0

I'm starting developing an app and I'm having trouble with the login.

I have a form with an Ajax call to a PHP service to validate the user, I uploaded both files to my server and it works perfect. I input user and password, goes to the PHP file and validate the user, so far so good.

The problem is that these two files will be in different servers. Now I have the PHP file hosted on my server, and the form/ajax call localhost and it doesn't work.

Here's the code:

PHP:

<?php
header('Content-type: application/json');
$server = "localhost";
$username = "****";
$password = "****";
$database = "*****";

$con = mysql_connect($server, $username, $password) or die ("Error: " . mysql_error());

mysql_select_db($database, $con);

$user = mysql_real_escape_string($_POST["user"]);
$pass = mysql_real_escape_string($_POST["pass"]);

$result = mysql_query("SELECT * FROM Usuarios WHERE IdUsuario = '" . $user . "' AND Clave = '" . $pass . "'");

$numResults = mysql_num_rows($result);

echo $numResults;

mysql_close($con);
?>

JS:

$( document ).ready(function() {

    $('form').submit(function(event){
        event.preventDefault();

        var user = $(this).find("#user").val();
        var pass = $(this).find("#pass").val();

        $.ajax({
            type: 'POST',
            crossdomain: true,
            data: 'user=' + user + '&pass=' + pass,
            url: 'http://www.url.com/login.php',
            success: function(data){
                if(data == 1){
                    alert("YES!");    
                }else{
                    alert("NO");
                }
            },
            error: function(){
                alert('Error');
            }
        }); 
        return false;
    });
});

I have also tried with dataType: "json" and "jsonp"

Agustín
  • 1,546
  • 7
  • 22
  • 41
  • 1
    You're using the outdated MySQL family in PHP – please take a look at PDO or MySQLi. Also, storing passwords in plain text isn't a good idea. Please give more details when you say "it doesn't work" – does nothing come back? Or does always "NO" come back? – ljacqu Jul 02 '14 at 18:43
  • Please do not store passwords on plain text in your database...btw your code is vulnerable to sql injection... – Hackerman Jul 02 '14 at 18:46
  • thanks for the advices, I will do that. It always comes to ERROR callback – Agustín Jul 02 '14 at 18:50

1 Answers1

1

You need to change

    data: 'user=' + user + '&pass=' + pass,

to

    data: {user : user, pass : pass},
Lewis
  • 14,132
  • 12
  • 66
  • 87
  • @Agustín: can you offer more information in reply? If you don't then Orion (or anyone else) may not be sure how to help you further. Have you examined the AJAX op in your browser's network panel? – halfer Jul 02 '14 at 18:55