多个表单提交并进行身份验证
我有 scriptA 和 siteB,我向其提交表单。脚本 B 是一个单独的脚本,不是我的,所以我无法更改它的任何设置。但是,脚本 A 是我的,所以我可以在下面发布该脚本。给定一个登录屏幕,用户输入其登录凭据,然后单击“登录”。此后,表单 POSTS 到位于表单的操作属性中的 scriptB,然后表单使用 JQUERY POSTS 到 scriptA。 scriptB 我不关心,我只需要将表单发布到它即可。 POSTED 的 ScriptA 获取 POSTED 的凭据并执行 LDAP 绑定以查看凭据是否与数据库中的凭据匹配,如果匹配,则用户将被重定向到 www.examplesite.com,如果给定的凭据为 false,则用户将被重定向到 www.examplesite.com返回登录屏幕,提示用户名和密码无效。
ScriptB 在提交时重定向,这是我不想要的,我什至不关心 scriptB 做什么,我只需将凭据发布给它。我关心 scriptA,一旦 scriptA 获得正确的凭据,它应该重定向用户。我无法对 scriptB 进行更改,所以我必须以某种方式忽略它的重定向。
目前发生了什么: 1)在登录屏幕上,用户输入凭据后点击“提交” 2)ScriptB通过action属性POSTED,ScriptA通过JQUERY POSTED 3) ScriptB 将用户重定向到 www.examplesite.com
应该发生什么: 1)在登录屏幕上,用户输入凭据后点击“提交” 2)ScriptB通过action属性POSTED,ScriptA通过JQUERY POSTED 3) 如果 scriptA 发现凭据错误,它应该重定向回登录屏幕,并显示消息无效登录。 4)一旦用户在登录屏幕用户输入正确的凭据并且 scriptA 批准这些凭据,请将用户重定向到 www.example2site.com
下面是我的 scriptA,如果我在没有 scriptB 的情况下发布到它,则 scriptA 按预期工作,但在这里我试图将这 2 个合并在一起。
scriptA 基本上是一个网站登录身份验证,它通过 LDAP 绑定进行身份验证。
提交到两个脚本的工作登录屏幕代码:
<form action="http://servicedesk.site.com/j_security_check" method=post id="form" name="Auth" class="appnitro">
<div class="form_description">
<h2>Login</h2>
</div>
<ul >
<li id="li_1" >
<label class="description" for="element_1">Username </label>
<div>
<input id="element_1" name="j_username" class="element text medium" type="text" maxlength="255" value=""/>
</div>
</li> <li id="li_2" >
<label class="description" for="element_2">Password </label>
<div>
<input id="element_2" name="j_password" class="element text medium" type="password" maxlength="255" value=""/>
</div>
</li>
<li class="buttons">
<input id="saveForm" class="button_text" type="submit" name="submit" value="Log In" />
</li>
</ul>
</form>
JQUERY 代码:
<script language="JavaScript" type="text/JavaScript">
$(document).ready( function(){
$('#form').submit(function(){
$.ajax({
type: 'POST',
async: true,
url: "https://noc.sde.site.com/okhawaja/Login/formLanding/authenticate.php",
data: $(this).serialize(),
success: function(data, status, xhr){
},
error: function(xhr, status, err) {
alert(status + ": " + err);
}
});
});
});
</script>
ScriptA:
<?php
session_start();
if( isset($_POST['j_username']) && isset($_POST['j_password']) )
{
//LDAP stuff here.
$username = trim($_POST['j_username']);
$password = trim($_POST['j_password']);
echo("Authenticating...");
$ds = ldap_connect('ldap://ldap:port');
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
//Can't connect to LDAP.
if( !ds )
{
$_SESSION['rdr']="Invalid Login. Try Again.";
header( "Location: https://noc.sde.site.com/okhawaja/Login/formLanding/login.php" );
exit;
}
//Connection made -- bind anonymously and get dn for username.
$bind = @ldap_bind($ds);
//Check to make sure we're bound.
if( !bind )
{
$_SESSION['rdr']="Invalid Login. Try Again.";
header( "Location: https://noc.sde.site.com/okhawaja/Login/formLanding/login.php" );
exit;
}
$search = ldap_search($ds, "ou=People,DC=sde,DC=site,DC=com", "uid=$username");
//Make sure only ONE result was returned -- if not, they might've thrown a * into the username. Bad user!
if( ldap_count_entries($ds,$search) != 1 )
{
$_SESSION['rdr']="Invalid Login. Try Again.";
header( "Location: https://noc.sde.site.com/okhawaja/Login/formLanding/login.php" );
redirect(_WEBROOT_ . "/try1b.php");
exit;
}
$info = ldap_get_entries($ds, $search);
//Now, try to rebind with their full dn and password.
$bind = @ldap_bind($ds, $info[0][dn], $password);
if( !$bind || !isset($bind))
{
$_SESSION['rdr']="Invalid Login. Try Again.";
header( "Location: https://noc.sde.site.com/okhawaja/Login/formLanding/login.php" );
redirect(_WEBROOT_ . "/try1b.php");
exit;
}
//Now verify the previous search using their credentials.
$search = ldap_search($ds, "ou=People,DC=sde,DC=rogersdigitalmedia,DC=com", "uid=$username");
$info = ldap_get_entries($ds, $search);
if( $username == $info[0][uid][0] )
{
$_SESSION['username'] = $username;
$_SESSION['fullname'] = $info[0][cn][0];
$_SESSION['email'] = $info[0][mail][0];
$_SESSION['phone'] = $info[0][telephonenumber][0];
header( "Location: https://noc.sde.site.com/okhawaja/service_desk_portal/index.php" );
exit;
}
else
{
$_SESSION['rdr']="Invalid Login. Try Again.";
header( "Location: https://noc.sde.site.com/okhawaja/Login/formLanding/login.php" );
redirect(_WEBROOT_ . "/try1b.php");
exit;
}
ldap_close($ds);
exit;
}
?>
有人知道如何在提交后在登录屏幕上进行重定向吗?
I have scriptA and siteB that I submit my form to. Script B is a separate script that isn't mine so I cant change any of its settings..However, ScriptA is mine so I can post that script below. Given a login screen, a user puts in their login credentials then clicks login. After this, the form POSTS to scriptB which is in the action attribute of the form, then the form using JQUERY POSTS to scriptA. scriptB I dont care about, I just need to POST the form to it and thats that. ScriptA that is POSTED to takes the credentials POSTED to it and does an LDAP bind to see if the credentials match to the ones in DB, if they match, user is redirected to www.examplesite.com, if the given credentials are false then user is sent back to login screen saying invalid username and password.
ScriptB redirects on submission which I dont want, I dont even care what scriptB does, I just have to POST the credentials to it. I care about scriptA, once scriptA gets the proper credentials it should redirect the user. I cant make changes to scriptB so I have to somehow ignore its redirect.
What happens currently:
1) At login screen user hits submit after entering credentials
2) ScriptB is POSTED to through the action atribute, ScriptA is POSTED to through JQUERY
3) ScriptB redirects the user to www.examplesite.com
What should happen:
1) At login screen user hits submit after entering credentials
2) ScriptB is POSTED to through the action atribute, ScriptA is POSTED to through JQUERY
3) If scriptA finds the credentials wrong, it should redirect back to login screen with message invalid login.
4) once the user enters correct credentials at login screen user and scriptA approves these credentials, redirect user to www.example2site.com
Below is my scriptA, if I POST to it without scriptB then scriptA works just as intended but here I am trying to merge these 2 together.
scriptA is basically a website login authentication and it authenticates through LDAP bind.
