Page Specifics

login.php

This script provides the ability to login, which includes setting the UserName and password attributes (variables) in the hidden frame. You will see some alterations of the scripts used to secure a protected page since the login page essentially needs to be publicly accessed. See the Common Page Code for an explanation of these scripts. There are some examples of how to load some content that is visible to authenticated users only on a publicly accessed page.

The parent.hidden.logOut('testform','login.php') could be accessed just as easily from any page but I have only included an example of calling it on the login.php page.

The first parameter to many of the commands that are run from the hidden frame is the ID of the form that you desire to submit. Sometimes it makes sense to use parentNode.id to save on mistakes with the form id when copying code from one page to another. Other times there are so many html DOM elements between the button and the form that it is easier just to directly specify what the id of the form is. The second parameter is usually the uri of the page / script that you wish to submit the form to. The parent.hidden.navigateTo('login.php') function is an exception since it creates it's own form dynamically you only need to provide the destination page / script name.

Other Pages

The failedlogins_page.php, sessions_page.php and users_page.php pages are almost identical with the exception of which table they are presenting as the secured content.

A few different ways of submitting the authentication data are demonstrated. Also the use of bookmarks (typically problematic to frames based sites) is demonstrated.