Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <--config.php-->
- <?php
- define('DB_SERVER', 'sampleserver');
- define('DB_USERNAME', 'sampleuser');
- define('DB_PASSWORD', 'samplepassword');
- define('DB_DATABASE', 'sampledb');
- $db = mysqli_connect(DB_SERVER,DB_USERNAME,DB_PASSWORD,DB_DATABASE);
- ?>
- <-- login.php -->
- <?php
- include("config.php");
- session_start();
- if($_SERVER["REQUEST_METHOD"] == "POST") {
- // username and password sent from form
- $myusername = mysqli_real_escape_string($db,$_POST['username']);
- $mypassword = mysqli_real_escape_string($db,$_POST['password']);
- $sql = "SELECT * FROM Student_Record WHERE username = '$myusername' and password = '$mypassword'";
- $result = mysqli_query($db,$sql);
- $row = mysqli_fetch_array($result,MYSQLI_ASSOC);
- $count = mysqli_num_rows($result);
- // If result matched $myusername and $mypassword, table row must be 1 row
- if($count == 1) {
- session_register("myusername");
- $_SESSION['login_user'] = $myusername;
- header("location: welcome.php");
- }else {
- $error = "Your Login Name or Password is invalid";
- }
- }
- ?>
- <html>
- <head>
- <title>Login Page</title>
- <style type = "text/css">
- body {
- font-family:Arial, Helvetica, sans-serif;
- font-size:14px;
- }
- label {
- font-weight:bold;
- width:100px;
- font-size:14px;
- }
- .box {
- border:#666666 solid 1px;
- }
- </style>
- </head>
- <body bgcolor = "#FFFFFF">
- <div align = "center">
- <div style = "width:300px; border: solid 1px #333333; " align = "left">
- <div style = "background-color:#333333; color:#FFFFFF; padding:3px;"><b>Login</b></div>
- <div style = "margin:30px">
- <form action = "" method = "post">
- <label>Username:</label><input type = "text" name = "username" class = "box"/><br /><br />
- <label>Password:</label><input type = "password" name = "password" class = "box" /><br/><br />
- <input type = "submit" value = "Submit"/><br />
- </form>
- <div style = "font-size:11px; color:#cc0000; margin-top:10px"><?php echo $error; ?></div>
- </div>
- </div>
- </div>
- </body>
- </html>
- function validate() {
- var studentid = document.getElementById("studentid").value;
- var name = document.getElementById("name").value;
- var email = document.getElementById("email").value;
- if (nameEmpty(name)) {
- if (studentidEmpty(studentid)) {
- if (emailEmpty(email)) {
- if (digitCheck(studentid)) {
- if (checkEmail(email)) {
- return verify(name, studentid);
- }
- }
- }
- }
- }
- return false;
- }
- function studentidEmpty(studentid) {
- if (studentid == "") {
- alert("Please provide your student id!");
- document.getElementById("studentid").focus();
- return false;
- } else {
- return true;
- }
- }
- <-- studentform.js -->
- function nameEmpty(name) {
- if (name == "") {
- alert("Please provide your name!");
- document.getElementById("name").focus();
- return false;
- } else {
- return true;
- }
- }
- function emailEmpty(email) {
- if (email == "") {
- alert("Please provide your email!");
- document.getElementById("email").focus();
- return false;
- } else {
- return true;
- }
- }
- function digitCheck(studentid) {
- var ok = studentid.search(".{8,}");
- if (ok != 0) {
- alert("Please provide ID with 8 digits.");
- return false;
- } else {
- return true;
- }
- }
- function checkEmail(email) {
- var filter = /^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;
- if (!filter.test(email)) {
- alert('Please provide a valid email address');
- email.focus;
- return false;
- } else {
- return true;
- }
- }
- <-- welcome.php -->
- <?php
- include('session.php');
- ?>
- <html lang="en">
- <head>
- <meta charset="utf-8">
- <title>Student Login Form</title>
- <link rel='stylesheet' href='studentform.css' type='text/css'/>
- <script src="studentform.js"></script>
- </head>
- <body>
- <h1>Student Login</h1>
- <div class="container">
- <form name="form" onsubmit="return validate();" action="javascript:void(0)">
- <label for="name">Name:</label>
- <input type="text" name="name" size="50" id="name" required />
- <label for="studentid">Student ID:</label>
- <input type="number" name="studentid" maxlength="8" id="studentid" required />
- <label for="email">Email:</label>
- <input type="email" name="email" size="50" id="email" required />
- <label for="emailconfirm">Email Confirmation:</label>
- <input type="checkbox" name="emailconfirm" checked /><span>Send an email confirmation</span>
- <label for="course">Course (if you want to select Student Registration):</label>
- <input type="text" name="course" size="50" id="course"/>
- <label for="change">Type Add or Drop (if you want to select Student Registration):</label>
- <input type="text" name="change" size="50" id="change"/>
- <select name="Options">
- <option value="Register">Student Registration</option>
- <option value="Transcript">Transcript</option>
- </select>
- <input type="submit" name="submit" value="Submit" />
- </form>
- </div>
- </body>
- </html>
- <-- session.php -->
- <?php
- include('config.php');
- session_start();
- $user_check = $_SESSION['login_user'];
- $ses_sql = mysqli_query($db,"SELECT username from Student_Record where username = '$user_check'");
- $row = mysqli_fetch_array($ses_sql,MYSQLI_ASSOC);
- $login_session = $row['username'];
- if(!isset($_SESSION['login_user'])){
- header("location:login.php");
- }
- if(isset($_POST['form']))
- {
- $Options = $_POST['Options'];
- }
- switch($Options)
- {
- case "Transcipt":{
- $name = $_POST['name'];
- $sql = "SELECT * from Student_Record where fullname = '$name'";
- //echo $sql;
- $result=$db->query($sql);
- if ($result->num_rows > 0) {
- $query = "SELECT * from Student_Record where fullname = '$name'"; //You don't need a ; like you do in SQL
- //$result1 = mysqli_query($conn,$query);
- $result1=$conn->query($query);
- echo "<br><br><table>"; // start a table tag in the HTML
- while($row = $result1->fetch_assoc()){ //Creates a loop to loop through results
- echo "<tr><td>" . $row['fullname'] . "</td><td>" . $row['Student_ID'] . "</td><td>" . $row['email'] . "</td><td>" . $row['courses'] . "</td><td>" . $row['grades'] . "</td></tr>"; //$row['index'] the index here is a field name
- }
- echo "</table>"; //Close the table in HTML
- }
- else{
- echo "not found";
- }
- }
- case "Register":
- {
- $selection = $_POST['change'];
- $course = $_POST['course'];
- $name = $_POST['name'];
- $sql = "SELECT courses from Student_Record where fullname = '$name'";
- $result = $db->query($sql);
- if($selection="Add"){
- $newcourses = $result + $course
- $sql = "UPDATE MyGuests SET courses='$newcourses' WHERE fullname='$name'";
- if (mysqli_query($conn, $sql)) {
- echo "Record updated successfully";
- } else {
- echo "Error updating record: " . mysqli_error($conn);
- }
- }
- if($selection="Drop"){
- $newcourses = str_replace($course,"",$result);
- $sql = "UPDATE Student_Record SET courses='$newcourses' WHERE fullname='$name'";
- if (mysqli_query($conn, $sql)) {
- echo "Record updated successfully";
- } else {
- echo "Error updating record: " . mysqli_error($conn);
- }
- }
- if ($result->num_rows > 0) {
- $query = "SELECT * from Student_Record where fullname = '$name'"; //You don't need a ; like you do in SQL
- //$result1 = mysqli_query($conn,$query);
- $result1=$conn->query($query);
- echo "<br><br><table>"; // start a table tag in the HTML
- while($row = $result1->fetch_assoc()){ //Creates a loop to loop through results
- echo "<tr><td>" . $row['fullname'] . "</td><td>" . $row['Student_ID'] . "</td><td>" . $row['email'] . "</td><td>" . $row['courses'] . "</td><td>" . $row['grades'] . "</td></tr>"; //$row['index'] the index here is a field name
- }
- echo "</table>"; //Close the table in HTML
- }
- else{
- echo "not found";
- }
- break;
- }
- default: {
- echo("Error!");
- exit();
- break;
- }
- }
- $checkQuery = "SELECT * from Student_Record WHERE username='$_POST[fullname]'";
- $userCheck = mysqli_query($db, $checkQuery);
- if(!$userCheck){
- echo "Invalid name";
- return false;
- }
- $checkQuery = "SELECT * from Student_Record WHERE Student_ID='$_POST[studentid]'";
- $userCheck = mysqli_query($db, $checkQuery);
- if(!$userCheck){
- echo "Invalid Student ID";
- return false;
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement