Reuse the code without submitting the form twice

Question

This is all about to implement a Delete Account feature in my site.

If user requested to delete his account(It takes 3 days to delete the complete data) and try to login within this 3 days. We need to ask a confirmation if you are logged in account will be enabled

For that I am using the below code

 $('#loginform').on('submit',function(e) {
   var t = $(this);

   $.post('/login.php', t.serialize(), function(data) {
     if(data.error.length) {
       $('.login_result', t).html(data.result).slideDown();

     } else if(data.result == 'waiting_for_deletion') {
       jconfirm('Account will be enabled if you login',
          function(is_confirmed) {
            if(is_confirmed) {                            
               $('input:hidden[name="loginform"]').val('confirm_reactivation');
               ('#loginform').submit();
             }
          } ,
          'Yes', 'Cancel');
         } else {
            location.href = '/accounts';
         }
  }, 'json')
});

If user entered correct details (email & password) will ask a confirmation, if he confirmed I am resubmiting the form with a new input field value

I just want to know how Can I reuse my PHP code without submitting the form twice?

or Can I use one more ajax call inside first ajax (I think not possible).

Also it should not affect normal login

// EDITED

Here is my PHP code

login.php

if(isset($_POST['loginform'])) {

    $email = trim(mb_strtolower($_POST['email']));
    $password = $_POST['upw'];


    if (empty($email)) {
        $error['#email'] = 'Wrong mail';
    }
    validate('password', $password, $error['#password']);

    // check for correct password now
    if(!$error) {

        $data = query_execute("SELECT * FROM users WHERE email='".sqlescape($email)."' LIMIT 1");

        if(!$data) {
            $error['#email'] = 'Account not exists';

        } elseif(!$data['active'] && !(int)$data['validated']) {
            $error['error'] = 'Account not validated';

        } elseif(!$data['password'] || !check_password($password, $data['password'], $data['userid'])) {
            $error['#password'] = 'Wrong password';

        // ----------------------------------------------
        // OK, ALL FINE! USER COULD LOGIN
        // ----------------------------------------------
        } else {

           $confirmation = $_POST['loginform'] == 'confirm_reactivation' ? true : false;

            $Delete_Accounts = query_execute("SELECT * FROM deleteacoount WHERE email='".sqlescape($email)."' LIMIT 1");

            // Waiting for Deletion accounts
            if ($Delete_Accounts[$data['userid']] == 2 && !$confirmation) {
                $result = 'waiting_for_deletion';
            } else {
                if($confirmation) {
                    query_execute("DELETE FROM deleteacoount WHERE email='".sqlescape($email)."'");
                }

         DB_query("UPDATE users SET last_login=NOW(),
                               last_ip='".$_POST['ip']."'                                  
                           WHERE userid=".$userid."",'#');

                $result = 'OK';
            }
        }
        // ----------------------------------------------
    }

    if($error) {

        $result = '<div class="alert alert-block alert-error mb5"><h4>'.$error.'</div>';

    }

    jsonReturn($result, $error);
}

Answer 1

Here I am using one extra ajax call and reusing existing code to create another PHP file to solve this problem without submitting a form twice.

Script

$(".password").on('focus', function () {
        var email=$('input[name="email"]').val();
        confirm_reactivation(email);
});

function confirm_reactivation(email)
{

var api="email="+ email;
         $.ajax({
        method : 'POST',
        url : confirm_reactivation.php,
        data : api
      }).done(function(data){
        var out = $.parseJSON(JSON.stringify(data));
        if(out.message == 'success'){
             $('input:hidden[name="loginform"]').val('confirm_reactivation');
        }else{
               $('input:hidden[name="loginform"]').val('');
        }
      });
}

$('#loginform').on('submit',function(e) {

  var check_value=$('input:hidden[name="loginform"]').val();
if(check_value !='' || check_value == null)
{
var t = $(this);

   $.post('/login.php', t.serialize(), function(data) {
     if(data.error.length) {
       $('.login_result', t).html(data.result).slideDown();

     } else {
            location.href = '/accounts';
         }
  }, 'json')
}
else{
       jconfirm('Account will be enabled if you login',
          function(is_confirmed) {
            if(is_confirmed) {                            

$('input:hidden[name="loginform"]').val('confirm_reactivation');
               //('#loginform').submit();
var t = $(this);


   $.post('/login.php', t.serialize(), function(data) {
     if(data.error.length) {
       $('.login_result', t).html(data.result).slideDown();

     } else {
            location.href = '/accounts';
         }
  }, 'json')
             }
          } ,
          'Yes', 'Cancel');

}


});

and here is your new PHP file, I have reused your code and added few things.

//confirm_reactivation.php

<?php

 $email = trim(mb_strtolower($_POST['email']));

  $Delete_Accounts = query_execute("SELECT * FROM deleteacoount WHERE email='".sqlescape($email)."' LIMIT 1");

            // Waiting for Deletion accounts
            if ($Delete_Accounts[$data['userid']] == 2) {
                $message = array("message" =>'success',"status" =>200);
 echo json_encode($message);exit;
            }
            else{
             $message = array("message" =>'failed',"status" =>200);
 echo json_encode($message);exit;
            }



?>

That's it. Thank you!

Answer 2

I don't really know why you don't want to submit the form twice.

In anyway, there are 2 goals must be achieved:

1. The user must know his/her account is waiting_for_deletion and confirm to login.
2. The server must know that user confirmed.

There is a solution for you: Load all waiting_for_deletion emails when you load login page (you can hash it for security reason). After user entered his/her email, you can compare the entered email and waiting_for_deletion list. If the email is existed in the list, show the confirm popup.

This solution is not good about performance (you must load the email list anytime render login page), security (you load a list of email and check in client side, ever if you hashed emails on the list, it is also a weak point). But, it can achieve your goal.

Answer 3

You need to write function for ajax, and after modify object - submit it again

function submitForm(form) {
    $.post('/ajax.php', form.serialize(), function (data) {
        if (data.error.length) {
            $('.login_result', form).html(data.result).slideDown();

        } else if (data.result === 'waiting_for_deletion') {

            jconfirm('Account will be enabled if you login',
                function (is_confirmed) {
                    if (is_confirmed) {
                        form.find('input:hidden[name="loginform"]').val('confirm_reactivation');
                        submitForm(form);
                        return;
                    }
                },
                'Yes', 'Cancel');
        } else {
            location.href = '/me';
        }
    });
}

$('#loginform').on('submit', function (e) {
    e.preventDefault();

    submitForm($(this));
});