Simple login using jquery and mysql

Hi Folks,

Are there any examples on how to setup a very simple login form using mysql and jqeury.

Once the details are entered and correct the rest of my site would be accessible.

Can anyeone point me oin the right direction?

Alot of the examples I’ve seen are too comlpicated for what i need.

Many thanks

Hello again,

AFAIK this cannot work in JavaScript alone, as JavaScript is a client-side technology, which can simply be turned off, thus rendering your login useless.
If I remember rightly, you’re using Joomla, right?
Isn’t this functionality already built in?

Either way, you’re better off going with a server-side language like PHP:
http://www.google.com/search?q=php+simple+login

Off Topic:

On a side note I always try to move users away from AJAX logins as you need SSL to truly lock down the connection between the client and server since man in the middle attacks are easy to accomplish with forms like this

Thanks very much for the rely. I’d to get something setup for for testing and learning.

How about something like this at the top of my index page:


<?php
if( $_SESSION['auth'] != 1 ) {
    require( 'login.php' );
break;

}
?>



Login.php



<?php
$name = $_POST['name'];
$pass = $_POST['pass'];

if( isset($name) || isset($pass) )
{
    if( empty($name) ) {
     

  var fancyContent = ('<div class="header"><p>please enter a name</p></div>');
  $.fancybox({ content: fancyContent });



    }
    if( empty($pass) ) {
  

  var fancyContent = ('<div class="header"><p>please enter a password</p></div>');
  $.fancybox({ content: fancyContent });



    }


    if( $name == "correct" && $pass == "correct" )
    {
        // Authentication successful - Set session
        session_start();
        $_SESSION['auth'] = 1;
        setcookie("username", $_POST['name'], time()+(84600*30));



  var fancyContent = ('<div class="header"><p>Access granted</p></div>');
  $.fancybox({ content: fancyContent });



    }
    else {

  var fancyContent = ('<div class="header"><p>Incorrect username or password!"</p></div>');
  $.fancybox({ content: fancyContent });


    }
}


// If no submission, display login form
else {


include('loginform.php')
break;

}
?>



Hi there,

The code you posted looks ok and you seem to be moving in the right direction.

I just found a simple login script on my PC.
I didn’t write it myself, rather it came from Stack Overflow (unfortunately, I cannot find the link any more).
Anyway, this works ok, so maybe you can have a look at it and get a couple of ideas.

You need to create this file:

access.php

<?php
//put sha1() encrypted password here - example is 'hello'
$password = 'aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d';

session_start();
if (!isset($_SESSION['loggedIn'])) {
    $_SESSION['loggedIn'] = false;
}

if (isset($_POST['password'])) {
    if (sha1($_POST['password']) == $password) {
        $_SESSION['loggedIn'] = true;
    } else {
        die ('Incorrect password');
    }
} 

if (!$_SESSION['loggedIn']): ?>

<html><head><title>Login</title></head>
  <body>
    <p>You need to login</p>
    <form method="post">
      Password: <input type="password" name="password"> <br />
      <input type="submit" name="submit" value="Login">
    </form>
  </body>
</html>

<?php
exit();
endif;
?>

And on every password protected page, you should put:

<?php
require('access.php');
?>

Hope that helps.

Hi Pullo,

Thats superb!

Can I tweak it to include a username with Windows Authentication too?

How about something like:


// define session variables
if (!isset($_SESSION['loggedIn'])) {
    $_SESSION['loggedIn'] = false;
}

// windows username
if (!isset($_SERVER['REMOTE_USER'])) {
    $_SERVER['REMOTE_USER'] = '';


}

// form post username
if (!isset($_SESSION['user'])) {
    $_SESSION['user'] = '';
}




if (isset($_POST['password']) && isset($_POST['username'])) {

	// check username and password
    if (($_POST['password']) == 'test' && ($_POST['username']) != '') {
	
	// set session variables
        $_SESSION['loggedIn'] = true;

        // check user has windows authentication
        if ($_SERVER['REMOTE_USER'] != '')

               $_SESSION['user'] = $_SERVER['REMOTE_USER'];

         }else{

            // if not populate with posted username

		$_SESSION['user'] = $_POST['username'];
	
         }
	
    }
	
	
    }else {
        die ('Incorrect details');
    }

Can you elaborate on that a little?
How would you be authenticating the user?

Thanks for the reply.

I’d like people on the network to be authenticated automatically, using the username they login to windows with.

People who access the site anonimously I’d like to be able to enter their own username.

I can use the login name as a Primary key in my DB that way to pull of records.

Are you using LDAP?

I’m not no.

Would it be possible to pick up the windows login using PHP and use that?

If it is, Microsoft would like to have a word with you. As would every virus writer in history.

You used to be able to get the login name… never the password.

Hi,

as StarLion says, user name yes, password no.
Could you not do something based on the IP range and User name?
(Presuming you have fixed IPs)