<?php/* Database credentials. I am running MySQLserver with default setting (u

1. <?php
2. /* Database credentials. I am running MySQL
3. server with default setting (user 'root' with 'root' password) */
4. define('DB_SERVER', 'localhost');
5. define('DB_USERNAME', 'root');
6. define('DB_PASSWORD', 'root');
7. define('DB_NAME', 'LoginData');
8.  
9. /* Attempt to connect to MySQL database */
10. $mysqli = new mysqli(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME);
11.  
12. // Check connection
13. if($mysqli === false){
14. die("ERROR: Could not connect. " . $mysqli->connect_error);
15. }
16. ?>
17.  
18. <?php
19. // Include config file
20. require_once 'config.php';
21.  
22. // Define variables and initialize with empty values
23. $username = $password = $confirm_password = "";
24. $username_err = $password_err = $confirm_password_err = "";
25.  
26. // Processing form data when form is submitted
27. if($_SERVER["REQUEST_METHOD"] == "POST"){
28.  
29. // Validate username
30. if(empty(trim($_POST["username"]))){
31. $username_err = "Please enter a username.";
32. } else{
33. // Prepare a select statement
34. $sql = "SELECT id FROM users WHERE username = ?";
35.  
36. if($stmt = $mysqli->prepare($sql)){
37. // Bind variables to the prepared statement as parameters
38. $stmt->bind_param("s", $param_username);
39.  
40. // Set parameters
41. $param_username = trim($_POST["username"]);
42.  
43. // Attempt to execute the prepared statement
44. if($stmt->execute()){
45. // store result
46. $stmt->store_result();
47.  
48. if($stmt->num_rows == 1){
49. $username_err = "This username is already taken.";
50. } else{
51. $username = trim($_POST["username"]);
52. }
53. } else{
54. echo "Oops! Something went wrong. Please try again later.";
55. }
56. }
57.  
58. // Close statement
59. $stmt->close();
60. }
61.  
62. // Validate password
63. if(empty(trim($_POST['password']))){
64. $password_err = "Please enter a password.";
65. } elseif(strlen(trim($_POST['password'])) < 6){
66. $password_err = "Password must have atleast 6 characters.";
67. } else{
68. $password = trim($_POST['password']);
69. }
70.  
71. // Validate confirm password
72. if(empty(trim($_POST["confirm_password"]))){
73. $confirm_password_err = 'Please confirm password.';
74. } else{
75. $confirm_password = trim($_POST['confirm_password']);
76. if($password != $confirm_password){
77. $confirm_password_err = 'Password did not match.';
78. }
79. }
80.  
81. // Check input errors before inserting in database
82. if(empty($username_err) && empty($password_err) && empty($confirm_password_err)){
83.  
84. // Prepare an insert statement
85. $sql = "INSERT INTO users (username, password) VALUES (?, ?)";
86.  
87. if($stmt = $mysqli->prepare($sql)){
88. // Bind variables to the prepared statement as parameters
89. $stmt->bind_param("ss", $param_username, $param_password);
90.  
91. // Set parameters
92. $param_username = $username;
93. $param_password = password_hash($password, PASSWORD_DEFAULT); // Creates a password hash
94.  
95. // Attempt to execute the prepared statement
96. if($stmt->execute()){
97. // Redirect to login page
98. header("location: login.php");
99. } else{
100. echo "Something went wrong. Please try again later.";
101. }
102. }
103.  
104. // Close statement
105. $stmt->close();
106. }
107.  
108. // Close connection
109. $mysqli->close();
110. }
111. ?>
112.  
