Question

In: Computer Science

PHP Question: Subject: Managing Persistence. Objective: • Create a login script. • Strengthen passwords. • Authenticate...

PHP Question:

Subject: Managing Persistence.

Objective:

• Create a login script.
• Strengthen passwords.
• Authenticate users.
• Create sessions.
• Create cookies.
• Manage persistence.

Description:

All dynamic sites need a way to manage access to resources. Many dynamic sites use back-end databases that can contain sensitive information that needs to be securely managed. At the same time, sites want to be inviting to guests. Managing the access to sensitive information is a critical function.

Requirements:

Update site for member access management.

Add login buttons to all pages of the site for users that are not authenticated (not logged in). Add logout buttons to every page of the site for members that have been authenticated (logged in).

• Login button should direct the user to a login form.
• The password should have a pattern policy implementation.
• Passwords should be saved encrypted to the database.
• Logout button should direct the member to a logout script.
• Add a welcome message to all pages for guests and members.

Create a new page called login.php.

Add form fields to collect the following information from users wanting to register on the site.

• Username
• Password

Process the form submission.

• Check for empty fields.
• Check for valid email address.
• Sanitize (trim) the data.
• Check the data against the database for a match.
• Set session variables and cookies upon user authentication.
• Redirect the authenticated user to a member's landing page with a welcome message.

Solutions

Expert Solution

Note :1) In case any query please comment it , will revert back to you within 12 hours

Dont forget change the database username ,password and database name .

Also attached database description and databse password encrypted .

index.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Index Page</title>
</head>
<body> 
    <a href="login.php" > Login  </a>
    &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
    <a href="register.php" > Register  </a>
</body>
</html>

connection.php

<?php      
        $host = "localhost";  
        $user = "root";  
        $password = 'root';  
        $db_name = "demo";  
          
        $con = mysqli_connect($host, $user, $password, $db_name);  
        if(mysqli_connect_errno()) {  
            die("Failed to connect with MySQL: ". mysqli_connect_error());  
        }  
    ?>

login.php

<html>  
    <head>  
        <title>PHP login system</title>  
        <link rel = "stylesheet" type = "text/css" href = "style.css">  
        <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js"></script>
        <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css">     
    </head>  
    <body>  
        <div id = "frm">  
            
            <form name="f1" action = "authentication.php" onsubmit = "return validation()" method = "POST"  role="form">
                <legend>Login Form </legend>
            
                <div class="form-group" style="width: 250px;" >
                    <label for="">Username</label>
                    <input type="text" name="user" class="form-control" id="" placeholder="Input field">
                </div>
            
                <div class="form-group" style="width: 250px;" >
                    <label for="">Password</label>
                    <input type="password" name="pass"  class="form-control" id="" placeholder="Input field">
                </div>
                
            
                <button type="submit" class="btn btn-primary">Submit</button>
            </form>
            
        </div>  
        <script>  
                function validation()  
                {  
                    var id=document.f1.user.value;  
                    var ps=document.f1.pass.value;  
                    if(id.length=="" && ps.length=="") {  
                        alert("User Name and Password fields are empty");  
                        return false;  
                    }  
                    else  
                    {  
                        if(id.length=="") {  
                            alert("User Name is empty");  
                            return false;  
                        }   
                        if (ps.length=="") {  
                        alert("Password field is empty");  
                        return false;  
                        }  
                    }                             
                }  
            </script>  
    </body>     
    </html>

authentication.php

<?php      

        include('connection.php');  
        session_start();

        $username = $_POST['user'];  
        $password = md5($_POST['pass']);  
          
            //to prevent from mysqli injection  
            $username = stripcslashes($username);  
            $password = stripcslashes($password);  
            $username = mysqli_real_escape_string($con, $username);  
            $password = mysqli_real_escape_string($con, $password);  
          
            $sql = "select * from students where username = '$username' and password = '$password'";  
            $result = mysqli_query($con, $sql);  
            $row = mysqli_fetch_array($result, MYSQLI_ASSOC);  
            $count = mysqli_num_rows($result);  
              
            if($count == 1){         
                $_SESSION['name'] = $_POST['user'];
                header("location: welcome.php");
            }  
            else{  
                echo "<h1> Login failed. Invalid username or password.</h1>";
            }     
    ?>

register.php

<?php include('server.php') ?>
<!DOCTYPE html>
<html>
<head>
  <title>Registration</title>
  <link rel="stylesheet" type="text/css" href="style.css">
  <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js"></script>
  <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css">     
</head>
<body>
  <div class="header">
  </div>
 
  <form method="post" action="register.php">
        <div class="input-group">
          <label>Username</label>
          <input type="text" name="username" >
        </div>
        <div class="input-group">
          <label>Email</label>
          <input type="email" name="email" >
        </div>
        <div class="input-group">
          <label>Password</label>
          <input type="password" name="password_1">
        </div>
        <div class="input-group">
          <label>Confirm password</label>
          <input type="password" name="password_2">
        </div>
        <div class="input-group">
          <button type="submit" class="btn" name="reg_user">Register</button>
        </div>
        <p>
                Already a member? <a href="login.php">Sign in</a>
        </p>
  </form> 
  
</body>
</html>

server.php

<?php
session_start();
 
$db = mysqli_connect('localhost', 'root', 'root', 'demo');

if (isset($_POST['reg_user'])) {
  $username = mysqli_real_escape_string($db, $_POST['username']);
  $email = mysqli_real_escape_string($db, $_POST['email']);
  $password_1 = mysqli_real_escape_string($db, $_POST['password_1']);
  $password_2 = mysqli_real_escape_string($db, $_POST['password_2']);

  if (empty($username)) { array_push($errors, "Username is required"); }
  if (empty($email)) { array_push($errors, "Email is required"); }
  if (empty($password_1)) { array_push($errors, "Password is required"); }
  if ($password_1 != $password_2) {
        array_push($errors, "The two passwords do not match");
  }

  $user_check_query = "SELECT * FROM students WHERE username='$username' OR email='$email' LIMIT 1";
  $result = mysqli_query($db, $user_check_query);
  $user = mysqli_fetch_assoc($result);
  
  if ($user) { // if user exists
    if ($user['username'] === $username) {
      array_push($errors, "Username already exists");
    }

    if ($user['email'] === $email) {
      array_push($errors, "email already exists");
    }
  }

  if (count($errors) == 0) {
        $password = md5($password_1);//encrypt the password before saving in the database

        $query = "INSERT INTO students (email,username, password) 
                          VALUES('$email','$username', '$password')";
        mysqli_query($db, $query);
        $_SESSION['username'] = $username;
        $_SESSION['success'] = "You are now logged in";
        header('location: index.html');
  }
}

welcome.php

<?php
   include('connection.php');
   session_start();
   
?>

<html>
   
   <head>
      <title>Welcome </title>
   </head>
   
   <body>
    
   <h1>Welcome <?php  echo $_SESSION['name']; ?></h1> 
      
   <h2><a href = "logout.php">Sign Out</a></h2>
   </body>
   
</html>

logout.php

<?php
session_destroy();
header("location: index.html");
?>

output:

