ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am trying to create a web page where a user can register and log in. I want to use a javascript function where before the page loads the function checks if the user is already logged in. If he/she has signed in a welcome message will appear. If not, the user will be asked for his username and password.
I would be really obliged if anyone could help me with this.
That is probably not something that you want to do in javascript. As a practical matter, you cannot do anything in javascript until after the page has loaded.
In general, anything that runs on the client (javascript) can be hacked, broken, bypassed or modified by a malicious user.
What goes out to the client should have already been authenticated as necessary on the server, and the server should re-authenticate each and evey request before returning anything to the client. What goes to the client, authentication-wise, should only be non-forgable identifying tokens.
Last edited by astrogeek; 05-08-2017 at 07:58 PM.
Reason: typos, grammar, thoughts
Thanks for your replies. To be more clear with my description I want to make it look like exactly like as the linuxquestions log in form.
As you said I will need server-side code to do that. The server ideally will open an sql database, check for the username and password and reply to the client.
Because I do not have a lot of experience with javascript can someone can give some example code, especially how the server-side code would look like.
Although not really complex, that is a question with many possible answers.
You almost certainly want to use PHP as the scripting language and MySQL as the database.
Rather than try answer it piece-wise, I did a search for 'php mysql login example' and found quite a few hits that looked useful.
This one, PHP Login and Registration Script with MySQL Example appears on first look to be simple but complete, well written and covers everything from the PHP code to the MySQL database table and queries. It is probably a good place to start.
I would suggest that you try to work through the example there, and maybe look for others that suite your reading style. Then if you encounter problems implementing your own you will be able to ask specific questions and we will be able to provide more useful answers.
Often, client-side code is simply trusting. It checks for the existence of a cookie that is known to be furnished by the host when the user successfully logs in. (This cookie-value often includes the account-name of the user, in clear text, or provides this as some other cookie's value.) If the JavaScript finds this cookie, and is able to split-apart its value as described, it simply "acts accordingly, and hopes for the best." If not, it presents that the user is "not yet logged-in."
And, typically, this is "good enough."
Last edited by sundialsvcs; 05-13-2017 at 07:57 AM.
Like many newbie PHP tutorials, it leads you into creating production websites with critical, and I mean critical, security vulnerabilities. This is not a topic for which "go google it" is the right answer.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.