On the template page, the following is written before the rest of the page's contents:
<?php
// If login form submitted
if (isset($_POST['a']))
{
$valid = false;
$redirect = isset($_REQUEST['redirect']) ? $_REQUEST['redirect'] : 'index.php';
// Check fields
if (!isset($_POST['login']) or strlen($_POST['login']) == 0)
{
$error = 'Please enter your user name';
}
elseif (!isset($_POST['pass']) or strlen($_POST['pass']) == 0)
{
$error = 'Please enter your password';
}
else
{
/*
* Do whatever here to check user login
*/
$valid = ($_POST['login'] == 'admin' and $_POST['pass'] == 'admin');
if (!$valid)
{
$error = 'Wrong user/password, please try again';
}
}
// Check if AJAX request
$ajax = (isset($_SERVER['HTTP_X_REQUESTED_WITH']) and strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest');
// If user valid
if ($valid)
{
// Handle the keep-logged option
if (isset($_POST['keep-logged']) and $_POST['keep-logged'] == 1)
{
// Set cookie or whatever here
}
if ($ajax)
{
header('Cache-Control: no-cache, must-revalidate');
header('Expires: '.date('r', time()+(86400*365)));
header('Content-type: application/json');
echo json_encode(array(
'valid' => true,
'redirect' => $redirect
));
exit();
}
else
{
header('Location: '.$redirect);
exit();
}
}
else
{
if ($ajax)
{
header('Cache-Control: no-cache, must-revalidate');
header('Expires: '.date('r', time()+(86400*365)));
header('Content-type: application/json');
echo json_encode(array(
'valid' => false,
'error' => $error
));
exit();
}
}
}
?>
The AJAX script is here:
<script type="text/javascript">
$(document).ready(function()
{
// We'll catch form submission to do it in AJAX, but this works also with JS disabled
$('#login-form').submit(function(event)
{
// Stop full page load
event.preventDefault();
// Check fields
var login = $('#login').val();
var pass = $('#pass').val();
if (!login || login.length == 0)
{
$('#login-block').removeBlockMessages().blockMessage('Please enter your user name', {type: 'warning'});
}
else if (!pass || pass.length == 0)
{
$('#login-block').removeBlockMessages().blockMessage('Please enter your password', {type: 'warning'});
}
else
{
var submitBt = $(this).find('button[type=submit]');
submitBt.disableBt();
// Target url
var target = $(this).attr('action');
if (!target || target == '')
{
// Page url without hash
target = document.location.href.match(/^([^#]+)/)[1];
}
// Request
var data = {
a: $('#a').val(),
login: login,
pass: pass
};
var redirect = $('#redirect');
if (redirect.length > 0)
{
data.redirect = redirect.val();
}
// Start timer
var sendTimer = new Date().getTime();
// Send
$.ajax({
url: target,
dataType: 'json',
type: 'POST',
data: data,
success: function(data, textStatus, XMLHttpRequest)
{
if (data.valid)
{
// Small timer to allow the 'cheking login' message to show when server is too fast
var receiveTimer = new Date().getTime();
if (receiveTimer-sendTimer < 500)
{
setTimeout(function()
{
document.location.href = data.redirect;
}, 500-(receiveTimer-sendTimer));
}
else
{
document.location.href = data.redirect;
}
}
else
{
// Message
$('#login-block').removeBlockMessages().blockMessage(data.error || 'An unexpected error occured, please try again', {type: 'error'});
submitBt.enableBt();
}
},
error: function(XMLHttpRequest, textStatus, errorThrown)
{
// Message
$('#login-block').removeBlockMessages().blockMessage('Error while contacting server, please try again', {type: 'error'});
submitBt.enableBt();
}
});
// Message
$('#login-block').removeBlockMessages().blockMessage('Please wait, cheking login...', {type: 'loading'});
}
});
});
</script>
Here is the code for my current login script:
<?php
// Load the common classes
require_once('../includes/common/KT_common.php');
// Load the tNG classes
require_once('../includes/tng/tNG.inc.php');
// Make a transaction dispatcher instance
$tNGs = new tNG_dispatcher("../");
// Make unified connection variable
$conn_JetMedia = new KT_connection($JetMedia, $database_JetMedia);
// Start trigger
$formValidation = new tNG_FormValidation();
$formValidation->addField("kt_login_user", true, "text", "", "", "", "");
$formValidation->addField("kt_login_password", true, "text", "", "", "", "");
$tNGs->prepareValidation($formValidation);
// End trigger
// Make a login transaction instance
$loginTransaction = new tNG_login($conn_JetMedia);
$tNGs->addTransaction($loginTransaction);
// Register triggers
$loginTransaction->registerTrigger("STARTER", "Trigger_Default_Starter", 1, "POST", "kt_login1");
$loginTransaction->registerTrigger("BEFORE", "Trigger_Default_FormValidation", 10, $formValidation);
$loginTransaction->registerTrigger("END", "Trigger_Default_Redirect", 99, "{kt_login_redirect}");
// Add columns
$loginTransaction->addColumn("kt_login_user", "STRING_TYPE", "POST", "kt_login_user");
$loginTransaction->addColumn("kt_login_password", "STRING_TYPE", "POST", "kt_login_password");
$loginTransaction->addColumn("kt_login_rememberme", "CHECKBOX_1_0_TYPE", "POST", "kt_login_rememberme", "0");
// End of login transaction instance
// Execute all the registered transactions
$tNGs->executeTransactions();
// Get the transaction recordset
$rscustom = $tNGs->getRecordset("custom");
$row_rscustom = mysql_fetch_assoc($rscustom);
$totalRows_rscustom = mysql_num_rows($rscustom);
?>