bs0d |
Subject: "re: Errors on
same page"
Posted: @ 6:07 pm on Mar 09 2008
|
|
|
 Member #: 1 Rank: Admin. - (1,505) Since: 02/06/05 Posts: 600 From: USA
|
This is done by
Javascript and
Ajax. I don't
have any
articles on
that yet. So
you'll have to
search Google.
From my
experience,
it's not hard
to learn but
you have to
remember, it
won't work if
someone has
javascript
disabled on
their browser-
And, you want
to make sure to
still validate
input on the
server side
(PHP); So
you're really
double coding
for the sake of
user-friendly
features, but
isn't that
what it's all
about?
|
Viewed: 10,292 Times | |  |
Genius |
Subject: "re: Errors on
same page"
Posted: @ 8:57 pm on Mar 09 2008
|
|
|
 Member #: 582 Rank: User - (77) Since: 02/18/08 Posts: 76 From: kmmk
|
Ah, thanks!
I was Googling
PHP errors on
same page I
thought it was
all PHP but I
was wrong,
anyway I found
bunch of
results on AJAX
Thanks!
EDIT: Ok, I
found some
tutorials but
its too hard to
follow them.
Will be
appreciate if
you could make
a tutorial that
is simple and
easy to
understand.
Edited at 12:30:01 am on 03/10/08
|
Viewed: 10,284 Times | |  |
alvsky |
Subject: "re: Errors on
same page"
Posted: @ 8:55 am on Mar 10 2008
|
|
|
Member #: 614 Rank: User - (3) Since: 03/07/08 Posts: 3
|
Here is one way
to do it with
PHP
To display
Wrong
username/passwo
rd message on
login page do
following:
in in.php
replace this
line
Code:
if(!$q)
die("Logi
n Failure: An
error occured,
please verify
your username
and password
are
correct."
);
with following
code
Code:
if(!$q){
$message =
"Login
Failure: please
verify your
username and
password are
correct."
;
header("L
ocation:
login.php?err_m
essage=".
$message."
;");
exit;
}
in login.php
somwhere above
Login form (or
anywhere else
put this:
Code:
<? echo
$_GET['err_mes
sage'];?>
div>
That should do
the trick.
Similar is for
all other error
messages.
|
Viewed: 10,265 Times | |  |
Genius |
Subject: "re: Errors on
same page"
Posted: @ 8:10 pm on Mar 10 2008
|
|
|
 Member #: 582 Rank: User - (77) Since: 02/18/08 Posts: 76 From: kmmk
|
Omg.
Thanks so much!
Hope it works
for me. Ill let
ya know if it
does work.
EDIT: Yes! It
worked. Thanks!
Edited at 08:49:32 pm on 03/10/08
|
Viewed: 10,241 Times | |  |
misterhaan |
Subject: "re: Errors on
same page"
Posted: @ 2:09 pm on Mar 11 2008
|
|
|
 Member #: 5 Rank: User - (213) Since: 02/11/05 Posts: 148 From: chair
|
it's a bad
idea to
directly echo
something
user-entered
(like
$_GET['err_mes
sage'])
because it
could contain
javascript to
redirect to a
different page
or sniff
passwords or
any number of
other
things.
always make
sure to use
htmlspecialchar
s() or
htmlentities()
before echoing
anything that
could have come
from the user.
please note
that the above
post is likely
made up in its
entirety. |
Viewed: 10,220 Times | |  |
Genius |
Subject: "re: Errors on
same page"
Posted: @ 8:23 pm on Mar 11 2008
|
|
|
 Member #: 582 Rank: User - (77) Since: 02/18/08 Posts: 76 From: kmmk
|
Hmmm, but user
didn't enter
anything, there
was error when
logged in. So
would someone
still could do
code injection?
Even though the
error came from
a script that
will log you
in?
|
Viewed: 10,209 Times | |  |
misterhaan |
Subject: "re: Errors on
same page"
Posted: @ 2:23 pm on Mar 20 2008
|
|
|
 Member #: 5 Rank: User - (213) Since: 02/11/05 Posts: 148 From: chair
|
for example,
someone can
post this
link:
http://www.your
site.com/login.
php?err_message
=<script>
window.location
="http://
www.evilsite.co
m/"</s
cript>
then it your
site would send
anyone who
clicked the
link to
evilsite.com,
and they might
think you meant
to have that
happen.
also, the
Location header
is supposed to
use a fully
qualified URL
(starting with
http://)
please note
that the above
post is likely
made up in its
entirety. |
Viewed: 9,982 Times | |  |
Genius |
Subject: "re: Errors on
same page"
Posted: @ 6:49 pm on Mar 20 2008
|
|
|
 Member #: 582 Rank: User - (77) Since: 02/18/08 Posts: 76 From: kmmk
|
ahh ok. I'll
fix those
header before I
go and buy a
hosting. Its in
my local
machine right
now.
|
Viewed: 9,976 Times | |  |
Viewing Page: 1 of 1 |