我在jquery验证中使用远程方法。我得到了完美的结果。。bt提交表单后返回回波值。
这是我的形式
<form method="post" id="backendloginForm">
<div>
<span id="unameerror" style="color:#F30"></span>
<input type="text" class="form-control" id="luname" name="luname" placeholder="Username" />
</div>
<div>
<span id="passerror" style="color:#F30"></span>
<input type="password" class="form-control" id="lpass" name="lpass" placeholder="Password" />
</div>
<div>
<button type="submit" class="btn btn-default submit" name="login">Log in</button>
<a href="#toregister" class="to_register">Forget password?</a>
</div>
<div class="clearfix"></div>
<div class="separator">
</div>
这是我的js
$(document).ready(function() {
$("#backendloginForm").validate({
onkeyup: false,
rules: {
luname: {
required: true,
remote: {
url: "mykcpa/Backend-Controller.php",
type: "post",
dataType: "json",
data: {
luname: function(){ return $("#luname").val(); }
},
}
},
lpass: {
required: true,
remote: {
url: "mykcpa/Backend-Controller.php",
type: "post",
dataType: "json",
data: {
sluname: function(){ return $("#luname").val(); },
slpass: function(){ return $("#lpass").val(); }
},
}
},
},
messages: {
luname: {
required: "(Please enter your username)",
remote: "(Username does not exists)",
},
lpass: {
required: "(Please enter your password)",
remote: "(Your password is wrong)",
}
},
errorPlacement: function(error, element) {
if(element.attr("name") == "luname"){
error.appendTo($('#unameerror'));
}
if(element.attr("name") == "lpass"){
error.appendTo($('#passerror'));
}
}
});
});
这是我的php代码
在模型中
function login_check_username()
{
$luname=$_REQUEST['luname'];
$lget=mysql_query("select * from users where username='$luname'");
$num=mysql_num_rows($lget);
return $num;
}
//for login password check
function login_check_password()
{
$sluname=$_REQUEST['sluname'];
$slget=mysql_query("select * from users where username='$sluname'");
$sel=mysql_fetch_array($slget);
$ppp=$sel['password'];
return $ppp;
}
在控制器中
if(isset($_REQUEST['luname']))
{
$num=$obj->login_check_username();
if($num==1)
{
echo json_encode(TRUE);
}
else
{
echo json_encode(FALSE);
}
}
//for login password check
if(isset($_REQUEST['sluname']) && ($_REQUEST['slpass']))
{
$sspass=$_REQUEST['slpass'];
$mpass=md5($sspass);
$ppp=$obj->login_check_password();
if($mpass==$ppp)
{
echo json_encode(TRUE);
}
else
{
echo json_encode(FALSE);
}
}
这很完美。。。bt提交页面后没有重定向到主页。。。我得到了真实的信息。。。。我不想。。。
plzz帮我……如何在提交表单后隐藏真实消息
您真的应该引入SQLInjection保护以下是的示例
$username = mysqli_real_escape_string($mysqli, $username);
$password = encryptpassword(mysqli_real_escape_string($mysqli, $password));
$firstname = mysqli_real_escape_string($mysqli, $firstname);
$lastname = mysqli_real_escape_string($mysqli, $lastname);
$email = mysqli_real_escape_string($mysqli, $email);
$phone = mysqli_real_escape_string($mysqli, $phone);
$mysqli = new mysqli("xxx", "xxx", "xxx", "xx");
if($mysqli->connect_errno > 0){ die('Unable to connect to the database'); }
$stmt = $mysqli->prepare("INSERT INTO accounts (username, password, firstname, lastname, email, phone, active, hostingplan, domain, domain2) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
$stmt->bind_param("ssssssssss", $username, $password, $firstname, $lastname, $email, $phone, $active, $hosting_plan, $domain, $domain2);
$stmt->execute();
$stmt = $mysqli->prepare("SELECT username, email_confirm_code FROM accounts_confirm WHERE email_confirm_code = ?");
$stmt->bind_param("s", $email_confirm_code);
$stmt->execute();
$stmt->bind_result($username, $confirmcode);
$stmt->fetch();
$stmt->reset();
$stmt->close();