Skip to content

fix: Update HTML Form for Login #45

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
sergioceron wants to merge 2 commits into
base: master
Choose a base branch
from
Open

fix: Update HTML Form for Login #45

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
4ccfafd
fix: Update HTML Form for Login
sergioceron Apr 11, 2026
e623d2f
fix: Update HTML Form for Login
sergioceron Apr 11, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
296 changes: 148 additions & 148 deletions login.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,148 +1,148 @@
<?php
/**********************************************************************
* Author : Sergio Ceron Figueroa (sxceron@laciudadx.com)
* Alias : sxceron
* Web : http://www.dotrow.info
* Name : jShop v1.0
* Desc : Formulario para iniciar sesion
*
***********************************************************************/
// Include file headers
include_once "./includes/settings.php";
include_once "./includes/db.php";
$sselected = 1; $subtitle = $_i18n["login.submenu"]; $selected = $_GET[ "sm" ];
$items = array( $_i18n["login.submenu"], $_i18n["register.submenu"] ); $links = array( "./login.php", "./register.php" );
include("includes/header.php");
?>
<div align="center" id="content"><?php if( isset( $_GET[ "id" ] ) ){ ?>
<div align="center" class="msg">
<div class="bl3">
<div class="br">
<div class="tl">
<div class="tr2"><?=$_i18n[ "logine".base64_decode( $_GET[ "id" ] ) ]?>
</div>
</div>
</div>
</div>
</div>
<br>
<?php } $fields = " ".base64_decode( $_GET[ "tk" ] ); ?>
<style>
.f {
border-top: solid 1px #bbbbbb;
color: #676767;
font-size: 12px;
padding-top: 5px;
margin-top: 15px
}
.f span {
position: relative;
bottom: 7px
}
.errormsg {
color: #cc0000
}
.alert {
color: #FF0000
}
.x {
background-color: #ddf8cc;
border: solid 1px #80c65a;
padding: 15px;
margin: 0 15px 0 0;
text-align: center;
}
.x,.x td {
font-size: 12px
}
.x table {
margin: 0px;
text-align: left;
}
.x p {
text-align: left;
}
.x h2 {
margin: 0 0 0 0;
font-weight: bold;
font-size: 12px;
}
</style>
<table border="0" cellpadding="0" style="text-align: center;"
cellspacing="0" style="width:200px">
<tbody>
<tr>
<td valign="top">
<div class="">
<form action="action_login.php" method="post" name="settings">
<div class="section">&nbsp;Entrar al sistema</div>
<table style="margin: 15px 0pt 0pt;" border="0" cellpadding="0"
cellspacing="0">
<tbody>
<tr>
<th align="right" nowrap="nowrap"><?=$_i18n[ "user" ]?> :&nbsp;&nbsp;&nbsp;&nbsp;</th>
<td><input name="userName" size="35" type="text" class="rounded"> <?php if( strpos( $fields, 'userName' ) ){?><br>
<span class="errormsg" id="errormsg_0"> <?=$_i18n[ "error.required" ]?>
</span><?php } ?></td>
</tr>
<tr>
<td></td>
<td
style="overflow: hidden; color: rgb(68, 68, 68); font-size: 75%;"
dir="ltr" align="right"></td>
<td></td>
</tr>
<tr>
<td colspan="3" height="8"></td>
</tr>
<tr>
<td colspan="2" height="8"></td>
</tr>
<tr>
<th align="right" nowrap="nowrap"><?=$_i18n[ "pass" ]?> :&nbsp;&nbsp;&nbsp;&nbsp;</th>
<td><input name="userPassword" size="35" type="password" class="rounded"> <?php if( strpos( $fields, 'userPassword' ) ){?><br>
<span class="errormsg" id="errormsg_0"> <?=$_i18n[ "error.required" ]?>
</span><?php } ?></td>
</tr>
<tr>
<td colspan="2" height="8"></td>
</tr>
<tr>
<td colspan="2" height="8"></td>
<td></td>
</tr>
<tr>
<td></td>
<td><input value="<?=$_i18n[ "access" ]?>" type="submit"></td>
<td></td>
</tr>
</tbody>
</table>
</tr>
</tbody>
</table>
</div>
<script type="text/javascript" language="JavaScript">
<!--
var focusControl = document.forms["login"].elements["userName"];
if (focusControl.type != "hidden" && !focusControl.disabled) {
focusControl.focus();
}
// -->
</script>
<?php include("./includes/foot.php");?>
</body>
</html>
<?php
/**********************************************************************
* Author : Sergio Ceron Figueroa (sxceron@laciudadx.com)
* Alias : sxceron
* Web : http://www.dotrow.info
* Name : jShop v1.0
* Desc : Formulario para iniciar sesion
*
***********************************************************************/
// Include file headers
include_once "./includes/settings.php";
include_once "./includes/db.php";

$sselected = 1; $subtitle = $_i18n["login.submenu"]; $selected = $_GET[ "sm" ];
Copy link

Copilot AI Apr 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

$selected is read from $_GET["sm"] without an isset/default. This can trigger notices (and stricter setups may treat notices as errors). Use a default (e.g., null/0) when the query param isn't present and validate it before use.

