PDA

View Full Version : Incorrect login error IE only



redpanda
12-08-2008, 03:57 PM
Hi all,
I'm new to this site (and coding this complex) and was wondering if someone could help me....

Ok the website is
http://shootus.com.au/

I am having an issue with logging in on IE with an incorrect password. I have been told it is something to do with

line 329
character 5
document.getElementById('logform').innerHTML

and something to do with "names"....


I can post the code but i'm not sure really what code to post and to post it all might be exsessive, any help is really appriciated guys.


thanks in advance

Snookerman
12-08-2008, 04:06 PM
I am having an issue with logging in on IE with an incorrect password.
What exactly do you mean by that? Can you log in even with an incorrect password?

redpanda
12-08-2008, 05:29 PM
Sorry, i'm an idiot i just realised how bad that first post was. What i should of said is....

When logging in with an incorrect password in IE it hangs on the "checking" part of the process but won't login. With a correct password it works like it should.

Hope this helps and sorry i didn't explain it well to start with.

jscheuer1
12-08-2008, 05:39 PM
That may or may not be. However, in IE 7, there is an error here:


<script>
//XMLhttp variable will hold the XMLHttpRequest object

var xmlhttps = false;

// If the user is using Mozilla/Firefox/Safari/etc
if (window.XMLHttpRequest) {
//Intiate the object
xmlhttps = new XMLHttpRequest();
//Set the mime type
xmlhttps.overrideMimeType('text/xml');
}
// If the user is using IE
else if (window.ActiveXObject) {
//Intiate the object
xmlhttps = new ActiveXObject('Microsoft.XMLHTTP');
}
</script>


because IE 7 supports the window.XMLHttpRequest object, but not xmlhttps.overrideMimeType object. To correct that:


<script>
//XMLhttp variable will hold the XMLHttpRequest object

var xmlhttps = false;

// If the user is using Mozilla/Firefox/Safari/etc
if (window.XMLHttpRequest) {
//Intiate the object
xmlhttps = new XMLHttpRequest();
//Set the mime type
if (xmlhttps.overrideMimeType)
xmlhttps.overrideMimeType('text/xml');
}
// If the user is using IE
else if (window.ActiveXObject) {
//Intiate the object
xmlhttps = new ActiveXObject('Microsoft.XMLHTTP');
}
</script>


That code has other issues in some browsers. Though just that much should get it working in those that support one of those two methods.

This may be the only error for IE, but there could be others.

redpanda
12-09-2008, 03:55 AM
Thanks, i am going to try it now and will let everyone know what happens,

Cheers

redpanda
12-09-2008, 04:03 AM
Sorry mate, no such luck, it's still hanging on the checking part of the process if the wrong password is entered.

Someone said it might be to do with this following line (in bold)



function loginChk() {
//Put the form data into a variable
var username = document.getElementById('username').value;
var password = document.getElementById('password').value;

//If the form data is *not* blank, query the DB and return the results
if(username !== '' && password != '') {
//Change the content of the 'result' DIV to 'Searching...'
//This gives our user confidence that the script is working if it takes a moment for the result to be returned. However the user will likely never see this as the result will be returned in an instant...
//document.getElementById('fillin').innerHTML = 'Searching...';

//This sets a variable with the URL (and query strings) to our PHP script
var url = 'chkLogin.php?username=' + username + '&password=' + password;
//Open the URL above 'asynchronously'(thats what the 'true' is for) using the GET method
xmlhttps.open('GET', url, true);
//Check that the PHP script has finished sending us the result
xmlhttps.onreadystatechange = function() {
if(xmlhttps.readyState == 4 && xmlhttps.status == 200) {
//Replace the content of the 'result' DIV with the result returned by the PHP script
document.getElementById('logForm').innerHTML = xmlhttps.responseText + ' ';
} else {
//If the PHP script fails to send a response, or sends back an error, display a simple user-friendly notification
document.getElementById('logForm').innerHTML = '<font color="#FFFFFF" face="Verdana" size="2"><i>Checking....</i></font>';
}
};
xmlhttps.send(null);
}
else
document.getElementById('logForm').innerHTML = '<font color="#FF0000" face="Verdana" size="2"><b>Enter Username and password</b></font>';

}

jscheuer1
12-09-2008, 04:35 AM
Using innerHTML with a form is a no-no of sorts. Potentially it can really confuse the heck out of the browser. But that may or may not be at issue here. It would help to have an idea of how things go if the name and password are correct. In such a case, does the form's innerHTML get replaced, or does something else happen?

redpanda
12-09-2008, 05:30 AM
Not sure really how it all works but it logs in alright and everything.

jscheuer1
12-09-2008, 05:45 AM
Is there a guest user and password then, so I can see for myself?

jscheuer1
12-09-2008, 06:09 AM
OK, after playing around a bit, this (on http://shootus.com.au/):


<form action="" method="post" name="frmLogin" onsubmit="return checkLogin()">
<input type="hidden" name="frmAction" value="Login" />
<div id="logForm"><table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td></td>
<td width="130">&nbsp;</td>
<td class="style9"></td>
<td class="style8">&nbsp;Username&nbsp;</td>
<td><input name="username" type="text" class="style8" id="username" /></td>
<td class="style8">&nbsp;Password&nbsp;</td>
<td><input name="password" type="password" class="style8" id="password" /></td>
<td>&nbsp;<input name="Submit" type="button" class="style8" value="Submit" onclick="javascript:loginChk()" /></td>
<td width="130"></td>
</tr>

