Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $(document).ready(function () {
- // jQuery validate plugin
- $('#login > form').validate({
- rules: {
- username: { required: true },
- password: { required: true }
- },
- submitHandler: function () {
- var credentials = {
- "username": $('#username').val(),
- "password": $('#password').val()
- };
- $.post('ajax/tryLogin.php', credentials)
- .done(function (data) {
- if (data.hasOwnProperty('success') &&
- data['success']) {
- window.location = 'catalog.php';
- } else if (data.hasOwnProperty('message')) {
- alert(data['message']);
- } else {
- alert('Communication with the server failed.');
- }
- })
- .fail(function () {
- alert('Communication with the server failed.');
- })
- }
- });
- });
- if (empty($_POST['username']) || empty($_POST['password'])) {
- $data['success'] = false;
- $data['message'] = 'Username and password are required.';
- } else {
- try {
- $data['success'] = Security::TryLogin($_POST['username'], $_POST['password']);
- } catch (Exception $e) {
- $data['success'] = false;
- $data['message'] = $e->getMessage();
- }
- }
- header('Content-type: application/json');
- echo json_encode($data);
- class Security
- {
- //...
- public static function TryLogin($username, $password)
- {
- $username = strtolower($username);
- $password = sha1($password . $username);
- try {
- $user = Users::FindByUsernameAndPassword($username, $password);
- if (session_id() == '') {
- session_start();
- }
- $_SESSION[self::USER_IDENTIFIER] = $user;
- return true;
- } catch (Exception $e) {
- throw new Exception('Username of password incorrect.');
- }
- }
- //...
- }
- <?php
- include_once('config.php');
- include_once(ROOT . 'libs/database.php');
- include_once(ROOT . 'libs/models/user.php');
- class Security
- {
- //...
- public static function TryLogin($username, $password)
- {
- $username = strtolower($username);
- $password = sha1($password . $username);
- $conn = Database::getConnection();
- if (empty($conn)) {
- throw new Exception('The connection to the database failed.');
- }
- $result = odbc_exec($conn, '{CALL [BruPartsOrderDb].[dbo].[tryLogin]("' . $username . '", "' . $password . '")}');
- if (empty($result)) {
- throw new Exception('The execution of the query failed.');
- }
- $row = odbc_fetch_row($result);
- if (empty($row)) {
- throw new Exception('Username or password incorrect.');
- }
- if (session_id() == '') {
- session_start();
- }
- $_SESSION['user'] = new User(odbc_result($result, 'id'), $username);
- return true;
- }
- //...
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement