help with login from not submitting

help with login from not submitting

I have a form which uses JQuery and evaluates the data against info in a MySQL DB and allows or denys access. Works fine until I tried to add another PHP session variable, and then I just get the 'validating' message without any result. the part which causes it to break is $_SESSION['editor_name'] = $row['editor_name'] 

I thought it may be b/c I wasn't placing that in the JQuery, but I tried adding a hidden field to the form with the ID of editor_name and adding to the POST data such as this, but it was a no-go. Any ideas on a fix or debugging is greatly appreciated.

  1. $.post("login.php", {username:$('#username').val(),password:$('#password').val(),editor_name:$('#editor_name').val()} ,function(data)

The login form contains the following code.
  1. <?php
    session_start();
    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" dir="ltr">
    <head>
    <meta http-equiv="Content-type" content="text/html; charset=ISO-8859-1" />
    <title>
    ETSI Editor Candidate Test
    </title>
    <link href="style.css" rel="stylesheet" type="text/css" />

    <script type="text/javascript" src="js/niceforms.js"></script>
    <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.1/jquery.min.js"></script>
    <script language="javascript">
    //  Developed by Roshan Bhattarai
    //  Visit http://roshanbh.com.np for this script and more.
    //  This notice MUST stay intact for legal use

    $(document).ready(function()
    {
        $("#login_form").submit(function()
        {
            //remove all the class add the messagebox classes and start fading
            $("#msgbox").removeClass().addClass('messagebox').text('Validating....').fadeIn(1000);
            //check the username exists or not from ajax
            $.post("login.php", {username:$('#username').val(),password:$('#password').val()} ,function(data)
            {
                //alert(data);
              if(data==1) //if correct login detail
              {
                  $("#msgbox").fadeTo(200,0.1,function(data)  //start fading the messagebox
                {
                  //add message and change the class of the box and start fading
                  $(this).html('Success!..Logging in.....').addClass('messageboxok').fadeTo(900,1,
                  function()
                  {
                       //redirect to secure page
                     document.location='EditorExam.php';
                  });
                 
                });
              }
              else
              {
                  $("#msgbox").fadeTo(200,0.1,function(data) //start fading the messagebox
                {
                  //add message and change the class of the box and start fading
                  $(this).html('You have entered an incorrect login<br /> please try again!').addClass('messageboxerror').fadeTo(900,1).delay(5000).fadeTo(900,0);
                });       
              }
                   
            });
             return false; //not to post the  form physically
        });
        //now call the ajax also focus move from
        $("#password").blur(function(data)
        {
            $("#login_form").trigger('submit');
        });
    });
    </script>
    </head>
    <body>
    <div id="LoginContainer">

    <h1 class="login">ETSI Editor Candidate Login</h1>

    <div id="form_align">

    <form enctype="multipart/form-data" method="post" action="" id="login_form" class="niceform">
    <fieldset>
    <legend>Please enter your email address and password  to login to your test.</legend>
     <img class="logo" src="ETSI_logo.png" alt="ETSI Logo"></img>
     <div class="loginwrapper">
      
        <label for="username">Username:<span class='red_small'> (email address) </span></label><br />
       
        <input type="text" name="username" id="username" size="20"><br /><br />
        <label for="password">Password:<span class='red_small'> (you should have been given this)</span> </label><br />
        <input type="password" name="password" id="password" size="20"><br /><br />
       <div class="buttondiv">
        <input class="button" type="submit" name="submit" value="Login" /><span id="msgbox" style="display:none"></span>
    </div>
        </div><!--end login wrapper-->
    </form>
    </fieldset>
    </div>

    </div><!--end container div-->
    </body>
    </html>





























































































and the PHP login code

  1. <?php
    session_start();
    $db_user = "user";
    $db_pass = "pass";
    $db = "DB";

    mysql_connect('localhost',$db_user,$db_pass);
    mysql_select_db($db);

    $username = mysql_real_escape_string($_POST['username']);
    $password =(md5($_POST['password']));

     $sql = "SELECT username,password,editor_name
               FROM   Editor_Candidates
               WHERE
               password = '$password'
               AND
               username='$username'";
    $dat = time() + 3600;
              
    $sql_update ="UPDATE Editor_Candidates
              SET login_timestamp = DATE_ADD(NOW(), INTERVAL 2 HOUR)
              WHERE username = '$username'
              AND password = '$password'";
     

    $query = mysql_query($sql) or die("Query Failed: $sql - " . mysql_error());
    $num_rows = mysql_num_rows($query);
    $row = mysql_fetch_array($query) or die(mysql_error());
    //echo $row['editor_name'];

        


    if ($num_rows == '1')
    {
    $_SESSION['editor_name'] = $row['editor_name']
    $_SESSION['username'] = $username;
    $_SESSION['sid'] = session_id();
    // Make it more secure by storing the user's IP address.
    $_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
    // Now give the success message.
    // $_SESSION['username'] should print out your username.   


    echo '1';
    } else
    {
    echo '0';
    }

    ?>