<?php $title = "David Monopoli's INTN2201 Lab 8"; $date = "March 31st, 2011"

1. <?php   $title = "David Monopoli's INTN2201 Lab 8";
2.         $date = "March 31st, 2011";
3.         $filename = "lab8.php";
4.         $banner = "David Monopoli's INTN2201 - Lab 8";
5.         $description = "This is lab8, demonstrating how to store logins in a database and use them effectively within a form.";
6.         include 'header.php'; ?>
7. <?php include 'navbar.php';
8.         include 'functions.php'; ?>
9. <?php
10. $conn=db_connect();
11.  
12.  
13.    
14. $message = "";
15. $results = "";
16.  
17. if($_SERVER["REQUEST_METHOD"] == "GET"){
18.     //default mode when the page loads the first time
19.     //can be used to make decisions and initialize variables
20.     $username="";
21.     $pass="";
22.    
23. }
24.     else if($_SERVER["REQUEST_METHOD"] == "POST"){
25.         //the page got here from submitting the form, let's try to process
26.         $username = trim($_POST["username"]); //the name of the input box on the form, white-space removed
27.         $pass = trim($_POST["password"]);
28.         //issets were here
29.             $sql = "SELECT username_id, password, first_name, last_name, email_addr, last_access
30.                     FROM users
31.                     WHERE username_id= '".$username."' AND
32.                     password= '".$pass."'";;
33.                        
34.             $results = pg_query($conn, $sql);
35.            
36.            
37.             if(pg_num_rows($results)){ //not zero means something was found
38.             //user found, use pg_fetch_resultto pull user specific info to display
39.             $first=pg_fetch_result($results, 0, "first_name");
40.             $last=pg_fetch_result($results, 0, "last_name");
41.             $email=pg_fetch_result($results, 0, "email_addr");
42.             $lastaccess=pg_fetch_result($results, 0, "last_access");
43.             $message="Welcome back " .$first . $last. " Records show that your email is: " . $email . ", you last accessed the account on: " .$lastaccess;
44.            
45.             }else{
46.             //user not found, check for just username id
47.             $sql= "SELECT * FROM users WHERE login_id= '".$username."'";
48.             $results = pg_query($conn, $sql);
49.             $message="Invalid password, please try again.";
50.                 if(!pg_num_rows($results)){ //user not found, empty $username to unstickit
51.                     $username = ""; //when echo’’edin the form
52.                     $message= "Username not found, please try again.";
53.                 }
54.             }
55.         }
56.        
57.    
58.     ?>
59.  
60. <h3><?php echo $message;?></h3>
61.  
62. <form action="<?php echo $_SERVER['PHP_SELF'];  ?>" method="post">
63. <table border="0">
64. <tr>
65. <td><strong>Login ID</strong>
66.     </td>
67.     <td><input type="text" name="login" value="<?php echo $login; ?>" size="15"  /><br/>
68.     </td>
69.     </tr>
70.     <tr>
71.     <td><strong>
72.     Password
73.     </strong>
74.     </td>
75.     <td>
76.     <input type="password" name="password" value="<?php echo $pass; ?>" size="15" /><br/>
77.     </td>
78.     </tr>
79.     <tr>
80.     <td>
81.     <input type="reset" value="Clear" />
82.     </td>
83.     <td>
84.     <input type="submit" value="Login" />
85.     </td>
86.     </tr></table>
87. </form>
88. <br/>
89. <a href="SQL/lab8_users.sql">Lab 8 Users Script</a>
90. <br/>
91.  
92. <?php include "footer.php";?>