Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!DOCTYPE html>
- <!-- This is a html file for logging in to the virtual adviser -->
- <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
- <head>
- <meta charset="UTF-8">
- <title> Pet Tracker Login</title>
- <link rel="stylesheet" type="text/css" media='screen' href="css/login.screen.css">
- </head>
- <body>
- <!-- The div that displays the login form-->
- <div class="login">
- <h1><strong>Welcome to the Pet Tracker System</strong></h1>
- <form action="validateLogin.php" method="POST">
- <fieldset>
- <label for="user">Username</label>
- <p><input type="text" required id = "user" name = "Username" value=""></p>
- <label for="pass">Password</label>
- <p><input type="password" required id = "pass" name = "Password" value=""></p>
- <!-- <p><a href="#">Forgot Password?</a></p> -->
- <p><input type="submit" value="Login"></p>
- </fieldset>
- </form>
- <!-- include the logo with green background -->
- <img src="images/threeDeePawPrint.png" alt="paw Logo" style="width:194px;height:97px" class = "center">
- </div>
- </body>
- </html>
- <?php
- // start the session for this page and create the array to hold error messages
- session_start();
- $errmsg_arr = array();
- $errflag = false;
- $username = 'root';
- $password = '';
- $url = 'localhost';
- $database = 'pet_tracker';
- /* Note that above variables are using single quote for string. When they
- get replaced in the connection statement below, single quotes within
- single quotes will fail, therefore, the string argument in $conn= statement
- must be double quotes
- */
- try
- {
- $conn = new PDO("mysql:host=$url; dbname=$database",$username,$password); //create PDO object (PHP Data Objects = PDO)
- $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); /*set the attribute that controls the error mode once the database
- has been connected to, so that it throws exceptions (PDO switches to
- "silent failure" mode after establishing a successful connection) */
- $conn->exec('SET NAMES "utf8"'); /* PDO has a method exec that runs SQL scripts. Configure the character
- encoding to UTF-8 for special characters like smart quotes */
- }
- catch (PDOException $e)
- {
- echo $e;
- $output = 'Unable to connect to the database server.'. //the '.' is the concatenation operator for a string
- $e->getMessage(); //the '->' is the equivalent of the dot operator in Java
- include 'error.html.php';
- exit();
- }
- //get the username and password posted from the login page (index.php)
- if(isset($_POST['user'])) echo 'index user has value'.$_POST['user'];
- if(isset($_POST['pass'])) echo 'index user has value'.$_POST['pass'];
- $user = $_POST['user'];
- $pass = $_POST['pass'];
- //query the database for the posted data from form
- $result = $conn->prepare("SELECT * FROM client WHERE username= :un AND password= :pw");
- $result->bindParam(':un', $user);
- $result->bindParam(':pw', $pass);
- $result->execute();
- $rows = $result->fetch(PDO::FETCH_NUM);
- if($rows > 0)
- {
- $result = $conn->prepare("SELECT * FROM client WHERE username = :un"); //PDO can only handle a row of data at a time?? Cannot select first_name from students, etc.??
- $result->bindParam(':un',$user);
- $result->execute();
- $name = $result->fetchColumn(1);
- $_SESSION['name'] = $name;
- $_SESSION['user'] = $user; //the next page employee.php will need the username to get information from the database
- header("location: employee.php");
- }
- else{
- $errmsg_arr[] = 'Username and Password are not found';
- $errflag = true;
- }
- if($errflag) {
- $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
- session_write_close();
- header("location: index.php");
- exit();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement