I have an html form in login.php where a user inputs a username and password. I then validate that they entered data in both fields with html function validateForm(). If this returns true I want to call check_user_pw.php file that validates that the username is valid and that their password has not expired against the database using OCI. If this returns true, I want to submit the form for login via $str_submit. I need the check_user_pw.php file to run after the user enters data in the form in order to query the database for the information they entered. Can you please tell me how to add the php file to the onsubmit button so that both the validateForm() and check_user_pw.php are executed prior to the form submitting? And, can I return a boolean value like a function from a php file or should I use a parameter to pass back to the login.php to determine if I submit the form or not?
login.php (partial code):
<?php
<script>
function validateForm()
{
var u=document.forms["LoginForm"]["ssousername"].value;
var p=document.forms["LoginForm"]["password"].value;
var x=new Boolean(true);
if (u==null || u=="" || p==null || p=="")
{
alert("Username and password must be entered");
x=false;
}
return x;
}
</script>
<form action="<? php print($str_submit) ?>" onsubmit="return validateForm()" method="post" name="LoginForm" AutoComplete="off">
<input type='hidden' name='site2pstoretoken' value='<?php print($str_token) ?>'>
<input type='hidden' name='W_url' value='<?php print($str_submit) ?>'>
<input type='hidden' name='subscribername' value='<?php print($subscribername) ?>'>
<table id="logintab">
<tr><td><font class="standard_div">User Name:</font></td><td><input type='text' name='ssousername' size='25' maxlength='30' value=''></td>
<td><div class="notes_div">(not case sensitive)</div></td></tr>
<tr><td><div class="standard_div">Password:</div></td><td><input type='password' name='password' size='25' maxlength='30' value=''></td>
<td><div class="notes_div">(case sensitive)</div></td></tr>
</table>
</form>
<?
check_user_pw.php:
<?php
$ssousername = $_POST['ssousername'];
$ssousername = strtoupper($ssousername);
//Clear out variables
unset($g_enabled_yn, $g_msg, $g_pw_last_chg, $pw_to_exp);
$today = date('m/d/y');
$today_p10 = date('m/d/y', strtotime('+' . 10 . ' days')); //today + 10 days
$c = ocilogon("a_imps", "*******", "test");
//Check if user enabled.
$s = ociparse($c, "begin a_imps.is_portal_user_enabled(:bv2, :bv3, :bv4); end;");
ocibindbyname($s, ":bv2", $ssousername); //input bind variable
ocibindbyname($s, ":bv3", $g_enabled_yn,1); //output bind variable
ocibindbyname($s, ":bv4", $g_msg,300); //output bind variable
ociexecute($s);
//Check pw expiration.
$s = ociparse($c, "begin :bv := ods.get_last_pwchg(:bv2); end;");
ocibindbyname($s, ":bv2", $ssousername); //input bind variable
ocibindbyname($s, ":bv", $g_pw_last_chg, 8); //output bind variable
ociexecute($s);
ocilogoff($c);
$ssousername = strtoupper($ssousername);
GLOBAL $ret;
$ret = true;
if ($g_enabled_yn == "N") //If account disabled, display message.-->
{
?>
<script>
alert("<? php print($g_msg) ?>");
</script>
<script> <!--Clear history and go back to main page-->
var Backlen=history.length;
history.go(-Backlen);
window.location.href="http://imps-forms.main_page"
</script>
<?php
$ret = false;
}
else
if ($g_pw_last_chg != "" && $g_pw_last_chg != null)
{
//60 days from last chg pw date, pw will expire. Change nbr below to 60
$pw_to_exp = date('m/d/y', strtotime($g_pw_last_chg. '+' . 80 . ' days'));
if ($pw_to_exp <= $today)
{
?>
<script type="text/javascript">
alert("Your password expired on <?php echo $pw_to_exp; ?>");
</script>
<script> <!--Clear history and go back to main page-->
var Backlen=history.length;
history.go(-Backlen);
window.location.href="http://imps-forms.main_page"
</script>
<?php
$ret = false;
}
}
return $ret;
?>
