I have a problem trying to login to my local webpage. When I click on the enter button or when loading the page, it appears on the console:
Making validation of the query I also notice that the variables that are passed by post do not take them and the query is empty with the user and password variables.
Php code:
public function Login(){
try{
if(!empty($_POST['user']) and !empty($_POST['pass']) and !empty($_POST['session'])){
$db = new Conexion();
$this->user = $db->real_escape_string($_POST['user']);
$this->pass = $this->Encrypt($_POST['pass']);
$sql = $db->query("SELECT * FROM login WHERE usuario='$this->user' AND pass='$this->pass';");
$path0 = $_SERVER['DOCUMENT_ROOT'];
$path0 .= "mm/sqlLogin.txt";
fopen($path0, "r");
$myfile = fopen($path0, "w") or die("Unable to open file!");
fwrite($myfile, $sql);
fclose($myfile);
if($db->rows($sql) > 0){
if($_POST['session'] == true) {
$datos = $db->recorrer($sql);
$_SESSION['id'] = $datos=['idlogin'];
$_SESSION['user'] = $datos=['usuario'];
$_SESSION['email'] = $datos=['email'];
init_set('session.cookie_lifetime', time() + (60*60*24*1));
echo 1;
}
}else{
throw new Exception(2);
}
$db->liberar($sql);
$db->close();
}else{
$sql ='Error en query al intentar login en = ' . ("SELECT * FROM login WHERE usuario='$this->user' AND pass='$this->pass';") . ' Datos vacíos';
$path0 = $_SERVER['DOCUMENT_ROOT'];
$path0 .= "mm/loginlog.txt";
$myfile = fopen($path0, "w") or die("Unable to open file!");
fwrite($myfile, $sql);
fclose($myfile);
//throw new Exception('Error datos vacíos.');
}
}catch(Exception $e){
echo $e->getMessage();
}
}
JS Code:
window.onload = function(){
document.getElementById("send_request").onclick = function(){
var connect, user, pass, session, form, result;
user = document.getElementById("user").value;
pass = document.getElementById("pass").value;
session = document.getElementById("session").checked ? true : false;
if(user != '' && pass !=''){
form = 'user=' + user + '&pass=' + pass + '&session=' + session;
connect = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP');
connect.onreadystatechange = function(){
if(connect.readyState == 4 && connect.status == 200){
if(parseInt(connect.responseText) == 1){
result = '<div class="w3-panel w3-display-container w3-green">';
result += '<span onclick="this.parentElement.style.display=';
result += "'none'";
result += '" ';
result += 'class="w3-btn w3-display-topright">X</span>';
result += '<p>Acceso</p>';
result += '<p>Conectando...</p>';
result += '</div>';
location.href='?view=index';
document.getElementById("message").innerHTML = result;
}else{
result = '<div class="w3-panel w3-display-container w3-red">';
result += '<span onclick="this.parentElement.style.display=';
result += "'none'";
result += '" ';
result += 'class="w3-btn w3-display-topright">X</span>';
result += '<p>Error</p>';
result += '<p>Credenciales incorrectas.</p>';
result += '</div>';
document.getElementById("message").innerHTML = result;
}
}else if(connect.readyState != 4){
result = '<div class="w3-panel w3-display-container w3-yellow">';
result += '<span onclick="this.parentElement.style.display=';
result += "'none'";
result += '" ';
result += 'class="w3-btn w3-display-topright">X</span>';
result += '<p>Conectando</p>';
result += '<p>Procesando...</p>';
result += '</div>';
document.getElementById("message").innerHTML = result;
}
}
connect.open('POST','?view=login',true);
connect.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
connect.send(form);
//window.alert("Bienvenido");
}else{
result = '<div class="w3-panel w3-display-container w3-yellow">';
result += '<span onclick="this.parentElement.style.display=';
result += "'none'";
result += '" ';
result += 'class="w3-btn w3-display-topright">X</span>';
result += '<p>Error</p>';
result += '<p>Usuario y contraseña no pueden estar vacíos.</p>';
result += '</div>';
document.getElementById("message").innerHTML = result;
}
}
}
Your help please.