Help with setting cookie using javascript(altered)
Posted: Mon Jun 27, 2005 3:37 pm
Code: Select all
<?php
include ("accessConnection.php");
//read password cookie and assign it to the password textfield
if ($_COOKIE["checked"] != ""){
$password = $_COOKIE["password"];
$computerUser = $_COOKIE["computerUser"];
$checked = checked;
}
else{
$password = "";
$computerUser = "";
$checked = "";
}
if ($_POST["subAuthentication"] == "Sign In"){
$userValid = 0;
$error = "<center>";
$userName = $_POST["txtUserName"];
$query = "select Password from UserAccounts_tbl where UserName = '".htmlentities($_POST["txtUserName"])."' AND Password = '".$_POST["encryptedPass"]."' ";
$result = mysql_query($query);
if (mysql_num_rows($result) != 0) {
setcookie("userName", $userName, time() + (60*60*24*30));
if ($_POST["chStorePassword"]){
$pass = $_POST["txtPassword"];
setcookie("computerUser", $userName, time() + (60*60*24*30));
//setcookie("password", $pass, time() + (60*60*24*30));//will expire in 30 days
setcookie("checked", "true", time() + (60*60*24*30));
}
else{
setcookie("checked", "", time() + (60*60*24*30));//will expire in 30 days
setcookie("computerUser", "", time() + (60*60*24*30));
//setcookie("password", "", time() + (60*60*24*30));
}
?>
<script language="javascript">
window.location = "index.php";
</script>
<?
} else {
$error .= "Invalid username or password!!!";
}
$error .= "</center>";
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Blogger - Authentication</title>
<link href = "cms.css" rel="stylesheet" type="text/css" />
</head>
<script type="text/javascript" src="sha2.js"></script>
<script language="javascript">
<!--
function validateForm(form){
var userName = form.txtUserName.value;
var password = form.txtPassword.value;
var unencryptedPass = form.txtPassword.value;
var valid = 1;
var message = "";
if (userName == "" || password == ""){
message = ">>Please fill in all the fields!!!" + "\n";
valid = 0;
}
if (message != ""){
alert (message);
}
//set cookie if check box is checked and the basic validation is done
if (form.chStorePassword.value ==1 && valid == 1){
document.cookie = "password=" + unencryptedPass;
}
if (valid){
form.encryptedPass.value = hex_sha256(password);
return true;
}else{
return false;
}
}
//-->
</script>
<body>
<center>
<div class = "bordersOnly" style = " width:700px; font:Arial, Helvetica, sans-serif; font-size:50px; color:#FFFFFF; text-align:center; background-image: url(/images/bgBanner.gif); margin-top:20px ">
Blogger
</div>
<table class = 'bordersOnly' width = '700' cellspacing = '0' style="background-color:#000099; margin-top:10px">
<tr><td><br /><br /><br /></td></tr>
<tr><td><div class="Calign">
<table style="border: 1px solid #CCCCCC;background-color:#000099; font-weight:bolder; color:#FFFFFF" width = '500' cellspacing = '2'>
<tr class="subHeader"><td colspan="2"><div class="Calign">Log In to Blogger!!!</div></td></tr>
<?php echo "<tr><td colspan = '2' style = 'color:#CCCCCC; font-weight:bolder'>".$error."</td></tr>" ?>
<form name="frmAuthentication" method="post" action="" onsubmit='javascript:return validateForm(this)'>
<tr><td><input name="checkStatus" type="hidden" value="echo $_COOKIE['checked']" /></td></tr>
<tr><td><input name="encryptedPass" type="hidden" value="" /></td></tr>
<tr><td>UserName</td><td><input name="txtUserName" type="text" value="<? echo $computerUser ?>" size="60"/></td></tr>
<tr><td>Password</td><td><input name="txtPassword" type="password" value="<? echo $password ?>" size="60"/></td></tr>
<tr><td></td><td class="Lalign"> <input type="checkbox" name="chStorePassword" <? echo $checked ?> />
Log me in automatically </td></tr>
<tr class="Lalign"><td></td><td> <input name="subAuthentication" type="submit" value="Sign In" /></td></tr>
</form>
<tr><td colspan="2"><hr class="hrGray" /></td></tr>
<tr><td></td><td class="Lalign"> <a href="memberRegistration.php" class="login">Havenot registered yet, <br />
Click here to create an user account</a></td>
</tr>
<tr><td></td><td class="Lalign"> <a href="queries.php?action=forgotPassword" class="login">Forgot your password?</a></td></tr></table>
</td></tr><tr><td><br /><br /><br /></div></td></tr></table>
</center>
</body>
</html>1. Earlier I used to set the username and password cookie using PHP and the password is later md5'ied but now the password is sha256'd before passed to server. So now, when I login the cookie stores the sha256'd password and which get sha256'd when submitted. Then, I thought of setting unencrypted password cookie using javascript but for some reason I am not able to set 'password' cookie using javascript.
Sorry, if this post had been a little confusing for you. You can try the site http://raghavan.allhyper.com using visitor as username and password
Always, I welcome your comments.
d11wtq |
Code: Select all
tags[/color]