0

I have a login form that collects the user's e-mail and password. I send that through AJAX to be validated on the server side. AJAX sends back a response to indicate whether the login succeeded or that the user needs to register first or that the login failed and the user has x number of attempts left before the system will block their login attempts for a period of time. I am successful in this including the prevention of the e-mail and password showing up in the browser's URL address line. I believe I succeeded in this by using e.preventDefault() in the jQuery script that processes the click of the submit button.

When I use the preventDefault() function, it also prevents HTML validation of data on the client side. I like its immediate and sufficient validation to indicate problems such as when a user hasn't even entered data in a field before submission. Furthermore, the HTML validation is more helpful than an alter by indicating exactly which input field has failed its validation. I do additional validation both on the client and server sides.

I want both features: 1) HTML validation feedback before the AJAX verification; 2) No email or password showing in the URL address line for God and Country to see.

I have searched for solutions, but it is possible that the HTML validation is still new enough and not that sufficient for true validation that many developers are not trying to achieve the goal I have stated here. Therefore, I could not find information that addressed this set of issues simultaneously. I would really appreciate feedback about how to achieve this in the manner I am trying to do or suggested other approaches that achieve the same user-friendly ends I intend. Here is the jQuery code I am using when the user clicks the Submit button.

            // Main log in
            $("#login_button").click(function(e) {
                e.preventDefault();
                var email = $('#login_email').val();
                var password = $('#login_password').val();
                $.post('inner_pages/login_processing.php', {'login_email':email, 'login_password':password}, function(data) { //make ajax call to check_email.php
                    alert(data);
                });
            }); // End of log in
LyradV
  • 1
  • 1
  • According to this post http://stackoverflow.com/questions/5688122/html5-form-validation-void-form-action-and-execute-jquery-when-all-html5-form-e e.preventDefault() does not surpress HTML validation. Furthermore, if you send a Ajax request, why should the credentials be shown in the browser's address line? – Chrisissorry Oct 16 '14 at 06:33

1 Answers1

0

I have no idea about the HTML Validation but you could remove the e-mail and password in the URL by:

window.location.hash = '';

Daan
  • 2,680
  • 20
  • 39