1

Newbie here in AJAX i got this code, Please help, my code keeps going to the sec_reg.php page even if the password is mismatch, or even when the form is valid, i want the user to stay on current page even if he submits a form. Here is my code

Here is my form

    <h4>ADD ANOTHER ADMIN</h4>
     <form action="sec_reg.php" method="post" name="registration_form">
     <br>
     <p>

     <strong>Email</strong>
     <br>
     <br>
    <input class="acc_input" type="text" id="email" name="email"placeholder="Email">

    </p>
    <br>
    <p>
   <strong>        Password</strong>
    <br>
    <br>
    <input class="acc_input" type="password" name="password" id="password" placeholder="Password">
    <br /><br />
    <strong>        Confirm Password</strong>
    <br>
    <br>
    <input class="acc_input" type="password" name="cpassword" id="cpassword" placeholder="Confirm Password">

    <input type="hidden" name="p" id="p" value="">
    <br>

   </p>
    <button type="submit" class="btnsubmit" onclick="formhash(this.form,  
 this.form.password, this.form.p);" ><strong>Register</strong></button>

    </form>

Here is the script for forhash(the password needs to be hash before sending for security)

<script src="sha512.js"></script>
<script>
function formhash (form, password)
{
 var pass1 = document.getElementById("password").value;
var pass2 = document.getElementById("cpassword").value;
var ok = true;
if (password != cpassword) {
    //alert("Passwords Do not match");
    document.getElementById("password").style.borderColor = "#E34234";
    document.getElementById("cpassword").style.borderColor = "#E34234";
    ok = false;

}
else {


var p = document.createElement("input");    
form.appendChild(p);
p.name="p";
p.type="hidden";
p.value=hex_sha512(password.value);
password.value="";
form.submit();

 }
  }
 </script>

Here is my sec_reg.php

<?php
// Include database connection and functions here.
include '../Connections/mabini150_Conn.php';
if (isset($_POST['p']))
{
include 'login_Function.php';
 // The hashed password from the form
$password = $_POST['p'];
// Create a random salt
$random_salt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
// Create salted password (Careful with the chilli)
$password = hash('sha512', $password.$random_salt);
$username='nousername';
$email = $_POST['email'];
if ($insert_stmt = $mysqli->prepare("INSERT INTO members (username, email, password, salt) VALUES (?, ?, ?, ?)"))
{
$insert_stmt->bind_param('ssss', $username, $email, $password, $random_salt);
// Execute the prepared query.
$insert_stmt->execute();
Improve this question

1 Answer 1

Reset to default
3

You need to return false after the call to formhash(); in your onclick attribute.

<button type="submit" class="btnsubmit"
    onclick="formhash(this.form, this.form.password, this.form.p); return false;" ><strong>Register</strong></button>

Otherwise the button will submit no matter what.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.