113. <!DOCTYPE html>
114. <html lang="en">
115. <head>
116. <meta charset="UTF-8">
117. <title>Sign Up</title>
118. <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.css">
119. <style type="text/css">
120. body{ font: 14px sans-serif; }
121. .wrapper{ width: 350px; padding: 20px; }
122. </style>
123. </head>
124. <body>
125. <div class="wrapper">
126. <h2>Sign Up</h2>
127. <p>Please fill this form to create an account.</p>
128. <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
129. <div class="form-group <?php echo (!empty($username_err)) ? 'has-error' : ''; ?>">
130. <label>Username</label>
131. <input type="text" name="username"class="form-control" value="<?php echo $username; ?>">
132. <span class="help-block"><?php echo $username_err; ?></span>
133. </div>
134. <div class="form-group <?php echo (!empty($password_err)) ? 'has-error' : ''; ?>">
135. <label>Password</label>
136. <input type="password" name="password" class="form-control" value="<?php echo $password; ?>">
137. <span class="help-block"><?php echo $password_err; ?></span>
138. </div>
139. <div class="form-group <?php echo (!empty($confirm_password_err)) ? 'has-error' : ''; ?>">
140. <label>Confirm Password</label>
141. <input type="password" name="confirm_password" class="form-control" value="<?php echo $confirm_password; ?>">
142. <span class="help-block"><?php echo $confirm_password_err; ?></span>
143. </div>
144. <div class="form-group">
145. <input type="submit" class="btn btn-primary" value="Submit">
146. <input type="reset" class="btn btn-default" value="Reset">
147. </div>
148. <p>Already have an account? <a href="login.php">Login here</a>.</p>
149. </form>
150. </div>
151. </body>
152. </html>
153.  
154. <?php
155. // Include config file
156. require_once 'config.php';
157.  
158. // Define variables and initialize with empty values
159. $username = $password = "";
160. $username_err = $password_err = "";
161.  
162. // Processing form data when form is submitted
163. if($_SERVER["REQUEST_METHOD"] == "POST"){
164.  
165. // Check if username is empty
166. if(empty(trim($_POST["username"]))){
167. $username_err = 'Please enter username.';
168. } else{
169. $username = trim($_POST["username"]);
170. }
171.  
172. // Check if password is empty
173. if(empty(trim($_POST['password']))){
174. $password_err = 'Please enter your password.';
175. } else{
176. $password = trim($_POST['password']);
177. }
178.  
179. // Validate credentials
180. if(empty($username_err) && empty($password_err)){
181. // Prepare a select statement
182. $sql = "SELECT username, password FROM users WHERE username = ?";
183.  
184. if($stmt = $mysqli->prepare($sql)){
185. // Bind variables to the prepared statement as parameters
186. $stmt->bind_param("s", $param_username);
187.  
188. // Set parameters
189. $param_username = $username;
190.  
191. // Attempt to execute the prepared statement
192. if($stmt->execute()){
193. // Store result
194. $stmt->store_result();
195.  
196. // Check if username exists, if yes then verify password
197. if($stmt->num_rows == 1){
198. // Bind result variables
199. $stmt->bind_result($username, $hashed_password);
200. if($stmt->fetch()){
201. if(password_verify($password, $hashed_password)){
202. /* Password is correct, so start a new session and
203. save the username to the session */
204. session_start();
205. $_SESSION['username'] = $username;
206. header("location: welcome.php");
207. } else{
208. // Display an error message if password is not valid
209. $password_err = 'The password you entered was not valid.';
210. }
211. }
212. } else{
213. // Display an error message if username doesn't exist
214. $username_err = 'No account found with that username.';
215. }
216. } else{
217. echo "Oops! Something went wrong. Please try again later.";
218. }
219. }
220.  
221. // Close statement
222. $stmt->close();
223. }
224.  
225. // Close connection
226. $mysqli->close();
227. }
228. ?>
229.  
230. <!DOCTYPE html>
231. <html lang="en">
232. <head>
233. <meta charset="UTF-8">
234. <title>Login</title>
235. <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.css">
236. <style type="text/css">
237. body{ font: 14px sans-serif; }
238. .wrapper{ width: 350px; padding: 20px; }
239. </style>
240. </head>
241. <body>
242. <div class="wrapper">
243. <h2>Login</h2>
244. <p>Please fill in your credentials to login.</p>
245. <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
246. <div class="form-group <?php echo (!empty($username_err)) ? 'has-error' : ''; ?>">
247. <label>Username</label>
248. <input type="text" name="username"class="form-control" value="<?php echo $username; ?>">
249. <span class="help-block"><?php echo $username_err; ?></span>
250. </div>
251. <div class="form-group <?php echo (!empty($password_err)) ? 'has-error' : ''; ?>">
252. <label>Password</label>
253. <input type="password" name="password" class="form-control">
254. <span class="help-block"><?php echo $password_err; ?></span>
255. </div>
256. <div class="form-group">
257. <input type="submit" class="btn btn-primary" value="Login">
258. </div>
259. <p>Don't have an account? <a href="register.php">Sign up now</a>.</p>
260. </form>
261. </div>
262. </body>
263. </html>
264.  
265. <?php
266. // Initialize the session
267. session_start();
268.  
269. // If session variable is not set it will redirect to login page
270. if(!isset($_SESSION['username']) || empty($_SESSION['username'])){
271. header("location: login.php");
272. exit;
273. }
274. ?>
275.  
276. <!DOCTYPE html>
277. <html lang="en">
278. <head>
279. <meta charset="UTF-8">
280. <title>Welcome</title>
281. <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.css">
282. <style type="text/css">
283. body{ font: 14px sans-serif; text-align: center; }
284. </style>
285. </head>
286. <body>
287. <div class="page-header">
288. <h1>Hi, <b><?php echo htmlspecialchars($_SESSION['username']); ?></b>. Welcome to our site.</h1>
289. </div>
290. <p><a href="logout.php" class="btn btn-danger">Sign Out of Your Account</a></p>
291. </body>
292. </html>
293.  
294. <?php
295. // Initialize the session
296. session_start();
297.  
298. // Unset all of the session variables
299. $_SESSION = array();
300.  
301. // Destroy the session.
302. session_destroy();
303.  
304. // Redirect to login page
305. header("location: login.php");
306. exit;
307. ?>
308.  
309. <IfModule php7_module>
310. AddHandler application/x-httpd-php .php
311. AddType application/x-httpd-php .php .html
312. PHPIniDir "C:PHP"
313. </IfModule>
314.  
315. ; Directory in which the loadable extensions (modules) reside.
316. ; http://php.net/extension-dir
317. ; extension_dir = "./"
318. ; On windows:
319. extension_dir = "ext"
320.  
321. ;extension=php_bz2.dll
322. ;extension=php_curl.dll
323. ;extension=php_fileinfo.dll
324. ;extension=php_ftp.dll
325. ;extension=php_gd2.dll
326. ;extension=php_gettext.dll
327. ;extension=php_gmp.dll
328. ;extension=php_intl.dll
329. ;extension=php_imap.dll
330. ;extension=php_interbase.dll
331. ;extension=php_ldap.dll
332. ;extension=php_mbstring.dll
333. ;extension=php_exif.dll ; Must be after mbstring as it depends on it
334. extension=C:/PHP/ext/php_mysqli.dll
335. ;extension=php_oci8_12c.dll ; Use with Oracle Database 12c Instant Client
336. ;extension=php_odbc.dll
337. ;extension=php_openssl.dll
338. ;extension=php_pdo_firebird.dll
339. extension=C:/PHP/ext/php_pdo_mysql.dll
340. ;extension=php_pdo_oci.dll
341. ;extension=php_pdo_odbc.dll
342. ;extension=php_pdo_pgsql.dll
343. ;extension=php_pdo_sqlite.dll
344. ;extension=php_pgsql.dll
345. ;extension=php_shmop.dll
346.  
347. Server API: Apache 2.0 Handler
348. Virtual Directory Support: enabled
349. Configuration File (php.ini) Path: C:Windows
350. Loaded Configuration File: C:PHPphp.ini
351. MysqlI Support: enabled
352. Client API library version: mysqlnd 5.0.12-dev - 20150407 - $Id: 38fea24f2847fa7519001be390c98ae0acafe387 $
353. PDO support: enabled