<?PHP$A = "localhost"; // Server Name$B = "root"; // MySQL Username$C =

1. <?PHP
2.  
3. $A = "localhost"; // Server Name
4. $B = "root"; // MySQL Username
5. $C = ""; // MySQL Password
6. $D = "college"; // Database
7.  
8. $Connect = new mysqli($A, $B, $C, $D);
9.  
10. if ($Connect->connect_error) {
11. die("Connection Failed<BR>");
12. }
13.  
14. echo "Connected<BR>";
15.  
16.  
17. $CookieName = "SignedIn";
18.  
19. if (isset($_COOKIE[$CookieName])) {
20. $CookieValue = $_COOKIE[$CookieName];
21. echo "Welcome, $CookieValue<BR>";
22. }
23.  
24. if (isset($_POST['SignIn'])) {
25. $Username = $_POST['Username'];
26. $Password = $_POST['Password'];
27. $PasswordHash = sha1($Password."OxgnNhUXvP");
28. $SQL = "SELECT * FROM Accounts WHERE Username=$Username' AND Password='$PasswordHash'";
29. $Result = mysqli_query($Connect, $SQL);
30. $Count = mysqli_num_rows($Result);
31. if ($Count == 1) {
32. $CookieValue = $Username;
33. setcookie($CookieName, $CookieValue, time() + (180), "/");
34. header("Location: index.php");
35. } else {
36. echo "Incorrect Username/Password";
37. }
38. } else if (isset($_POST['SignUp'])) {
39. $Username = $_POST['Username'];
40. $Password = $_POST['Password'];
41. $PasswordHash = sha1($Password."OxgnNhUXvP");
42. $SQL = "INSERT INTO Accounts (A_ID, Username, Password) VALUES ('', '$Username', '$PasswordHash')";
43. $Result = mysqli_query($Connect, $SQL);
44. } else if (isset($_POST['SignOut'])) {
45. setcookie("SignedIn", "val", time() - (180), "/");
46. header("Location: index.php");
47. }
48.  
49. if (isset($_POST['SendMessage'])) {
50. $GetAID = "SELECT A_ID FROM Accounts WHERE Username='$CookieValue'";
51. $ResultAID = $Connect->query($GetAID);
52. echo $ResultAID;
53. $Message = htmlspecialchars($_POST['Message']);
54. $MessageSQL = "INSERT INTO Messages (M_ID, Message) VALUES ('', '$Message')";
55.  
56. if ($Connect->query($MessageSQL) === TRUE) {
57. echo "Message Sent<BR/>";
58. } else {
59. echo "Error Sending Message<BR/>";
60. }
61. }
62.  
63. $SelectMessages = "SELECT * FROM Messages ORDER BY M_ID DESC LIMIT 10";
64. $ResultMessages = $Connect->query($SelectMessages);
65.  
66. if (mysqli_num_rows($ResultMessages) > 0) {
67. while ($Row = mysqli_fetch_assoc($ResultMessages)) {
68. echo 'M_ID: ' . $Row['M_ID'] . ' Message: ' . $Row['Message'] . 'A_ID: ' . $Row['A_ID'] . '<BR>';
69. }
70. }
71.  
72. ?>
73.  
74. <FORM ACTION="<?PHP $_SERVER['PHP_SELF'] ?>" METHOD="POST">
75. <INPUT TYPE="Text" NAME="Username">
76. <INPUT TYPE="Password" NAME="Password">
77. <INPUT TYPE="Submit" VALUE="Sign In" NAME="SignIn">
78. <INPUT TYPE="Submit" VALUE="Sign Up" NAME="SignUp">
79. <INPUT TYPE="Submit" VALUE="Sign Out" NAME="SignOut">
80. </FORM>
81.  
82. <FORM ACTION="<?PHP $_SERVER['PHP_SELF'] ?>" METHOD="POST">
83. <INPUT TYPE="Text" NAME="Message">
84. <INPUT TYPE="Submit" VALUE="Send Message" NAME="SendMessage">
85. </FORM>