0

Hello i am trying to build login page. There are two pages login.php and login2.php login.php has a form which accepts email and password from the user which are sent to login2.php using $.post() login2.php checks email and password in DB and a message is sent to login.php which is supposed to be displayed in having id="msg" Problem is that message is printed but after that the page is refreshed and the message is gone

login.php

<form> 
    <input type="radio" name="role" value="tbl_staff_details" checked>Institute/Branch
    <input type="radio" name="role" value="tbl_student_details">Student/Parent
</br></br>
<div id="msg" style="color: red"></div>
  <div class="form-group has-feedback">
    <input type="email" class="form-control" placeholder="Email" id="mail">
    <span class="glyphicon glyphicon-envelope form-control-feedback"></span>
  </div>
  <div class="form-group has-feedback">
    <input type="password" class="form-control" placeholder="Password" id="pwd">
    <span class="glyphicon glyphicon-lock form-control-feedback"></span>
  </div>
  <div class="row">
    <div class="col-xs-8">
      <div class="checkbox icheck">
        <label>
          <input type="checkbox"> Remember Me
        </label>
      </div>
    </div>
    <!-- /.col -->
    <div class="col-xs-4">
      <button type="submit" class="btn btn-primary btn-block btn-flat" id="signin">Sign In</button>
    </div>
    <!-- /.col -->
  </div>
</form>

<script>
    $(function(){
        $("#signin").click(function(){
            var mail = $("#mail").val();
            var pwd = $("#pwd").val();
            var role = $("input[name='role']:checked").val();

            $.post("login2.php",
            {
                mail: mail,
                pwd: pwd,
                role: role
            },
            function(data,status){
                $("#msg").text(data);
        });





        });


    });
</script>

login2.php

<?php
$email=$_POST['mail'];
$pwd=$_POST['pwd'];
$table=$_POST['role'];

include_once 'conf.php';
if ($table=="tbl_staff_details") {
    $q="select * from ".$table." where email=".$email." and pwd=".$pwd;
}
else{
    $q="select * from ".$table." where stud_email='".$email."' and stud_pwd='".$pwd."' or stud_email='".$email."' and parent_pwd='".$pwd."'";
}
$r=mysqli_query($con,$q);
$ro=mysqli_num_rows($r);
if ($ro>0) {
    echo "Success";
    //header('location:test.php');
}
else{
    echo "Email or password is wrong";
}

?>

AliAbbas Bhojani
  • 25
  • 1
  • 6
  • 3
    Your code is vulnerable to [**SQL injection**](https://en.wikipedia.org/wiki/SQL_injection) attacks. You should use prepared statements with bound parameters, via either [**mysqli**](https://secure.php.net/manual/en/mysqli.prepare.php) or [**PDO**](https://secure.php.net/manual/en/pdo.prepared-statements.php). [**This post**](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) has some good examples. – Alex Howansky Jul 27 '18 at 16:28
  • 1
    **Never** store plain text passwords. Instead use [`password_hash()`](http://us3.php.net/manual/en/function.password-hash.php) and [`password_verify()`](http://us3.php.net/manual/en/function.password-verify.php). If you're using a version of PHP prior to 5.5, do **not** use MD5 or SHA1 to hash passwords. Instead you can use [this compatibility pack](https://github.com/ircmaxell/password_compat). – Alex Howansky Jul 27 '18 at 16:29
  • Also beware of operator precedence when you put an OR in the middle of your query like that, it's probably not going to work the way you want it. – Alex Howansky Jul 27 '18 at 16:31
  • Your message is disappearing because you are not cancelling the form submit. Webpages are stateless, until you inject state into them, based upon other persistent mediums of data storage. – Taplar Jul 27 '18 at 16:36
  • May I know why you need these two page jump to and fro for a single event ? This can be done through login.php itself which would have also reduced vulnerability . – PHP Web Jul 27 '18 at 16:51

1 Answers1

0

Make sure to take into account what the comments are saying about vulnerabilities like plain text passwords and sql injections. But it looks like the issue you are having is related to the fact that the button you click to submit the form is type='submit'

Because of this when you click the button the browser will try to make a new request to the page specified in your form or if not specified, the page you are currently on to submit your request.

There are two ways to get around this:

  1. Change the button to type='button' since you are already handling the on click event with jquery you don't need to submit
  2. use preventDefault(); to stop the submit event from happening
anthonyPHP
  • 185
  • 7