site from a different ORIGIN than where it is hosted unless you [ENABLE CORS](http://stackoverflow.com/questions/7852225/is-it-safe-to-use-support-cors-true-in-jquery) – mplungjan Jan 01 '15 at 08:58
  • The thing is, the php actually loads into the web page as I've checked the Google Chrome Console and have changed the PHP to generate random numbers on the page and it works. Or am I missing something? – KingAlfredChameleon Jan 01 '15 at 09:38
  • So you are submitting to the same page since you do not have an action: `
    ` i.e. posting to an html page. Add the URL to the action property of the form
     – mplungjan Jan 01 '15 at 10:01
  • I added action="http://mywebsite.com/home.php" the login worked but when I pointed it to the actual "/room/1" I received the same error. – KingAlfredChameleon Jan 01 '15 at 11:22

0 Answers0