Well I'm using the follownig form in a page called login.php
Code: Select all
<form action="index.php" method="POST" onsubmit="return validation();">
<tr align="left">
<td><label class="admin_login_text">username</label></td>
<td><input type="text" id="admin_user" /></td>
</tr>
<tr align="left">
<td><label class="admin_login_text">password</label></td>
<td><input type="password" id="admin_pass" /></td>
</tr>
<tr>
<td colspan="2">
<br /><input type="image" src="images/buttons/login_btn.png" value="Submit" class="login_btn" id="login_btn" />
</td>
</tr>
</form>Code: Select all
function validation(){
document.getElementById('error_message_div').innerHTML= '';
var returnFlag;
user = document.getElementById("admin_user").value;
password = document.getElementById("admin_pass").value;
if (user == ''){
document.getElementById('error_message_div').innerHTML += '<tr><td colspan="2"><div class="error_message">Please ender a username</div></td></tr>';
returnFlag = "no";
}
else if (password == ''){
document.getElementById('error_message_div').innerHTML += '<tr><td colspan="2"><div class="error_message">please enter a password</div></td></tr>';
returnFlag = "no";
}
else {
returnFlag = "yes";
}
httpObject = ajaxObject();
if (httpObject != null) {
file_url = "includes/check_the_login.php?user="+user+"&password="+password;
httpObject.open("GET" ,file_url, true);
httpObject.send(null);
check = setOutput();
//alert('check = ' + check);
if(!check){
//if (setOutput())
//alert('It s false...');
returnFlag = 'yes';
}
if(check){
//alert('It s true...');
//if(!setOutput())
document.getElementById('error_message').innerHTML = httpObject.responseText;
returnFlag = 'no';
}
}
if (returnFlag == 'yes'){
return true;
}else{
return false;
}
}
function ajaxObject()
{
var xmlhttp;
if (window.XMLHttpRequest)
{
return xmlhttp=new XMLHttpRequest();
}
else if (window.ActiveXObject)
{
return xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
}
else
{
alert("Your browser does not support XMLHTTP! <br> XMLHTTP is necessary for AJAX. Please update your browser.");
}
}
function setOutput(){
//alert("set output");
if(httpObject.readyState == 4){
//alert('httpObject.responseText : ' + httpObject.responseText);
if(httpObject.responseText == 'False'){
return false;
}
else{
return true;
}
}
}
I should also mention that the index checks if the sessions username value is set, and the start time value:
Code: Select all
<?php
session_start();
$inactive = 60;
// check to see if $_SESSION['timeout'] is set
if(isset($_SESSION['timeout']) ) {
$session_life = time() - $_SESSION['start'];
if($session_life > $inactive)
{
session_destroy();
}
}
$_SESSION['timeout'] = time();
if (!isset($_SESSION['uname'])){
header("Location: login.php?warning_type=1");
}
echo '<br /><b>Dude ' . $_SESSION['uname'] . ' ' . $_SESSION['start']. '</b>';
?>Also if I comment the header (in the index page) that makes the redirection, I notice that in the first load of index it doesn't echo the session values, but when I refresh the page it does...
Hope you understood my question...
Any suggestions??? Thanks!!!