Almost finished login/register page
This commit is contained in:
Joey Lai
@@ -2,6 +2,8 @@
|
||||
<html>
|
||||
<?php
|
||||
include("../views/login_head.php");
|
||||
include_once("../queries/connect.php");
|
||||
include_once("../queries/login.php");
|
||||
?>
|
||||
<body>
|
||||
<?php
|
||||
@@ -11,7 +13,6 @@ include("../views/login_head.php");
|
||||
$uname = $psw ="";
|
||||
$loginErr ="";
|
||||
|
||||
|
||||
// Trying to login
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
// Empty username or password field
|
||||
@@ -22,47 +23,19 @@ include("../views/login_head.php");
|
||||
else {
|
||||
$uname=$_POST["uname"];
|
||||
$psw=$_POST["psw"];
|
||||
|
||||
// Protection against MySQL injections
|
||||
$uname = stripslashes($uname);
|
||||
$psw = stripslashes($psw);
|
||||
$uname = mysql_real_escape_string($uname);
|
||||
$psw = mysql_real_escape_string($psw);
|
||||
|
||||
// Database information
|
||||
$servername = "agile136.science.uva.nl";
|
||||
$username = "mhbp";
|
||||
$password = "qdtboXhCHJyL2szC";
|
||||
|
||||
// Creates connection
|
||||
$conn = new mysqli($servername, $username, $password);
|
||||
|
||||
// Selects database
|
||||
$db = mysql_select_db("company", $connection);
|
||||
|
||||
// Query for listing all accounts that meets the requirement of the login information
|
||||
$query = mysql_query("select * from login where password='$psw' AND username='$uname'", $connection);
|
||||
|
||||
// Checks if there's an account
|
||||
$count = mysql_num_rows($query);
|
||||
$hash=hashPassword()["password"];
|
||||
|
||||
// If there's an account, go to the profile page
|
||||
if($count == 1) {
|
||||
$_SESSION[$uname] = $uname;
|
||||
$_SESSION[$userID] = $userID;
|
||||
if(password_verify($psw, $hash)) {
|
||||
|
||||
header("location: myhyvesbookplus.nl/profile.php");
|
||||
} else {
|
||||
$loginErr = "Inloggegevens zijn niet correct";
|
||||
}
|
||||
|
||||
// Closing Connection
|
||||
mysql_close($connection);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
/* This view adds login view */
|
||||
include("../views/login-view.php");
|
||||
?>
|
||||
|
||||
@@ -3,6 +3,7 @@
|
||||
<?php
|
||||
include("../views/login_head.php");
|
||||
include_once("../queries/connect.php");
|
||||
include_once("../queries/register.php");
|
||||
|
||||
?>
|
||||
<body>
|
||||
@@ -10,8 +11,8 @@
|
||||
session_start();
|
||||
|
||||
// define variables and set to empty values
|
||||
$name = $surname = $bday = $username = $password = $confirmpassword = $streetname = $housenumber = $email = "";
|
||||
$genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $streetnameErr = $housenumberErr = $emailErr = "";
|
||||
$name = $surname = $bday = $username = $password = $confirmpassword = $location = $housenumber = $email = "";
|
||||
$genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $locationErr = $housenumberErr = $emailErr = "";
|
||||
$correct = true;
|
||||
|
||||
// Saves information of filling in the form
|
||||
@@ -35,8 +36,8 @@
|
||||
$password = $_POST["password"];
|
||||
}
|
||||
|
||||
if (isset($_POST["streetname"])) {
|
||||
$streetname = $_POST["streetname"];
|
||||
if (isset($_POST["location"])) {
|
||||
$location = $_POST["location"];
|
||||
}
|
||||
|
||||
if (isset($_POST["housenumber"])) {
|
||||
@@ -87,6 +88,10 @@
|
||||
$usernameErr = "Gebruikersnaam moet minstens 6 karakters bevatten";
|
||||
$correct = false;
|
||||
|
||||
} else if (getExistingUser() == 1 ){
|
||||
$usernameErr = "Gebruikersnaam bestaat al";
|
||||
$correct = false;
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
@@ -114,24 +119,18 @@
|
||||
|
||||
}
|
||||
|
||||
if (empty($_POST["streetname"])) {
|
||||
$streetnameErr = "Straatnaam is verplicht!";
|
||||
if (empty($_POST["location"])) {
|
||||
$locationErr = "Straatnaam is verplicht!";
|
||||
$correct = false;
|
||||
|
||||
} else {
|
||||
if (!preg_match("/^[a-zA-Z ]*$/",$streetname)) {
|
||||
$streetnameErr = "Alleen letters en spaties zijn toegestaan!";
|
||||
if (!preg_match("/^[a-zA-Z ]*$/",$location)) {
|
||||
$locationErr = "Alleen letters en spaties zijn toegestaan!";
|
||||
$correct = false;
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
if (empty($_POST["housenumber"])) {
|
||||
$housenumberErr = "Huisnummer is verplicht!";
|
||||
$correct = false;
|
||||
|
||||
}
|
||||
|
||||
if (empty($_POST["email"])) {
|
||||
$emailErr = "Email is verplicht!";
|
||||
$correct = false;
|
||||
@@ -140,6 +139,11 @@
|
||||
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
||||
$emailErr = "Geldige email invullen!";
|
||||
$correct = false;
|
||||
|
||||
} else if (getExistingEmail() == 1){
|
||||
$emailErr = "Email bestaat al";
|
||||
$correct = false;
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
@@ -148,48 +152,9 @@
|
||||
$genericErr = "Bepaalde velden zijn verkeerd of niet ingevuld!";
|
||||
|
||||
} else {
|
||||
$servername = "agile136.science.uva.nl";
|
||||
$username = "mhbp";
|
||||
$password = "qdtboXhCHJyL2szC";
|
||||
registerAccount();
|
||||
// header("location: login.php");
|
||||
|
||||
// Creates connection
|
||||
$conn = new mysqli($servername, $username, $password);
|
||||
|
||||
// Checks connection
|
||||
if ($conn->connect_error) {
|
||||
die("Connection failed: " . $conn->connect_error);
|
||||
}
|
||||
|
||||
// Query for inserting all the data in the database
|
||||
$sql = "INSERT INTO
|
||||
VALUES ($name, $surname, $bday, $username, $password,
|
||||
$confirmpassword, $streetname, $housenumber, $email)";
|
||||
|
||||
// Checks if able to insert into database
|
||||
if (mysqli_query($conn, $sql)) {
|
||||
echo "New record created successfully";
|
||||
} else {
|
||||
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
|
||||
}
|
||||
|
||||
|
||||
|
||||
<?php
|
||||
/* Execute a prepared statement by binding PHP variables */
|
||||
$calories = 150;
|
||||
$colour = 'red';
|
||||
$sth = $dbh->prepare('SELECT name, colour, calories
|
||||
FROM fruit
|
||||
WHERE calories < :calories AND colour = :colour');
|
||||
$sth->bindParam(':calories', $calories, PDO::PARAM_INT);
|
||||
$sth->bindParam(':colour', $colour, PDO::PARAM_STR, 12);
|
||||
$sth->execute();
|
||||
?>
|
||||
|
||||
|
||||
|
||||
// Closing connection
|
||||
mysql_close($connection);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -59,8 +59,9 @@ div[data-title]:hover:after{
|
||||
body {
|
||||
height: 900px;
|
||||
|
||||
background-image: url(https://images2.pixlis.com/background-image-plaid-checkered-seamless-tileable-235ftm.png);
|
||||
background-image: url(https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTEnqKdVtLbxjKuNsCSCxFRhTOpp3Gm0gsU8bMgA_MeUYyzrUFy);
|
||||
background-size: contain;
|
||||
background-repeat: repeat-x;
|
||||
background-attachment: fixed;
|
||||
|
||||
/*background-color: #B78996;*/
|
||||
|
||||
18
website/queries/login.php
Normal file
18
website/queries/login.php
Normal file
@@ -0,0 +1,18 @@
|
||||
<?php
|
||||
|
||||
function hashPassword() {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
SELECT
|
||||
`password`
|
||||
FROM
|
||||
`user`
|
||||
WHERE
|
||||
`username` = :username
|
||||
");
|
||||
|
||||
$stmt->bindParam(":username", $_POST["uname"]);
|
||||
$stmt->execute();
|
||||
return $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
}
|
||||
|
||||
?>
|
||||
57
website/queries/register.php
Normal file
57
website/queries/register.php
Normal file
@@ -0,0 +1,57 @@
|
||||
<?php
|
||||
|
||||
function getExistingUser() {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
SELECT * FROM `user` WHERE `username` = :username
|
||||
");
|
||||
|
||||
$stmt->bindParam(":username", $_POST["username"]);
|
||||
$stmt->execute();
|
||||
return $stmt->rowCount();
|
||||
|
||||
}
|
||||
|
||||
function getExistingEmail() {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
SELECT * FROM `user` WHERE `email` = :email
|
||||
");
|
||||
|
||||
$stmt->bindParam(":email", $_POST["email"]);
|
||||
$stmt->execute();
|
||||
return $stmt->rowCount();
|
||||
}
|
||||
|
||||
function registerAccount() {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
INSERT INTO
|
||||
`user`(fname,
|
||||
lname,
|
||||
birthdate,
|
||||
username,
|
||||
password,
|
||||
location,
|
||||
email)
|
||||
VALUES(
|
||||
:fname,
|
||||
:lname,
|
||||
:bday,
|
||||
:username,
|
||||
:password,
|
||||
:location,
|
||||
:email
|
||||
)");
|
||||
|
||||
$hash=password_hash($_POST["password"], PASSWORD_DEFAULT);
|
||||
|
||||
$stmt->bindParam(":fname", $_POST["name"]);
|
||||
$stmt->bindParam(":lname", $_POST["surname"]);
|
||||
$stmt->bindParam(":bday", $_POST["bday"]);
|
||||
$stmt->bindParam(":username", $_POST["username"]);
|
||||
$stmt->bindParam(":password", $hash);
|
||||
$stmt->bindParam(":location", $_POST["location"]);
|
||||
$stmt->bindParam(":email", $_POST["email"]);
|
||||
|
||||
print("execute".$stmt->execute());
|
||||
print("count".$stmt->rowCount());
|
||||
}
|
||||
?>
|
||||
@@ -94,28 +94,16 @@
|
||||
<span class="error">* <?php echo $confirmpasswordErr;?></span>
|
||||
</div>
|
||||
|
||||
<!-- Register streetname -->
|
||||
<!-- Register location -->
|
||||
<div class="login_containerregister">
|
||||
<label><b>Straatnaam</b></label>
|
||||
<label><b>Woonplaats</b></label>
|
||||
<input type="text"
|
||||
placeholder="Voer uw straatnaam in"
|
||||
name="streetname"
|
||||
value="<?php echo $streetname ?>"
|
||||
placeholder="Voer uw woonplaats in"
|
||||
name="location"
|
||||
value="<?php echo $location ?>"
|
||||
pattern="[A-Za-z]{1,}"
|
||||
title="Mag alleen letters bevatten">
|
||||
<span class="error">* <?php echo $streetnameErr;?></span>
|
||||
</div>
|
||||
|
||||
<!-- Register housenumber -->
|
||||
<div class="login_containerregister">
|
||||
<label><b>Huisnummer</b></label>
|
||||
<input type="text"
|
||||
placeholder="Voer uw straatnummer in"
|
||||
name="housenumber"
|
||||
value="<?php echo $housenumber ?>"
|
||||
pattern="[1-9][0-9]{0,}"
|
||||
title="Mag alleen nummers bevatten">
|
||||
<span class="error">* <?php echo $housenumberErr;?></span>
|
||||
<span class="error">* <?php echo $locationErr;?></span>
|
||||
</div>
|
||||
|
||||
<!-- Register email -->
|
||||
|
||||
Reference in New Issue
Block a user