0

Code Logic:
1) User types in username and password, user clicks submit.
2) jQuery script pulls the php script below.
3) jQuery determines which php value is returned.
4) if value 1 is returned, jquery and php will process what's in the if statement.
5) if value 0 is returned, jquery and php will process whats in the else statement.
How do I successfully make the code below work alongside the logic above? I can't seem to make a connection in my mind.

class1.php 

$email = mysql_real_escape_string(strip_tags($_POST["username"]));
$password = sha1($_POST["password"]);
$sql = "SELECT * FROM users WHERE username = '{$email}' AND password = '{$password}'";
$result = mysql_query($sql) or exit("ERROR: " . mysql_error() . "<br>IN QUERY: " . $sql);

if (mysql_num_rows($result) > 0) {
    return 1;
    $row = mysql_fetch_array($result);
    $_SESSION["userid"] = $row['user_pid'];
} else {
    return 0;
    $userid_generator = uniqid(rand(), false);
    mysql_query("INSERT INTO users (user_pid, email, password, datetime_registered, is_leader) VALUES ('$userid_generator', '{$email}', '{$password}', NOW(), 'no')");
    $id = mysql_insert_id();
        $leaders = mysql_query("SELECT * FROM users WHERE is_leader LIKE '%yes%'");
        while($rows = mysql_fetch_array($leaders)) {
            if ($rows['is_leader'] == 'yes') {
                $leader_id = $rows['user_pid'];
                mysql_query("INSERT IGNORE INTO friends (node1id, node2id, friends_since, friend_type)
                VALUES('$leader_id', '$userid_generator', NOW(), 'full')");
                echo "new user created and logged in";
                }
    $_SESSION["userid"] = $userid_generator;
        }
    }
?>

index.html:

<script src="http://code.jquery.com/jquery-latest.js"></script>

<style type="text/css">
.loading {
    float:right; 
    background:url(img/ajax-loader.gif) no-repeat 1px; 
    height:28px; 
    width:28px; 
    display:none;
}
</style>

<script type="text/javascript">
$(document).ready(function() {
    $('#submit').click(function () {
    var username = $('input[username=username]');
    var password = $('input[password=password]');

    var data = 'name=' + name.val() + '&email=' + email.val() + '&website='
    + website.val() + '&comment='  + encodeURIComponent(comment.val());

    $('.text').attr('disabled','true');
    $('.loading').show();

        $.ajax({
            url: "processing/class1.php", 
            type: "POST",
            //pass the data
            data: data,     
            //Do not cache the page
            cache: false,
            //success
            success: function (html) {              
                //if process.php returned 1/true (send mail success)
                if (html==1) {                  
                   alert('success');

                //if process.php returned 0/false (send mail failed)
                } else { alert('failure');
            }
        });
        return false;
    });
});
</script>

<input type="text" id="username" name="username" />
<input type="password" id="password" name="password" />
<input type="submit" id="submit" />
<div class="loading"></div>
<div id="display"></div>
Improve this question

1 Answer 1

Reset to default
1

Ajax is effectively a "blind client". So, think of what you would see if you were to manually view the php script, and interpret that as what your ajax callback would be parsing.

Having said that, the "0/1" return you're looking for is dependent on one (of many) echos going on in your script (most notably the following):

echo "new user created and logged in";

if you want the ajax callback to recognize a 0/1, this would need to only echo a "1" (not verbiage), where as errors would simply return a "0" (such as your or exit("ERROR...).

EDIT

Also, looking further, your var data = 'name=' component (assuming you want it to align with the PHP $_POST["username"]) should probably be renamed to var data ='username=' (the data property of the ajax call is what' populating your PHP's $_POST variables, so names need to align).

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

So essentially I need to strip all the PHP method's which return Boolean 0-1 values?
And good catch on the username/password problem... set side from the val() method, do I need to incorporate any Javascript/jQuery methods to better secure my transmission of data? E.g. serialization?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.