jquery login

jquery login

Hi everyone, I've been trying to make a login form using jquery, I've been stuck for some time, I don't know what I'm doing wrong, any help would be appreciated.


login.js


$(document).ready(function()
{
$("#login").submit(function()
{
//remove all the class add the messagebox classes and start fading
$("#msgbox").removeClass().addClass('messagebox').text('Validating....').fadeIn(1000);
//check the username exists or not from ajax
$.post("/login.php?cmd=login",{ user_name:$('#user').val(),password:$('#password').val(),rand:Math.random() } ,function(data)
{

if(data=='yes') //if correct login detail
{
$("#msgbox").fadeTo(200,0.1,function() //start fading the messagebox
{
//add message and change the class of the box and start fading
$(this).html('Logging in.....').addClass('messageboxok').fadeTo(900,1,
function()
{
//redirect to secure page
document.location='/home.php';
});

});
}
else
{
$("#msgbox").fadeTo(200,0.1,function() //start fading the messagebox
{
//add message and change the class of the box and start fading
$(this).html('Your login detail are wrong...').addClass('messageboxerror').fadeTo(900,1);
});
}

});
return false; //not to post the form physically
});
//now call the ajax also focus move from
$("#password").blur(function()
{
$("#login").trigger('submit');
});
});

login.php (the part that handles the login)


elseif ($cmd == "login")
{


$name = get_param("user", "");
$password = get_param("password", "");

$this->message = "";
$id = DB::result("SELECT user_id FROM user WHERE name=" . to_sql($name, "Text") . " and password=" . to_sql($password, "Text") . ";");
if ($id == 0)
{
$this->message .= "Incorrect Username/Password.<br>";
}

if ($this->message == "")
{
echo "yes";
set_session("user_id", $id);
set_session("user_id_verify", $id);
#print_r($_SESSION);

if (get_param("remember", "") != "")
{
set_cookie("c_user", $name, -1);
set_cookie("c_password", $password, -1);
}
else
{
set_cookie("c_user", "", -1);
set_cookie("c_password", "", -1);
}

DB::execute("UPDATE user SET last_ip=" . to_sql($_SERVER['REMOTE_ADDR'], "Text") . " WHERE user_id=" . $id . "");

redirect("home.php");
}
}
elseif (get_cookie("c_user") != "" and get_cookie("c_password") != "")
{
if (get_session("user_id") != "")
{
redirect("home.php");
}

$name = get_cookie("c_user");
$password = get_cookie("c_password");

$this->message = "";
$id = DB::result("SELECT user_id FROM user WHERE name=" . to_sql($name, "Text") . " and password=" . to_sql($password, "Text") . ";");
if ($id == "")
{
$this->message .= "Incorrect Username/Password.<br>";
}

if ($this->message == "")
{
set_session("user_id", $id);
set_session("user_id_verify", $id);

DB::execute("UPDATE user SET last_ip='" . $_SERVER['REMOTE_ADDR'] . "' WHERE user_id=" . $id . "");


redirect("home.php");
}
}

if (get_session("user_id") != "")
{

redirect("home.php");
}


and the form


<form id="login" method="post" action="{url_main}index.php?cmd=login" class="clearfix" />
<label for="user">{l_members}</label>
<input type="text" name="user" id="user" tabindex="1"/><br /><br />
<label for="password">{l_password}</label>
<input type="password" name="password" id="password" tabindex="2"/><br /><br />
<div id="hr"></div>
<input id="login-btn" type="submit" name="submit" value="Login" alt="Login" />
<a href="{url_main}forget_password.php">{l_forgot_password}</a>
<span id="msgbox" style="display:none"></span>


</form>

thanks