Working login screen code that submits to both the scripts:
<form action="http://servicedesk.site.com/j_security_check" method=post id="form" name="Auth" class="appnitro">
<div class="form_description">
<h2>Login</h2>
</div>
<ul >
<li id="li_1" >
<label class="description" for="element_1">Username </label>
<div>
<input id="element_1" name="j_username" class="element text medium" type="text" maxlength="255" value=""/>
</div>
</li> <li id="li_2" >
<label class="description" for="element_2">Password </label>
<div>
<input id="element_2" name="j_password" class="element text medium" type="password" maxlength="255" value=""/>
</div>
</li>
<li class="buttons">
<input id="saveForm" class="button_text" type="submit" name="submit" value="Log In" />
</li>
</ul>
</form>
JQUERY CODE:
<script language="JavaScript" type="text/JavaScript">
$(document).ready( function(){
$('#form').submit(function(){
$.ajax({
type: 'POST',
async: true,
url: "https://noc.sde.site.com/okhawaja/Login/formLanding/authenticate.php",
data: $(this).serialize(),
success: function(data, status, xhr){
},
error: function(xhr, status, err) {
alert(status + ": " + err);
}
});
});
});
</script>
ScriptA:
<?php
session_start();
if( isset($_POST['j_username']) && isset($_POST['j_password']) )
{
//LDAP stuff here.
$username = trim($_POST['j_username']);
$password = trim($_POST['j_password']);
echo("Authenticating...");
$ds = ldap_connect('ldap://ldap:port');
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
//Can't connect to LDAP.
if( !ds )
{
$_SESSION['rdr']="Invalid Login. Try Again.";
header( "Location: https://noc.sde.site.com/okhawaja/Login/formLanding/login.php" );
exit;
}
//Connection made -- bind anonymously and get dn for username.
$bind = @ldap_bind($ds);
//Check to make sure we're bound.
if( !bind )
{
$_SESSION['rdr']="Invalid Login. Try Again.";
header( "Location: https://noc.sde.site.com/okhawaja/Login/formLanding/login.php" );
exit;
}
$search = ldap_search($ds, "ou=People,DC=sde,DC=site,DC=com", "uid=$username");
//Make sure only ONE result was returned -- if not, they might've thrown a * into the username. Bad user!
if( ldap_count_entries($ds,$search) != 1 )
{
$_SESSION['rdr']="Invalid Login. Try Again.";
header( "Location: https://noc.sde.site.com/okhawaja/Login/formLanding/login.php" );
redirect(_WEBROOT_ . "/try1b.php");
exit;
}
$info = ldap_get_entries($ds, $search);
//Now, try to rebind with their full dn and password.
$bind = @ldap_bind($ds, $info[0][dn], $password);
if( !$bind || !isset($bind))
{
$_SESSION['rdr']="Invalid Login. Try Again.";
header( "Location: https://noc.sde.site.com/okhawaja/Login/formLanding/login.php" );
redirect(_WEBROOT_ . "/try1b.php");
exit;
}
//Now verify the previous search using their credentials.
$search = ldap_search($ds, "ou=People,DC=sde,DC=rogersdigitalmedia,DC=com", "uid=$username");
$info = ldap_get_entries($ds, $search);
if( $username == $info[0][uid][0] )
{
$_SESSION['username'] = $username;
$_SESSION['fullname'] = $info[0][cn][0];
$_SESSION['email'] = $info[0][mail][0];
$_SESSION['phone'] = $info[0][telephonenumber][0];
header( "Location: https://noc.sde.site.com/okhawaja/service_desk_portal/index.php" );
exit;
}
else
{
$_SESSION['rdr']="Invalid Login. Try Again.";
header( "Location: https://noc.sde.site.com/okhawaja/Login/formLanding/login.php" );
redirect(_WEBROOT_ . "/try1b.php");
exit;
}
ldap_close($ds);
exit;
}
?>
Anyone know how I can do a redirect on login screen upon submission?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
为什么不直接通过 ajax 发布到脚本 B,并使用 event.preventDefault() 来阻止按钮执行标准表单发布?
Why not just post to script B via ajax, and use
event.preventDefault()to prevent the button from performing the standard form post?我认为您需要停止提交表单的提交按钮,为此添加“return false;”在提交回调函数的末尾,如下所示:
然后,在成功回调中执行您需要执行的任何操作,无论是将其提交到其他 URL 还是其他内容。这可能有效:
I think you need to stop the submit button for submitting the form, to do this add "return false;" at the end of the submit callback function like so:
Then, in the success callback do whatever you need to, whether this is submit it on to the other URL or something else. This might work: