Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- THE INDEX
- <?php
- //Create Session
- session_start();
- //header
- include('./includes/header.html');
- //If a user name is entered display login mesage
- if (isset($_SESSION['first_name'])) {
- echo "You currently logged in as {$_SESSION['first_name']}. Welcome to our website!";
- }
- FOOTER
- //header
- include('./includes/footer.html');
- ?>
- <!-- Script 3.3 - footer.html -->
- <!-- End of the page-specific content. --></div>
- <div id="footer">
- <p>Copyright © <a href="#">Plain and Simple</a> 2007 | Designed by <a href="http://www.edg3.co.uk/">edg3.co.uk</a> | Sponsored by <a href="http://www.opendesigns.org/">Open Designs</a> | Valid <a href="http://jigsaw.w3.org/css-validator/">CSS</a> & <a href="http://validator.w3.org/">XHTML</a></p>
- </div>
- </body>
- </html>
- HEADER
- <?php session_start(); ?>
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head">
- <title><?php echo $page_title; ?></title>
- <link rel="stylesheet" href="includes/style.css" type="text/css" media="screen" />
- <meta http-equiv="content-type" content="text/html; charset=utf-8" />
- </head>
- <body>
- <div id="header">
- <h1>Your Website</h1>
- <h2>catchy slogan...</h2>
- </div>
- <div id="navigation">
- <ul>
- <li><a href="index.php">Home Page</a></li>
- <li><a href="register.php">Register</a></li>
- <li><a href="view_users.php">View Users</a></li>
- <li><a href="password.php">Change Password</a></li>
- <li><?php // Create a login/logout link:
- if ( (isset($_SESSION['user_id'])) && (basename($_SERVER['PHP_SELF']) != 'logout.php') ) {
- echo '<a href="logout.php">Logout</a>';
- } else {
- echo '<a href="login.php">Login</a>';
- }
- ?></li>
- </ul>
- </div>
- <div id="content"><!-- Start of the page-specific content. -->
- <!-- Script 12.7 - header.html -->
- HERE BE THE QUERIES ---- HOW MANY TABLES? LOOKS LIKE JUST USERS am I missing a column?
- POST TEST
- <?php
- session_start(); // Start the session.
- if (isset($_SESSION['user_id'])) {
- echo 'You are logged in and can post on this page!
- <br />
- <form>
- <textarea name="comment" cols="40" rows="5">
- </textarea>
- <br /><br />
- <input type="submit" name="submit" value="Submit" />
- </form>';
- } else {
- header('Location: http://dwlehman.uwmsois.com/assignment10/login.php');
- }
- ?>
- REGISTER
- <?php # Script 9.5 - register.php #2
- // This script performs an INSERT query to add a record to the users table.
- $page_title = 'Register';
- include ('includes/header.html');
- // Check for form submission:
- if ($_SERVER['REQUEST_METHOD'] == 'POST') {
- require ('./includes/mysqli_connect.php'); // Connect to the db.
- $errors = array(); // Initialize an error array.
- // Check for a first name:
- if (empty($_POST['first_name'])) {
- $errors[] = 'You forgot to enter your first name.';
- } else {
- $fn = mysqli_real_escape_string($dbc, trim($_POST['first_name']));
- }
- // Check for a last name:
- if (empty($_POST['last_name'])) {
- $errors[] = 'You forgot to enter your last name.';
- } else {
- $ln = mysqli_real_escape_string($dbc, trim($_POST['last_name']));
- }
- // Check for an email address:
- if (empty($_POST['email'])) {
- $errors[] = 'You forgot to enter your email address.';
- } else {
- $e = mysqli_real_escape_string($dbc, trim($_POST['email']));
- }
- // Check for a password and match against the confirmed password:
- if (!empty($_POST['pass1'])) {
- if ($_POST['pass1'] != $_POST['pass2']) {
- $errors[] = 'Your password did not match the confirmed password.';
- } else {
- $p = mysqli_real_escape_string($dbc, trim($_POST['pass1']));
- }
- } else {
- $errors[] = 'You forgot to enter your password.';
- }
- if (empty($errors)) { // If everything's OK.
- // Register the user in the database...
- // Make the query:
- $q = "INSERT INTO users (first_name, last_name, email, pass, registration_date) VALUES ('$fn', '$ln', '$e', SHA1('$p'), NOW() )";
- $r = @mysqli_query ($dbc, $q); // Run the query.
- if ($r) { // If it ran OK.
- // Print a message:
- echo '<h1>Thank you!</h1>
- <p>You are now registered. In Chapter 12 you will actually be able to log in!</p><p><br /></p>';
- } else { // If it did not run OK.
- // Public message:
- echo '<h1>System Error</h1>
- <p class="error">You could not be registered due to a system error. We apologize for any inconvenience.</p>';
- // Debugging message:
- echo '<p>' . mysqli_error($dbc) . '<br /><br />Query: ' . $q . '</p>';
- } // End of if ($r) IF.
- mysqli_close($dbc); // Close the database connection.
- // Include the footer and quit the script:
- include ('includes/footer.html');
- exit();
- } else { // Report the errors.
- echo '<h1>Error!</h1>
- <p class="error">The following error(s) occurred:<br />';
- foreach ($errors as $msg) { // Print each error.
- echo " - $msg<br />\n";
- }
- echo '</p><p>Please try again.</p><p><br /></p>';
- } // End of if (empty($errors)) IF.
- mysqli_close($dbc); // Close the database connection.
- } // End of the main Submit conditional.
- ?>
- <h1>Register</h1>
- <form action="register.php" method="post">
- <p>First Name: <input type="text" name="first_name" size="15" maxlength="20" value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>" /></p>
- <p>Last Name: <input type="text" name="last_name" size="15" maxlength="40" value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>" /></p>
- <p>Email Address: <input type="text" name="email" size="20" maxlength="60" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" /> </p>
- <p>Password: <input type="password" name="pass1" size="10" maxlength="20" value="<?php if (isset($_POST['pass1'])) echo $_POST['pass1']; ?>" /></p>
- <p>Confirm Password: <input type="password" name="pass2" size="10" maxlength="20" value="<?php if (isset($_POST['pass2'])) echo $_POST['pass2']; ?>" /></p>
- <p><input type="submit" name="submit" value="Register" /></p>
- </form>
- <?php include ('includes/footer.html'); ?>
- LOGIN
- ?php # Script 12.12 - login.php #4
- // This page processes the login form submission.
- // The script now stores the HTTP_USER_AGENT value for added security.
- // Check if the form has been submitted:
- if ($_SERVER['REQUEST_METHOD'] == 'POST') {
- // Need two helper files:
- require ('includes/login_functions.inc.php');
- require ('./includes/mysqli_connect.php');
- // Check the login:
- list ($check, $data) = check_login($dbc, $_POST['email'], $_POST['pass']);
- if ($check) { // OK!
- // Set the session data:
- session_start();
- $_SESSION['user_id'] = $data['user_id'];
- $_SESSION['first_name'] = $data['first_name'];
- // Store the HTTP_USER_AGENT:
- $_SESSION['agent'] = md5($_SERVER['HTTP_USER_AGENT']);
- // Redirect:
- redirect_user('loggedin.php');
- } else { // Unsuccessful!
- // Assign $data to $errors for login_page.inc.php:
- $errors = $data;
- }
- mysqli_close($dbc); // Close the database connection.
- } // End of the main submit conditional.
- // Create the page:
- include ('includes/login_page.inc.php');
- ?>
- LOGOUT
- <?php # Script 12.11 - logout.php #2
- // This page lets the user logout.
- // This version uses sessions.
- session_start(); // Access the existing session.
- // If no session variable exists, redirect the user:
- if (!isset($_SESSION['user_id'])) {
- // Need the functions:
- require ('includes/login_functions.inc.php');
- redirect_user();
- } else { // Cancel the session:
- $_SESSION = array(); // Clear the variables.
- session_destroy(); // Destroy the session itself.
- setcookie ('PHPSESSID', '', time()-3600, '/', '', 0, 0); // Destroy the cookie.
- }
- // Set the page title and include the HTML header:
- $page_title = 'Logged Out!';
- include ('includes/header.html');
- // Print a customized message:
- echo "<h1>Logged Out!</h1>
- <p>You are now logged out!</p>";
- include ('includes/footer.html');
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement