I'm a total noob in php and json programming so this is very difficult to me. I'm trying to do a simple login page for my app, that's the only thing that I don't know how to do. On login form click this jquery happens.
function signin(){
$login_form = $('#login-form');
var fields = $login_form.serialize();
$.ajax({
type: "POST",
url: "192.168.1.2/_modules_/login.php",
data: fields,
dataType: 'json',
success: function(error){
if(!error.status){
{$.ui.loadContent("main", null, null, "fade");}
}else{
$('#error').empty().html(error.html);
}
}
});
And post to the php
<?php
function conndb(){
$servername = "localhost";
$username = "admin";
$password = "test";
$dbname = "appsys";
$conn = mysql_connect($servername,$username,$password,$dbname);
/*try {
$conn = new PDO("mysql:host=$servername;dbname=appsys", $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $e)
{
$this->error['status'] = false;
$this->error['html'] = "Connection failed: " . $e->getMessage();
echo json_encode($error);
}*/
}
function login(){
conndb();
$error = array();
$error['status'] = $this->error_status;
$error['html'] = $this->error_html;
$exist = mysql_fetch_array(mysql_query("SELECT * FROM eq_tecnicos WHERE codigo='".secure($_POST['user'])."' AND pass='".secure($_POST['pass'])."'"));
if(!$exist)
{ unset($_POST['user'],$_POST['pass']); $error['status'] = true; echo json_encode($error);}
else {
$error['status'] = false;
$error['html'] = '<p>Error</p>';
echo json_encode($error);
}
}
?>
If this works, it's secure?? Thanks in advance!
