Login System - PHP and Jquery

Asked

Viewed 1,225 times

1

Hi, I’m making a login system and I’m having doubts in his security, it is very simple and does Ajax by Jquery a PHP page with Mysql, the code is this:

HTML:

<form id="loginForm" name="loginForm" action="teste.php" method="POST">
    <input type="text" name="loginUsuario" id="loginUsuario" class="input" value="NOME DE USÚARIO">
    <input type="text" name="loginSenha" id="loginSenha" class="input" value="SENHA">
    <input type="submit" name="loginEntrar" id="loginEntrar" class="input" value="ENTRAR">
</form>

Jquery:

<script>
$(document).ready(function() {

    $("#loginEntrar").click(function() {
        var loginLogin = $("#loginUsuario").val();
        var loginSenha = $("#loginSenha").val();
        $("#loginEntrar").prop('disabled', true);
        $.post('login.php', {
            login: loginLogin,
            senha: loginSenha
        }, function(resposta) {
            if (resposta == true) {
                $("#loginForm").submit();
            }
        }, 'html');
        return false;
    });

});
</script>

PHP: login.php

<?php

include "bd_connect.php";

$login=$_POST['login'];
$senha=$_POST['senha'];


$query = mysql_query("SELECT * FROM `usuarios` WHERE login LIKE '$login' AND senha LIKE '$senha'") or die(mysql_error());
$totalres = mysql_num_rows($query);

if ($totalres == 1)
{
echo true;
}
else
{
echo false;
}

?>

How do I translate from Mysql to mysqli and about this login method, it is safe ?

php javascript jquery

  • What doubt are you having?

  • About the login security!

  • 1

    These are two very broad doubts to answer, in my opinion.

  • 1

    I can answer with a simple: no ?

  • Your question is very wide. In any case, the essential questions have already been answered here: http://answall.com/questions/3571

  • To complement: the password is not encrypted in the bank, a select * from users and I have user and password of the whole system. The password input is a text field... if I’m behind someone I can see the password of the person on the monitor... Finally, start with the link sent by @Bacco

  • This here can help Select with Prepared statements Mysqli. But don’t use something like like senha...

Show 2 more comments

2 answers

0

Mysql to Mysqli changes little, at most the function call if I’m not mistaken.

Now log in to the query using LIKE? My suggestion is to leave with = and encrypt the bank passwords with md5.

In the file you make connection to the bank, one way to also take precautions is to scroll through all posts and get checked for malicious inject characters... They’re all good precautions to take

0

For mysqli you can do as follows:

$link = mysqli_connect("localhost", "login", "senha", "bd");

$verifica = mysqli_query($link, "SELECT * from users WHERE id='$id'");

I gave an example, now it’s apply to your case.

Browser other questions tagged php javascript jquery

You are not signed in. Login or sign up in order to post.