Need help with Javascript

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Bigun
Forum Contributor
Posts: 237
Joined: Tue Jun 13, 2006 10:50 am

Need help with Javascript

Post by Bigun »

Ok, the, I believe that the PHP portion of the code is done.

But there are some things that I believe cannot be done by PHP, some 'realtime' things.

For instance, on my site, a current password is required before any changes can be made, including pictures, music, so on....

So, by the time the user has uploaded an entire song, they find out they didn't type their password.

So, this would have to be coded in javascript... right?
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

That made very little sense, but my answer is no. You don't need javascript. Until you make more sense of what you said, that will stay my answer.
User avatar
CoderGoblin
DevNet Resident
Posts: 1425
Joined: Tue Mar 16, 2004 10:03 am
Location: Aachen, Germany

Post by CoderGoblin »

Only PHP...
At it's simplest 3 scripts, Login.php,Index_list.php,Download.php

Login.php - Login form, when sucessful set userid (whatever) in a session. If no previous information is stored go to Index_list.php otherwise use the stored information to go back to where you came from.
download.php - Checks if userid is set, if not store information (again session) and go to Login.php

This means PHP is used at all times. Using javascript to log in could be a security issue has the javascript would be examined.
Bigun
Forum Contributor
Posts: 237
Joined: Tue Jun 13, 2006 10:50 am

Post by Bigun »

I'll reword it...


You have an account...

You have a form that you post an MP3's path....

You have an upload speed of 10Kbps....

It takes 10 minutes to upload the MP3...

Aww damn... didn't type the password, have to do it all over again...

Anyway I can check for a password before the form is processed?
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

wouldn't you make the user log in before even seeing that form?
Bigun
Forum Contributor
Posts: 237
Joined: Tue Jun 13, 2006 10:50 am

Post by Bigun »

Yes, they are logged in... but I'm thinking of the user walking away from the keyboard and some jackass comes along and f***s it up.

*OR*... they have their login set through cookies and are logged in for 3 days, same scenario.
malcolmboston
DevNet Resident
Posts: 1826
Joined: Tue Nov 18, 2003 1:09 pm
Location: Middlesbrough, UK

Post by malcolmboston »

personally i would do

Code: Select all

if (isset(($_SESSION['username'])) {
   // set at login time
   // show form
} else {
   // the user has not logged in
   // auto-redirect
   header ("Location: login.php);
}
Bigun
Forum Contributor
Posts: 237
Joined: Tue Jun 13, 2006 10:50 am

Post by Bigun »

malcolmboston wrote:personally i would do

Code: Select all

if (!isset(($_SESSION['username'])) {
   // set at login time
   // show form
} else {
   // the user has not logged in
   // auto-redirect
   // header ("Location: login.php);
}
Again.... the user *has* to be logged in to even see this page
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

so why would they need to enter a password if they are already logged in?
Bigun
Forum Contributor
Posts: 237
Joined: Tue Jun 13, 2006 10:50 am

Post by Bigun »

To keep other people from 'locally' screwing up any settings.

Just an extra layer of CYA.
nincha
Forum Contributor
Posts: 191
Joined: Fri Mar 28, 2003 12:30 pm
Location: CA, USA

Post by nincha »

save a time stamp on the session when user logs in. In the file that the form is going to (action=file.php)
check the timestamp. Or add another field for the user to enter password and authenticate the user again.
Post Reply