0

I have this code:

<form id="login" name="login" class="login-form" action="./" method="post">
      <h2>Log In</h2>
      <div class="error" style="display:none"></div>
      <input type="text" id="login-username" placeholder="Full Name" />
      <input type="password" id="login-password" placeholder="Password" />
      <button onclick="submitLogin();">Log In</button>
    </form>

    <script type="text/javascript">
$(".login").submit(function(ev){
  ev.preventDefault();
});

function submitLogin() {
    username = $(".login-username").val();
    password = $(".login-password").val();
    $.ajax({
        type: "POST",
        url: "login.php",
        datatype: "string",
        data: {'username' : username, 'password' : password},

.....

And this is my PHP script (login.php):

<?php
session_start();
require_once 'config.php';

$uName = $_POST['username'];
$pWord = md5($_POST['password']);

$query = "SELECT id, username, password, email FROM users WHERE username = '$uName' AND password = '$pWord'";
$result = mysql_query($query) or die(mysql_error());
$numrows = mysql_num_rows($result);
$row = mysql_fetch_assoc($result);


if($numrows == 1 ) {
    echo 'true';
    $_SESSION['uName'] = $row['username'];
}
else {
    echo 'false';
    }
?>

When I try to echo out $uName or $pWord its empty. Not sure whats going on. Help would be awesome. When I edit a correct username and password to $uName and $pWord into the PHP.. say: $uName = kriiv; and that is a correct username, it echoes out fine. So it just looks like the data is not coming across via the AJAX call.

Improve this question
3
  • Change (".login-username") to ("#login-username") and (".login-password") to ("#login-password") since you're using IDs and not classes. Commented Jul 26, 2014 at 5:22
  • 1
    Don't wait till your site gets hacked. Someone posted a question earlier about his getting hacked with similar code as yours. Your code is highly prone to SQL injection. Use mysqli_ with prepared statements, or PDO with prepared statements. Commented Jul 26, 2014 at 5:26
  • 1
    Plus, for password storage use CRYPT_BLOWFISH or PHP 5.5's password_hash() function. For PHP < 5.5 use the password_hash() compatibility pack. MD5 is old and considered broken. Commented Jul 26, 2014 at 5:26

2 Answers 2

Reset to default
1

Copy these it will work because login-username and login-password are id's not class.

username = $("#login-username").val();
password = $("#login-password").val();
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Change this

   username = $(".login-username").val();
   password = $(".login-password").val();

to 

   username = $("#login-username").val();
   password = $("#login-password").val();

. is used to get element having class # is used for having id , your element having id not class

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.