<tr>
<td></td>
<td></td>
<td></td>
<td></td>
<td class="style8">&nbsp;<a href="register.php" title="register" rel="gb_page_center[500, 600]">Register here</a> </td>
<td></td>
<td class="style8">&nbsp;<a href="retrieve_password.php" title="Retrieve Password" rel="gb_page_center[450, 380]">Lost Password?</a></td>
<td></td>

</tr>
</table></div>
</form>

Should be:


<div id="logForm"><form action="" method="post" name="frmLogin" onsubmit="return checkLogin()">
<input type="hidden" name="frmAction" value="Login" />
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td></td>
<td width="130">&nbsp;</td>
<td class="style9"></td>
<td class="style8">&nbsp;Username&nbsp;</td>
<td><input name="username" type="text" class="style8" id="username" /></td>
<td class="style8">&nbsp;Password&nbsp;</td>
<td><input name="password" type="password" class="style8" id="password" /></td>
<td>&nbsp;<input name="Submit" type="button" class="style8" value="Submit" onclick="javascript:loginChk()" /></td>
<td width="130"></td>
</tr>

<tr>
<td></td>
<td></td>
<td></td>
<td></td>
<td class="style8">&nbsp;<a href="register.php" title="register" rel="gb_page_center[500, 600]">Register here</a> </td>
<td></td>
<td class="style8">&nbsp;<a href="retrieve_password.php" title="Retrieve Password" rel="gb_page_center[450, 380]">Lost Password?</a></td>
<td></td>

</tr>
</table>
</form></div>

But, depending upon what happens with a successful login, that might or might not work out too well for that. Chances are it will be fine.

Also, this (on chkLogin.php):


<font color="#FF0000" face="Verdana" size="2"><b>Invalid Login. Please try again</font><br /><form action="" method="post" name="frmLogin" onsubmit="return checkLogin()">
<input type="hidden" name="frmAction" value="Login" />
<div id="logResults"></div>
<div id="logForm"><table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td></td>
<td width="130">&nbsp;</td>
<td class="style9"></td>
<td class="style8">&nbsp;Username&nbsp;</td>
<td><input name="username" type="text" class="style8" id="username" /></td>
<td class="style8">&nbsp;Password&nbsp;</td>
<td><input name="password" type="password" class="style8" id="password" /></td>
<td>&nbsp;<input name="Submit" type="button" class="style8" value="Submit" onclick="javascript:loginChk()" /></td>
<td width="130"></td>
</tr>

<tr>
<td></td>
<td></td>
<td></td>
<td></td>
<td class="style8">&nbsp;<a href="register.php" title="register" rel="gb_page_center[500, 600]">Register here</a> </td>
<td></td>
<td class="style8">&nbsp;<a href="retrieve_password.php" title="Retrieve Password" rel="gb_page_center[450, 380]">Lost Password?</a></td>
<td></td>

</tr>
</table></div>
</form>

should be:


<font color="#FF0000" face="Verdana" size="2"><b>Invalid Login. Please try again</font><br /><form action="" method="post" name="frmLogin" onsubmit="return checkLogin()">
<input type="hidden" name="frmAction" value="Login" />
<div id="logResults"></div>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td></td>
<td width="130">&nbsp;</td>
<td class="style9"></td>
<td class="style8">&nbsp;Username&nbsp;</td>
<td><input name="username" type="text" class="style8" id="username" /></td>
<td class="style8">&nbsp;Password&nbsp;</td>
<td><input name="password" type="password" class="style8" id="password" /></td>
<td>&nbsp;<input name="Submit" type="button" class="style8" value="Submit" onclick="javascript:loginChk()" /></td>
<td width="130"></td>
</tr>

<tr>
<td></td>
<td></td>
<td></td>
<td></td>
<td class="style8">&nbsp;<a href="register.php" title="register" rel="gb_page_center[500, 600]">Register here</a> </td>
<td></td>
<td class="style8">&nbsp;<a href="retrieve_password.php" title="Retrieve Password" rel="gb_page_center[450, 380]">Lost Password?</a></td>
<td></td>

</tr>
</table>
</form>

redpanda
12-09-2008, 07:09 AM
Wow, thanks so much, i will try it now, and let you know how it goes.

redpanda
12-09-2008, 08:02 AM
Thanks John, it seems to have worked, i will do some testing and check that there are no bugs, and let you know either way, thank you heaps.

redpanda
12-11-2008, 03:20 AM
Yep, worked a treat, thanks heaps everybody

jscheuer1
12-11-2008, 02:53 PM
Great! By way of explanation, the way it was setup before, password failure was resulting in a form within a form and with two target elements with the same id, both of which are invalid HTML and that presumably other browsers were error correcting for, but that made IE barf. Invalid HTML code resulting from dynamic changes to a page can often cause one browser to have problems, while another will have no problem error correcting the invalid code. This is also true of non-dynamic HTML code. However, since error correcting algorithms are non-standard and vary from browser to browser, any given browser may work with certain invalid code, while any other given browser may not.