I was trying to build a secured area where the user has to log in through a login form. Nothing special here and I used what I always did : - a login - a success page I am using AJAX in order to validate the form
I though it would be more secured to have this into two distinct php pages so a user cannot hack in any way the DOM and go to the pageid of the success page -- since all the pages are supposed to be in the same file.
But I red this post : https://stackoverflow.com/a/15806954/1083453
and I don't know if it is finally possible to do what I am trying to do.
So my question is: How do I build a solid and secured login system with jQuery Mobile to work on any platform (W7/iOS/Android/Blackberry 10)
Thank you
EDIT:
For now I'm doing:
function verifyLogin(){
var email=document.getElementById("loginUserField").value;
var pwd=document.getElementById("loginPwdField").value;
$.ajax({
type : 'POST',
url : server_url + 'application/login', // Servlet URL
data:{
'email':email,
'pwd':pwd
},
success : function(data) {
if(data.logged_in){
alert("Login Success!!");
window.navigate("home.php");
} else {
alert("Invalid Login!!");
console.log( data );
if( data.errors ) {
//define
var error = {};
error.alert = data.errors;
//Append
var template = Handlebars.compile( $('#alertTemplate').html() );
$('#errors').empty().append( template(error) );
//Erase
error = {};
}
}
},
error : function(xhr, type) {
alert('server error occurred');
}
});
}
(the windows navigate doesn't work ..) but anyway, is it the right way to do it? this is a separated login.php form that let you access the ocntent of the app (let's say home.php)