venereology answered 2 years ago
Next > < Previous

Related Solutions

PHP Question - Subject: PHP File Handling and Uploads INSTRUCTIONS: Objective: • Create a sticky HTML...
PHP Question - Subject: PHP File Handling and Uploads INSTRUCTIONS: Objective: • Create a sticky HTML form. • Submit form for processing. • Sanitize and validate form data. • Upload a profile image. • Add a record to a text file. • Display form results with content from another text file and the uploaded image. Description: This assignment deals with file management. It requires the use of 3 new files and 1 new directory. You will create the new file-uploads.php...
PHP Question - Subject: PHP File Handling and Uploads INSTRUCTIONS: Objective: • Create a sticky HTML...
PHP Question - Subject: PHP File Handling and Uploads INSTRUCTIONS: Objective: • Create a sticky HTML form. • Submit form for processing. • Sanitize and validate form data. • Upload a profile image. • Add a record to a text file. • Display form results with content from another text file and the uploaded image. Description: This assignment deals with file management. It requires the use of 3 new files and 1 new directory. You will create the new file-uploads.php...
PHP Question: Subject: Functions and Arrays. INSTRUCTIONS: Objective: • Write functions. • Use server-side includes. •...
PHP Question: Subject: Functions and Arrays. INSTRUCTIONS: Objective: • Write functions. • Use server-side includes. • Create and utilize a numeric array. • Create and utilize an associative array. Requirements: Create a script file called functions.php, where you will be adding functions. priceCalc() function: • 2 parameters: price and quantity. • Create a numeric array of discounts with the following values: 0,0,.05,.1,.2,.25. • Get the discount percent from the array using the quantity as the index. If the quantity is...
PHP    1. Create a new PHP document (nit Objective 1)    2. Write a comment...
PHP    1. Create a new PHP document (nit Objective 1)    2. Write a comment similar to the following: "This is my first PHP document, which displays some data in the web browser"(Unit Objective 1)    3. Assign your name as a string value into the variable labeled myName (Unit Objective 2)    4. Assign 53870 numeric value into the variable named randomNumber (Unit Objective 2) 5. ssign the name of the web browser and operating system of the...
Create a new PHP document (Unit Objective 1) Write a comment similar to the following: "This...
Create a new PHP document (Unit Objective 1) Write a comment similar to the following: "This is my first PHP document, which displays some data in the web browser"(Unit Objective 1) Assign your name as a string value into the variable labeled myName (Unit Objective 2) Assign 53870 numeric value into the variable named randomNumber (Unit Objective 2) Assign the name of the web browser and operating system of the user accessing the file into the variable named userAgent (Unit...
Create a new PHP document (Unit Objective 1) Write a comment similar to the following: "This...
Create a new PHP document (Unit Objective 1) Write a comment similar to the following: "This is my first PHP document, which displays some data in the web browser"(Unit Objective 1) Assign your name as a string value into the variable labeled myName (Unit Objective 2) Assign 53870 numeric value into the variable named randomNumber (Unit Objective 2) Assign the name of the web browser and operating system of the user accessing the file into the variable named userAgent (Unit...
Q 3 b) In this question you must write a php script to take Name[input =...
Q 3 b) In this question you must write a php script to take Name[input = text], Country[input = select, card_number[input = number], and type of card[input = radio button]to get user's input. The name of this file will be payment.php. Once the user submits the form; you must direct all the information to cust_info.html. The task is to keep a record in the cust_info.html of all the users who fill the forms and hit submit. the output must populate...
Hi please answer the question based on Subject(Introduction to management) TOPIC 10: MANAGING WORK IN A...
Hi please answer the question based on Subject(Introduction to management) TOPIC 10: MANAGING WORK IN A GLOBAL SOCIETY Lecture + Robbins Ch. 2, 5 Argue why it is important for managers to pay attention to demographic trends and shifts when operating in a global society. Provide examples of demographic trends and shifts to illustrate your answer.
QUESTION 5 1.    Switch to insert mode, and then create a script that performs the following: •       Sets...
QUESTION 5 1.    Switch to insert mode, and then create a script that performs the following: •       Sets the environment for the script to bash •       Have at least two comment lines that state the purpose of the script •       Clear the screen •       Sends messages back to the screen informing the user of what he or she is seeing displayed on the screen •       Have the script perform the following: o   Show your home directory o   Show your current working directory o   Create a directory called demo, and...
ADVERTISEMENT
Subjects
ADVERTISEMENT
Latest Questions
ADVERTISEMENT