In: Computer Science
Having those files please adjust the following tasks.
When the user fills out the registration, all information is inserted into a database table.
When the user signs in, all information is verified from the database table.
You can either create your own table on your machine or use the demo server table for testing. Remember the table name and the fields must be exactly as shown below.
If you are using your own table, you must change the connection info as shown below before uploading to the demo server. Then you must test to make sure it works correctly on the demo server.
The table name will be 'account'.
The fields in the table are:
username - 20 char
password - 50 char
name - 20 char
email - 50 char
Make sure that all field names are the same upper and lowercase letters as shown above.
The password will still be encrypted when stored in the database.
You must insert data into the table using your program. Do not assume anything is on the table.
When creating userids and passwords, use something unique, as your classmates will be sharing the same table.
assignment3
<?php
session_start();
if(isset($_SESSION['userid']))
{
header("Location:home.php");
}
include 'header.php';
?>
<?php
if(isset($_POST["register"]))
{
// collect form data
$first_name=$_POST["first_name"];
$last_name=$_POST["last_name"];
$email=$_POST["email"];
$userid=$_POST["userid"];
$password=$_POST["password"];
$verify_password=$_POST["verify_password"];
if($password===$verify_password) // password verification
{
$hashFormat="$2y$10$"; // set hash
$salt ="iusesomecrazystrings22"; // set salt
$new_salt = $hashFormat . $salt; // concatenate hash and salt
$encrypted_password = crypt($password,$new_salt); // Encrypt the
password
if(file_exists("users.txt")) // check file is exist or not
{
// Open a file for write only and append the data to an existing
file
$myfile = fopen("users.txt", "a");
$mydata=$first_name."|".$last_name."|".$email."|".$userid."|".$encrypted_password."\r\n";
fwrite($myfile, $mydata);
include('send_mail.php');
}
else
{
$myfile = fopen("users.txt", "w"); // Open a file for write
only
fwrite($myfile, "First Name |Last Name | Email| User Id | Password\r\n");
$mydata=$first_name."|".$last_name."|".$email."|".$userid."|".$encrypted_password."\r\n";
fwrite($myfile, $mydata);
include ("send_mail.php");
}
fclose($myfile);
// set the message if password is verified
$register_msg = "The following registration information has been
successfully submitted";
}
else
{
$register_msg = "password not match"; // set the message if
password is not verified
}
}
else
{
$register_msg = "";
}
?>
<html>
<body>
<h1> <?php echo $register_msg; ?> </h1>
<form action="assignment3.php" method="POST"
style="float:left; width:50%;">
<fieldset>
<legend style="text-align: center;">User
Information</legend>
<table style="margin:0px auto;">
<tr>
<td>
<label> First Name</label>
</td>
<td>
<input type="text" name="first_name">
</td>
</tr>
<tr>
<td>
<label> Last Name</label>
</td>
<td>
<input type="text" name="last_name">
</td>
</tr>
<tr>
<td>
<label> Email</label>
</td>
<td>
<input type="email" name="email">
</td>
</tr>
<tr>
<td>
<label> User ID</label>
</td>
<td>
<input type="text" name="userid">
</td>
</tr>
<tr>
<td>
<label> Password</label>
</td>
<td>
<input type="password" name="password"
pattern="(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{8,12}" title="Must
contain at least one number and one special character, and length
must between 8 to 12 characters">
</td>
</tr>
<tr>
<td>
<label> Verify Password</label>
</td>
<td>
<!--create a password field for Verify Password -->
<input type="password" name="verify_password"
pattern="(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{8,12}" title="Must
contain at least one number and one special character, and length
must between 8 to 12 characters">
</td>
</tr>
<tr>
<td><input type="submit" name="register"
value="Register"></td>
<td><input type="reset" name="reset"
value="Reset"></td>
</tr>
</table>
</fieldset>
</form>
