Call html function and php file from onsubmit button -
i have html form in login.php user inputs username , password. validate entered data in both fields html function validateform(). if returns true want call check_user_pw.php file validates username valid , password has not expired against database using oci. if returns true, want submit form login via $str_submit. need check_user_pw.php file run after user enters data in form in order query database information entered. can please tell me how add php file onsubmit button both validateform() , check_user_pw.php executed prior form submitting? and, can return boolean value function php file or should use parameter pass login.php determine if submit form or not?
login.php (partial code):
<?php <script> function validateform() { var u=document.forms["loginform"]["ssousername"].value; var p=document.forms["loginform"]["password"].value; var x=new boolean(true); if (u==null || u=="" || p==null || p=="") { alert("username , password must entered"); x=false; } return x; } </script> <form action="<? php print($str_submit) ?>" onsubmit="return validateform()" method="post" name="loginform" autocomplete="off"> <input type='hidden' name='site2pstoretoken' value='<?php print($str_token) ?>'> <input type='hidden' name='w_url' value='<?php print($str_submit) ?>'> <input type='hidden' name='subscribername' value='<?php print($subscribername) ?>'> <table id="logintab"> <tr><td><font class="standard_div">user name:</font></td><td><input type='text' name='ssousername' size='25' maxlength='30' value=''></td> <td><div class="notes_div">(not case sensitive)</div></td></tr> <tr><td><div class="standard_div">password:</div></td><td><input type='password' name='password' size='25' maxlength='30' value=''></td> <td><div class="notes_div">(case sensitive)</div></td></tr> </table> </form> <? check_user_pw.php:
<?php $ssousername = $_post['ssousername']; $ssousername = strtoupper($ssousername); //clear out variables unset($g_enabled_yn, $g_msg, $g_pw_last_chg, $pw_to_exp); $today = date('m/d/y'); $today_p10 = date('m/d/y', strtotime('+' . 10 . ' days')); //today + 10 days $c = ocilogon("a_imps", "*******", "test"); //check if user enabled. $s = ociparse($c, "begin a_imps.is_portal_user_enabled(:bv2, :bv3, :bv4); end;"); ocibindbyname($s, ":bv2", $ssousername); //input bind variable ocibindbyname($s, ":bv3", $g_enabled_yn,1); //output bind variable ocibindbyname($s, ":bv4", $g_msg,300); //output bind variable ociexecute($s); //check pw expiration. $s = ociparse($c, "begin :bv := ods.get_last_pwchg(:bv2); end;"); ocibindbyname($s, ":bv2", $ssousername); //input bind variable ocibindbyname($s, ":bv", $g_pw_last_chg, 8); //output bind variable ociexecute($s); ocilogoff($c); $ssousername = strtoupper($ssousername); global $ret; $ret = true; if ($g_enabled_yn == "n") //if account disabled, display message.--> { ?> <script> alert("<? php print($g_msg) ?>"); </script> <script> <!--clear history , go main page--> var backlen=history.length; history.go(-backlen); window.location.href="http://imps-forms.main_page" </script> <?php $ret = false; } else if ($g_pw_last_chg != "" && $g_pw_last_chg != null) { //60 days last chg pw date, pw expire. change nbr below 60 $pw_to_exp = date('m/d/y', strtotime($g_pw_last_chg. '+' . 80 . ' days')); if ($pw_to_exp <= $today) { ?> <script type="text/javascript"> alert("your password expired on <?php echo $pw_to_exp; ?>"); </script> <script> <!--clear history , go main page--> var backlen=history.length; history.go(-backlen); window.location.href="http://imps-forms.main_page" </script> <?php $ret = false; } } return $ret; ?>
read ajax , maybe json. can task. 1 can fake form none of javascripts work. in case have validate user on server side. approach in form seems not right should read security in forms , @ other login scripts first.
Comments
Post a Comment