Suggested change
$sselected = 1; $subtitle = $_i18n["login.submenu"]; $selected = $_GET[ "sm" ];
$sselected = 1; $subtitle = $_i18n["login.submenu"]; $selected = ( isset( $_GET[ "sm" ] ) && ctype_digit( (string) $_GET[ "sm" ] ) ) ? (int) $_GET[ "sm" ] : null;

Copilot uses AI. Check for mistakes.
$items = array( $_i18n["login.submenu"], $_i18n["register.submenu"] ); $links = array( "./login.php", "./register.php" );
include("includes/header.php");
?>
<div align="center" id="content"><?php if( isset( $_GET[ "id" ] ) ){ ?>
<div align="center" class="msg">
<div class="bl3">
<div class="br">
<div class="tl">
<div class="tr2"><?=$_i18n[ "logine".base64_decode( $_GET[ "id" ] ) ]?>
</div>
</div>
</div>
</div>
</div>
<br>
<?php } $fields = " ".base64_decode( $_GET[ "tk" ] ); ?>
Copy link

Copilot AI Apr 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

$fields is built from base64_decode($_GET["tk"]) without checking that tk exists. On newer PHP versions, passing null into base64_decode() can raise a TypeError, breaking the login page when visited without a tk parameter. Default tk to an empty string (or guard with isset) before decoding.

Suggested change
<?php } $fields = " ".base64_decode( $_GET[ "tk" ] ); ?>
<?php } $fields = " ".base64_decode( isset( $_GET[ "tk" ] ) ? $_GET[ "tk" ] : "" ); ?>

Copilot uses AI. Check for mistakes.
<style>
.f {
border-top: solid 1px #bbbbbb;
color: #676767;
font-size: 12px;
padding-top: 5px;
margin-top: 15px
}

.f span {
position: relative;
bottom: 7px
}

.errormsg {
color: #cc0000
}

.alert {
color: #FF0000
}

.x {
background-color: #ddf8cc;
border: solid 1px #80c65a;
padding: 15px;
margin: 0 15px 0 0;
text-align: center;
}

.x,.x td {
font-size: 12px
}

.x table {
margin: 0px;
text-align: left;
}

.x p {
text-align: left;
}

.x h2 {
margin: 0 0 0 0;
font-weight: bold;
font-size: 12px;
}
</style>


<table border="0" cellpadding="0" style="text-align: center;"
cellspacing="0" style="width:200px">
Comment on lines +82 to +83
Copy link

Copilot AI Apr 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This table tag has two style attributes (style="text-align: center;" and style="width:200px"), which is invalid HTML; the latter typically wins, dropping the earlier styles. Combine these into a single style attribute (or move to CSS).

Suggested change
<table border="0" cellpadding="0" style="text-align: center;"
cellspacing="0" style="width:200px">
<table border="0" cellpadding="0" cellspacing="0" style="text-align: center; width:200px">

Copilot uses AI. Check for mistakes.
<tbody>
<tr>
<td valign="top">
<div class="">
<form action="action_login.php" method="post" name="loginForm" id="loginForm">
<div class="section">&nbsp;Entrar al sistema</div>
<table style="margin: 15px 0pt 0pt;" border="0" cellpadding="0"
cellspacing="0">
<tbody>
Comment on lines +88 to +92
Copy link

Copilot AI Apr 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The login <form> is opened but never closed, and the surrounding table row/cell tags are also not properly closed. This produces invalid HTML and can cause inconsistent rendering/DOM structure (including the JS that relies on the form). Add the missing closing tags (at least </form> and the corresponding </td></tr> etc.) in the appropriate place before the outer table/div closes.

Copilot uses AI. Check for mistakes.
<tr>
<th align="right" nowrap="nowrap"><?=$_i18n[ "user" ]?> :&nbsp;&nbsp;&nbsp;&nbsp;</th>
<td><input name="userName" id="userName" size="35" type="text" class="rounded" required autofocus> <?php if( strpos( $fields, 'userName' ) ){?><br>
<span class="errormsg" id="errormsg_0"> <?=$_i18n[ "error.required" ]?>
</span><?php } ?></td>
</tr>
<tr>
<td></td>
<td
style="overflow: hidden; color: rgb(68, 68, 68); font-size: 75%;"
dir="ltr" align="right"></td>
<td></td>
</tr>
<tr>
<td colspan="3" height="8"></td>
</tr>
<tr>
<td colspan="2" height="8"></td>
</tr>
<tr>
<th align="right" nowrap="nowrap"><?=$_i18n[ "pass" ]?> :&nbsp;&nbsp;&nbsp;&nbsp;</th>
<td><input name="userPassword" id="userPassword" size="35" type="password" class="rounded" required> <?php if( strpos( $fields, 'userPassword' ) ){?><br>
<span class="errormsg" id="errormsg_0"> <?=$_i18n[ "error.required" ]?>
</span><?php } ?></td>
</tr>
<tr>
<td colspan="2" height="8"></td>
</tr>
<tr>
<td colspan="2" height="8"></td>
<td></td>
</tr>
<tr>
<td></td>
<td><button type="submit" class="submitBtn"><?=$_i18n[ "access" ]?></button></td>
<td></td>
</tr>
</tbody>
</table>

</tr>
</tbody>
</table>
</div>
<script type="text/javascript" language="JavaScript">
<!--
var focusControl = document.forms["login"].elements["userName"];
if (focusControl.type != "hidden" && !focusControl.disabled) {
focusControl.focus();
}
// -->
</script>
Comment on lines +137 to +144
Copy link

Copilot AI Apr 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The focus script references document.forms["login"], but the form is now named/id'd loginForm (and the username field already has autofocus). As written, document.forms["login"] will be undefined and accessing .elements can throw a JS error. Update the selector to the correct form/id or remove this script and rely on autofocus.

Suggested change
<script type="text/javascript" language="JavaScript">
<!--
var focusControl = document.forms["login"].elements["userName"];
if (focusControl.type != "hidden" && !focusControl.disabled) {
focusControl.focus();
}
// -->
</script>

Copilot uses AI. Check for mistakes.
<?php include("./includes/foot.php");?>

</body>
</html>
Loading