I'm implementing a user loggin page for my website. I want to check whether a user has logged in or not. I have my javascript code for checking if an account exist in the database yet but how do I make my application knows whether a user executed this function already which means he has already logged-in because now anyone can access my dashboard I have no way to check. Here's what I have treid so far.
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Loggiin</title>
<script>
const mysql = require('mysql');
const con = mysql.createConnection({
host: "localhost:3306",
user: "root",
password: "mpNeR2w"
});
function signin(e, username, password) {
var sql = `SELECT username, password FROM user WHERE username='${username}' and password='${hash(password)}')`
con.query(sql, function (err, result, fields) {
if(err) {
console.log('Invalid username or password.');
}
});
location.href = "/dashboard";
e.preventDefault();
}
// I did the research that we should hash password before saving it to the database here's my hash function
function func(string) {
//set variable hash as 0
var hash = 0;
// if the length of the string is 0, return 0
if (string.length == 0) return hash;
for (i = 0 ;i<string.length ; i++)
{
ch = string.charCodeAt(i);
hash = ((hash << 5) - hash) + ch;
hash = hash & hash;
}
return hash;
}
</script>
</head>
<body>
<h2>Welcome to our website</h2>
<h4>Please loggin to your account.</h4>
<form method="post" onsubmit="signin">
<input id="username" name="username" />
<input id="password" name="password" />
<button type="submit">Signin</button>
</form>
</body>
</html>
