Creating an account using Javascript

Question

Creating an account using Javascript

Is it good to use Javascript to create an account or is it subject to security risks? If everything is ok, I should be able to display some errors if the username or email address already exists.

eg.

JavaScript:

function createAccount() {
   var new_user = $('#new-username').val();
   var new_pass = $('#new-password').val();
   var confirm_pass = $('#confirm-password').val();
   var new_email = $('#new-email').val();
   $.post('createaccount.php', {
       new_user: new_user,
       new_pass: new_pass,
       confirm_pass: confirm_pass,
       new_email: new_email
   });
}

createaccount.php:

$new_username = mysqli_real_escape_string($conn,$_POST['new_user']);
$new_password = mysqli_real_escape_string($conn,$_POST['new_pass']);
$new_email = mysqli_real_escape_string($conn,$_POST['new_email']);
$confirm_password = mysqli_real_escape_string($conn,$_POST['confirm_pass']);

$query = mysqli_query($conn,"SELECT * FROM users WHERE username='$new_username'");
$numrows = mysqli_num_rows($query);
$query2 = mysqli_query($conn,"SELECT * FROM users WHERE email='$new_email'");
$numrows2 = mysqli_num_rows($query2);

...

echo json_encode(array('numrows'=>$numrows,'numrows2'=>$numrows2));

I need to be able to use numrows, and numrows2once with $ .getJSON, to prevent some errors (such as user name already exists, or e-mail address is already in use). Any way to do this?

+4

javascript php

frosty May 21 '15 at 10:53 PM

source share

3 answers

SLaks · Answer 1 · 2015-05-21T22:56:35+0000

HTTP requests sent from Javascript code are no more or less secure than HTTP requests sent from HTML forms.

Kyle · Answer 2 · 2015-05-21T22:57:26+0000

, PHP, , , Javascript, .

www139 · Answer 3 · 2015-05-21T23:30:26+0000

. . , , . SSL , javascript . , , , . NSA . Javascript , . Google "javascript ", , . . . , .

Creating an account using Javascript

More articles: