0

So I have a form 

<form id="login_form" method="post" action="login.php">
    <input type="text" name="email">
    <input type="password" name="pass">
    <input type="submit" name="submit" value="Log in" onclick="submitFunction()">
</form>

When the form is submitted I am checking if the username and password are correct 

if(isset($_POST['submit'])) {
    $email = $_POST['email'];
    $pass = $_POST['pass'];

    $sql = "SELECT email,password FROM user_details WHERE email='$email' AND password='$pass'";
    $result = $conn->query($sql);

    if ($result->num_rows > 0) {
        $_SESSION["email"] = $_POST['email'];
    }
    else {
        echo "Incorrect username or password. Please try again!";
    }
}

But I also want to load a new page, which I am trying to do via javascript

function submitFunction()
{
    window.location.href = "new url";
}

I tried replacing the submit button with just a button however then I can not get my php to execute because I can't use if(isset($_POST['submit'])), but if I use a submit button then I do not know how to call my javascript function because I can't use onclick can I? Any help would be appreciated :)

Also I know I should not just store the password in my database and sql injection and all that but I just want to try and get this to work

Improve this question
7
  • 1
    Start learning ajax? Commented Aug 2, 2016 at 18:44
  • Can you not use php to output the JavaScript code which will then be executed when the page has loaded? Commented Aug 2, 2016 at 18:44
  • 2
    Never store plain text passwords! Please use PHP's built-in functions to handle password security. If you're using a PHP version less than 5.5 you can use the password_hash() compatibility pack. Make sure you don't escape passwords or use any other cleansing mechanism on them before hashing. Doing so changes the password and causes unnecessary additional coding. Commented Aug 2, 2016 at 18:48
  • Little Bobby says your script is at risk for SQL Injection Attacks. Learn about prepared statements for MySQLi. Even escaping the string is not safe! Don't believe it? Commented Aug 2, 2016 at 18:48
  • @Don'tPanic do you mean using header('Location: newpage.html')? I feel stupid now I just tried that and it worked fine, I tried that before and couldn't get it to work, must have had an error elsewhere, thank you Commented Aug 2, 2016 at 18:54

3 Answers 3

Reset to default
2

You can just load the new page with PHP after you check the login. Unless you have some other reason you need to do it with JavaScript, I think it makes more sense to do it in PHP anyway, because you'll want to do different things depending on whether or not the login was successful.

if ($result->num_rows > 0) {
    $_SESSION["email"] = $_POST['email'];
    header('Location: new url');
    exit;
}
else {      
    echo "Incorrect username or password. Please try again!";
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Not really sure where you want to execute the JS code, something like this:

if(isset($_POST['submit'])) {
    $email = $_POST['email'];
    $pass = $_POST['pass'];

    $sql = "SELECT email,password FROM user_details WHERE email='$email' AND password='$pass'";
    $result = $conn->query($sql);

    if ($result->num_rows > 0) {
        $_SESSION["email"] = $_POST['email'];

        // Output JsvaScript code here?
        echo "
        <script>
        function submitFunction()
        {
            window.location.href = \"new url\";
        }
        </script>
        ";
    }
    else {
        echo "Incorrect username or password. Please try again!";
    }
}

Something like that should work but there are a few security issues with your code. I'll assume you're just messing about and learning.

Improve this answer

Comments

0

This is where Ajax comes in. I would perform this using AJAX and Jquery Do not forget to include Jquery. 

$("#check").click(function(){

    $.ajax({
        type: "POST",
        url: "file.php",
        data: {email: $("#email").val(), pass: $("#pass").val()},
         beforeSend: function()
        { 
            $('#check').attr('disabled',true);
        },
        success :  function(response)
        {      
           if(response=="correct"){
             setTimeout('window.location.href = "new url"',1000);
           }else{
setTimeout('window.location.href = "bad login url"',1000);
            
           }
        }


    });
    return false;

});

In your Php code file.php Use this

if(isset($_POST['submit'])) {
    $email = $_POST['email'];
    $pass = $_POST['pass'];

    $sql = "SELECT email,password FROM user_details WHERE email='$email' AND password='$pass'";
    $result = $conn->query($sql);

    if ($result->num_rows > 0) {
        $_SESSION["email"] = $_POST['email'];

       echo "correct";
    }
    else {
        echo "Incorrect username or password. Please try again!";
    }
}

For Html 

<form id="login_form" method="post">
    <input type="text" id="email" name="email">
    <input type="password" id="pass" name="pass">
    <input type="submit" name="submit" value="Log in" id="check">
</form>

Hope this information will help Please learn Ajax, It is very helpful in such problems. Thank you

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.