Im trying to make a login system. PHP cant be used to send data to the server since i need to run it in phone applications. It seems like all AJAX does is change the URL of my browser window when testing it, and nothing gets send to the server. Code below. The regformhash() only hashes the password. Nothing else. HTML:
<form action="#" id="registration_form">
Username: <input type='text' name='username' id='username' /><br>
Email: <input type="text" name="email" id="email" /><br>
Password: <input type="password" name="password" id="password"/><br>
Confirm password: <input type="password" name="confirmpwd" id="confirmpwd" /><br>
<input type="button" value="Register"
onclick="return regformhash(this.form,
this.form.username,
this.form.email,
this.form.password,
this.form.confirmpwd);" />
</form>
<p id="answer">Test</p>
Script:
$('#registration_form').submit(function( event ) {
event.preventDefault();
var formData = $("#registration_form").serializeArray();
$.ajax({
url : 'register.php',
type : "POST",
data : formData,
success: function(data) {
alert("Yes" +data);// alert the data from the server
},
error: function() {
alert("No" + data);
}
});
});
PHP:
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['p'];
$skips = 5;
echo "succes";
Put your function call on your form submit handler...
<form action="#" id="registration_form" onsubmit="return regformhash(...);">
Username: <input type='text' name='username' id='username' /><br>
Email: <input type="text" name="email" id="email" /><br>
Password: <input type="password" name="password" id="password"/><br>
Confirm password: <input type="password" name="confirmpwd" id="confirmpwd" /><br>
<input type="submit" value="Register" />
</form>
<p id="answer">Test</p>
That way, the form will abort submission when your function returns false.
In addition, PHP is run on the server. Javascript is what carries out AJAX stuff.
HTML :
<form action="#" id="registration_form">
Username: <input type='text' name='username' id='username' /><br>
Email: <input type="text" name="email" id="email" /><br>
Password: <input type="password" name="password" id="password"/><br>
Confirm password: <input type="password" name="confirmpwd" id="confirmpwd" /><br>
<input type="submit" value="Register" />
</form>
<p id="answer">Test</p>
SCRIPT :
$('#registration_form').submit(function( event ) {
event.preventDefault();
var formData = $("#registration_form").serializeArray();
$.ajax({
url: "register.php",
type : "POST",
data : formData,
beforeSend: function( xhr ) {
return regformhash($('#registration_form'),$('#username'),$('#email'),$('#password'),$('#confirmpwd'));
}
})
.done(function( data ) {
alert("Yes" +data);// alert the data from the server
})
.fail(function( jqXHR, textStatus ) {
alert( "Request failed: " + textStatus );
});
});
You have used success: and error:, which are deprecated, use .done() and .fail() respectively.
Added your function to regformhash() beforeSubmit! Let me know if it is working for you!!
The reason it 'copies the values to the url' is because you're sending the form as a GET request. Your submit override is not working, so the normal submit is being used, which means a GET with the parameters in the url.
On your PHP side you only check for POST parameters so it looks like it's an initial request instead of a postback.
I doubt you really need ajax here at all, just remove the ajax stuff, use a normal submit button, and put the form method on POST.
As a sidenote, you did not include the 'regformhash' function, but judging from the name, you're trying to hash the password. Hashing on the client side makes no sense what so ever. Any attacker can see your hashing method. Hashing needs to be done on the server. The password is normally sent in plaintext. That is why any normal site uses HTTPS to log in.