Login System - PHP and JQuery [closed]

Navigation
1

Hi, I am doing a login system and I have doubts about its security, it is very simple and it does Ajax by JQuery from a PHP page with MySQL, the code is this:

HTML: 

<form id="loginForm" name="loginForm" action="teste.php" method="POST">
    <input type="text" name="loginUsuario" id="loginUsuario" class="input" value="NOME DE USÚARIO">
    <input type="text" name="loginSenha" id="loginSenha" class="input" value="SENHA">
    <input type="submit" name="loginEntrar" id="loginEntrar" class="input" value="ENTRAR">
</form>

JQuery: 

<script>
$(document).ready(function() {

    $("#loginEntrar").click(function() {
        var loginLogin = $("#loginUsuario").val();
        var loginSenha = $("#loginSenha").val();
        $("#loginEntrar").prop('disabled', true);
        $.post('login.php', {
            login: loginLogin,
            senha: loginSenha
        }, function(resposta) {
            if (resposta == true) {
                $("#loginForm").submit();
            }
        }, 'html');
        return false;
    });

});
</script>

PHP: login.php 

<?php

include "bd_connect.php";

$login=$_POST['login'];
$senha=$_POST['senha'];


$query = mysql_query("SELECT * FROM 'usuarios' WHERE login LIKE '$login' AND senha LIKE '$senha'") or die(mysql_error());
$totalres = mysql_num_rows($query);

if ($totalres == 1)
{
echo true;
}
else
{
echo false;
}

?>

How do I translate MySQL to mysqli and about this login method, is it safe?

    
asked by anonymous 20.03.2016 / 20:44

2 answers

0

MySQL for MySQLI changes a little, at most the function call if I'm not mistaken.

Now login to the query using LIKE? My suggestion is to leave with = and encrypt the bank passwords with md5.

In the file that you make connection to the bank, a way to be sure is also going through all the posts and get checking if there are no malicious characters of inject ... They are all good precautions to take

    
21.03.2016 / 04:53
0

For mysqli you can do this as follows: 

$link = mysqli_connect("localhost", "login", "senha", "bd");

$verifica = mysqli_query($link, "SELECT * from users WHERE id='$id'");

I gave an example, now it's apply to your case.

    
21.03.2016 / 06:18
Create Web service that receives strings [closed] Error setting up Ruby on Rails environment