tags:

views:

3195

answers:

7
+1  Q: 

Javascript login form doesn't submit when user hits Enter

Hi there,

I'm working on a simple javascript login for a site, and have come up with this:

<form id="loginwindow">
<strong>Login to view!</strong>
<p><strong>User ID:</strong>
  <input type="text" name="text2">
</p>
<p><strong>Password:</strong>
<input type="password" name="text1"><br>
  <input type="button" value="Check In" name="Submit" onclick=javascript:validate(text2.value,"username",text1.value,"password") />
</p>

</form>
<script language = "javascript">

function validate(text1,text2,text3,text4)
{
 if (text1==text2 && text3==text4)
 load('album.html');
 else 
 {
  load('failure.html');
 }
}
function load(url)
{
 location.href=url;
}
</script>

...which works except for one thing: hitting enter to submit the form doesn't do anything. I have a feeling it's cause I've used "onclick" but I'm not sure what to use instead. Thoughts?

A: 

My Thought = Massive security hole. Anyone can view the username and password.

More relevant to your question: - You have two events happening.

  1. User clicks button.
  2. User presses enter.

The enter key submits the form, but does not click the button.

By placing your code in the onsubmit method of the form the code will run when the form is submitted. By changing the input type of the button to submit, the button will submit the form in the same way that the enter button does.

Your code will then run for both events.

Ady  2008-10-27 04:35:14
+11  A: 
keparo  2008-10-27 04:35:37
this looks pretty darn good. couple quick questions: 1. where in this code do i set the username and password?2. would it help with security if i were to put the javascript in an external file and link to it?thank you so much for your thorough answer!
 2008-10-27 05:57:48
3. (haha sorry for being annoying. i really appreciate your help!) it seems as though using your code, it doesn't matter what i enter for the username and password, it just redirects to album.html. how can i fix that?
 2008-10-27 06:00:33
keparo  2008-10-27 06:48:43
Re: 2 Putting the js in an external file won't help. The secure way is to allow the form to submit the values to the server over https, and control the login on the server. It's a bit much to explain entirely as an aside to this question, but I can recommend some resources or open a new question..
keparo  2008-10-27 06:55:56
+1  A: 

Instead of <input type="button">, use <input type="submit">. You can put your validation code in your form onsubmit handler:

<form id="loginwindow" onsubmit="validate(...)">

Josh Hinman  2008-10-27 04:39:45
A: 

Maybe you can try this:

<form id="loginwindow" onsubmit='validate(text2.value,"username",text1.value,"password")'>
<strong>Login to view!</strong>
<p><strong>User ID:</strong>
   <input type="text" name="text2">
</p>
<p><strong>Password:</strong>
<input type="password" name="text1"><br>
   <input type="submit" value="Check In"/>
</p>

</form>

As others have pointed out, there are other problems with your solution. But this should answer your question.

Vincent Ramdhanie  2008-10-27 04:40:39
+1  A: 

it's because it's not a form submitting, so there's no event to be triggered when the user presses enter. An alternative to the above form submit options would be to add an event listener for the input form to detect if the user pressed enter.

<input type="password" name="text1" onkeypress="detectKey(event)">
Zurahn  2008-10-27 04:44:42
A: 

dang, fast replies guys!

okay yeah so I'm well aware of how flimsy this is security-wise. It's not for anything particularly top secret, so it's not a huge issue, but if you guys could elaborate on your thoughts with code, I'd love to see your ideas. the code i listed is literally all i'm working with at this point, so i can start from scratch if need be.

 2008-10-27 04:45:06
A: 

Surely this is too unsecure as everyone can crack it in a second ...

-- only pseudo-secure way to do js-logins are the like:

<form action="http://www.mySite.com/" method="post" onsubmit="this.action+=this.theName.value+this.thePassword.value;">
  Name: <input type="text" name="theName"><br>
  Password: <input type="password" name="thePassword"><br>
  <input type="submit" value="Login now">
</form>
roenving  2008-10-27 04:49:27

related questions

Infopath 2007 - Emailed forms not rendering correctly
What can prevent an MS Access 2000 form from closing?
Form library
Trigger update on DataTable bound to DataGridView
What's a clean/simple way to ensure the security of a page?
How to best merge information, at a server, into a "form", a PDF being generated as the final output
In HTML, what should happen to a selected, disabled option element?
What's the state of play with "Visual Inheritance"
ASP.NET MVC Preview 4 - Stop Url.RouteUrl() etc. using existing parameters
HTTP POST question - I'm stuck
InfoPath 2003 and the xs:any type
Retrieving HTTP status code from loaded iframe with Javascript
Data model for a extensible web form
.Net Compact Framework scrollbars - horizontal always show when vertical shows
MVC - where to implement form validation (server-side)?
Offline forms
MVC .Net - The best way to write a form?
Windows Forms Threading and Events - ListBox updates promptly but progressbar experiences huge delay
What is the best way to upload a file via an HTTP POST with a web form?
Delphi MDI Application and the titlebar of the MDI Children
Use the routing engine for form submissions in ASP.NET MVC Preview 4
How Do I Post and then redirect to an external URL from ASP.Net?
Is a "Confirm Email" input good practice when user changes email address?
WinForms ComboBox data binding gotcha
How do I access a remote form in php?