<form action="home.php" method="POST" style="float:right;
width:50%;">
<fieldset>
<legend style="text-align: center;">Sign
In</legend>
<table style="margin:0px auto;">
<tr>
<td>
<label> User ID</label>
</td>
<td>
<input type="text" name="userid">
</td>
</tr>
<tr>
<td>
<label> Password</label>
</td>
<td>
<input type="password" name="password"
pattern="(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{8,12}" title="Must
contain at least one number and one special character, and length
must between 8 to 12 characters">
</td>
</tr>
<tr>
<td><input type="submit" name="Submit"
value="Submit"></td>
<td><input type="reset" name="reset"
value="Reset"></td>
</tr>
</table>
</fieldset>
</form>
</body>
</html>
header.php
<!DOCTYPE html>
<html>
<head>
<title>Assignment3</title>
<link rel="stylesheet" type="text/css" href="main.css"
/>
<meta http-equiv="Content-Type" content="text/html;
charset=UTF-8">
</head>
<body>
<header>
<h1>Register for an Account</h1>
</header>
home.php
<?php
session_start();
if(!isset($_POST["Submit"])&&!isset($_SESSION["userid"]))
{
header("Location:assignment3.php");
}
if(isset($_POST['logout']))
{
session_unset();
// destroy the session
session_destroy();
header("Location:assignment2.php");
}
if(isset($_POST["Submit"])) // if Submit parameter exist
{
// collect form data
$userid=$_POST["userid"];
$password=$_POST["password"];
$hashFormat="$2y$10$"; // set hash
$salt ="iusesomecrazystrings22"; // set salt
$new_salt = $hashFormat . $salt; // concatenate hash and salt
$encrypted_password = crypt($password,$new_salt); // Encrypt the password entered by the user
$myfile = file ('./users.txt');
foreach($myfile as $row)
{
$data = explode("|",$row);
// Compare the userid and password to what is in the text file
if($userid===$data[3] &&
$encrypted_password===trim($data[4]))
{
// Set session variables
$_SESSION['userid'] = $data[3]; // Set userid to session
variable
$_SESSION['password'] = $data[4]; // Set password to session
variable
// If password match, set display a welcome message to variable
$msg="Welcome ".$_SESSION['userid'];
}
else
{
// If password do not match, set display this message to
variable
$msg="userid/password combo incorrect please reenter";
}
}
}
else
{
$msg="";
}
?>
<html>
<body>
<h1> <?php echo $msg; ?> </h1>
<?php
if(isset($_SESSION["userid"]))
{
?>
<form action="home.php" method="post">
<input type="submit" value="Sign Out" name="logout">
</form>
<?php
}
?>
</body>
</html>
css file
html {
background-color: #e6f2ff;
}
body {
font-family: Arial, Helvetica, sans-serif;
width: 900px;
margin: 0 auto;
padding: 0 1em;
background-color: white;
border: 1px solid blue;
}
header {
border-bottom: 2px solid black;
padding: .5em 0;
}
header h1 {
color: blue;
}
main {
}
aside {
float: left;
width: 150px;
}
h1 {
font-size: 150%;
margin: 0;
padding: .5em 0 .25em;
}
h2 {
font-size: 120%;
margin: 0;
padding: .75em 0 0;
}
h1, h2 {
color: black;
}
fieldset {
margin: 1em;
padding-top: 1em;
margin-left: 10px;
border: 1px solid blue;
}
label {
float: left;
width: 10em;
text-align: right;
margin-top: .25em;
margin-bottom: .5em;
}
input, select {
margin-left: 0.5em;
margin-bottom: 0.5em;
width: 14em;
}
br {
clear: both;
}
span {
vertical-align: middle;
}
.error {
color: #cc3300;
}
.notice {
color: #cc3300;
font-size: 50%;
text-align: right;
}
assignment3.php
<?php
session_start();
if(isset($_SESSION['userid']))
{
header("Location:home.php");
}
include 'header.php';
include 'dbconn.php';
?>
<?php
if(isset($_POST["register"]))
{
// collect form data
$first_name=$_POST["first_name"];
$last_name=$_POST["last_name"];
$email=$_POST["email"];
$userid=$_POST["userid"];
$password=$_POST["password"];
$verify_password=$_POST["verify_password"];
// Inserting data from text boxes to the table account
$sql ="INSERT INTO account(username,password,name,email) VALUES
('$userid','$password','$first_name','$email')";
if ($conn->query($sql) === TRUE) {
echo "</br>"."New record created successfully"."</br>";
//the statements printed are for testing
} else {
echo "</br>"."Error: " . $sql . "<br>" .
$conn->error;
}
if($password===$verify_password) // password verification
{
$hashFormat="$2y$10$"; // set hash
$salt ="iusesomecrazystrings22"; // set salt
$new_salt = $hashFormat . $salt; // concatenate hash and salt
$encrypted_password = crypt($password,$new_salt); // Encrypt the
password
if(file_exists("users.txt")) // check file is exist or not
{
// Open a file for write only and append the data to an existing
file
$myfile = fopen("users.txt", "a");
$mydata=$first_name."|".$last_name."|".$email."|".$userid."|".$encrypted_password."\r\n";
fwrite($myfile, $mydata);
include ("send_mail.php"); //If
this php doesnot exists, remove this line
}
else
{
$myfile = fopen("users.txt", "w"); // Open a file for write
only
fwrite($myfile, "First Name |Last Name | Email| User Id | Password\r\n");
$mydata=$first_name."|".$last_name."|".$email."|".$userid."|".$encrypted_password."\r\n";
fwrite($myfile, $mydata);
include
("send_mail.php");
//If this php doesnot exists, remove this line
}
fclose($myfile);
// set the message if password is verified
$register_msg = "The following registration information has been
successfully submitted";
}
else
{
$register_msg = "password not match"; // set the message if
password is not verified
}
}
else
{
$register_msg = "";
}
?>
<html>
<body>
<h1> <?php echo $register_msg; ?> </h1>
<form action="assignment3.php" method="POST"
style="float:left; width:50%;">
<fieldset>
<legend style="text-align: center;">User
Information</legend>
<table style="margin:0px auto;">
<tr>
<td>
<label> First Name</label>
</td>
<td>
<input type="text" name="first_name">
</td>
</tr>
<tr>
<td>
<label> Last Name</label>
</td>
<td>
<input type="text" name="last_name">
</td>
</tr>
<tr>
<td>
<label> Email</label>
</td>
<td>
<input type="email" name="email">
</td>
</tr>
<tr>
<td>
<label> User ID</label>
</td>
<td>
<input type="text" name="userid">
</td>
</tr>
<tr>
<td>
<label> Password</label>
</td>
<td>
<input type="password" name="password"
pattern="(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{8,12}" title="Must
contain at least one number and one special character, and length
must between 8 to 12 characters">
</td>
</tr>
<tr>
<td>
<label> Verify Password</label>
</td>
<td>
<!--create a password field for Verify Password -->
<input type="password" name="verify_password"
pattern="(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{8,12}" title="Must
contain at least one number and one special character, and length
must between 8 to 12 characters">
</td>
</tr>
<tr>
<td><input type="submit" name="register"
value="Register"></td>
<td><input type="reset" name="reset"
value="Reset"></td>
</tr>
</table>
</fieldset>
</form>
<form action="home.php" method="POST" style="float:right;
width:50%;">
<fieldset>
<legend style="text-align: center;">Sign
In</legend>
<table style="margin:0px auto;">
<tr>
<td>
<label> User ID</label>
</td>
<td>
<input type="text" name="userid">
</td>
</tr>
<tr>
<td>
<label> Password</label>
</td>
<td>
<input type="password" name="password"
pattern="(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{8,12}" title="Must
contain at least one number and one special character, and length
must between 8 to 12 characters">
</td>
</tr>
<tr>
<td><input type="submit" name="Submit"
value="Submit"></td>
<td><input type="reset" name="reset"
value="Reset"></td>
</tr>
</table>
</fieldset>
</form>
</body>
</html>
header.php
It works perfectly as it is.
home.php
<!DOCTYPE html>
<html lang="en">
<head
<link rel="stylesheet" type="text/css"
href="style.css"> //style.css is the css file
mentioned in this program and can also rename it
</head>
<?php
session_start();
if(!isset($_POST["Submit"])&&!isset($_SESSION["userid"]))
{
header("Location:Assignment3.php");
}
if(isset($_POST['logout']))
{
session_unset();
// destroy the session
session_destroy();
header("Location:assignment2.php");
}
if(isset($_POST["Submit"])) // if Submit parameter exist
{
// collect form data
$userid=$_POST["userid"];
$password=$_POST["password"];
$hashFormat="$2y$10$"; // set hash
$salt ="iusesomecrazystrings22"; // set salt
$new_salt = $hashFormat . $salt; // concatenate hash and salt
$encrypted_password = crypt($password,$new_salt); // Encrypt the password entered by the user
$myfile = file ('./users.txt');
foreach($myfile as $row)
{
$data = explode("|",$row);
// Compare the userid and password to what is in the text file
if($userid===$data[3] &&
$encrypted_password===trim($data[4]))
{
// Set session variables
$_SESSION['userid'] = $data[3]; // Set userid to session
variable
$_SESSION['password'] = $data[4]; // Set password to session
variable
// If password match, set display a welcome message to variable
$msg="Welcome ".$_SESSION['userid'];
}
else
{
// If password do not match, set display this message to
variable
$msg="userid/password combo incorrect please reenter";
}
}
}
else
{
$msg="";
}
?>
<html>
<body>
<h1> <?php echo $msg; ?> </h1>
<?php
if(isset($_SESSION["userid"]))
{
?>
<form action="home.php" method="post">
<input type="submit" value="Sign Out" name="logout">
</form>
<?php
}
?>
</body>
</html>
main.css
It works perfectly as it is.
dbconn.php
<!DOCTYPE html>
<html>
<body>
<?php
$servername = "localhost";
$username =
"Uname";
//username and password can be given according to you
$password = "password";
$dbname="accounting";
//dbname=database name, can be renamed
// Create connection
$conn = new mysqli($servername,$username,$password,$dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
echo "Connected successfully"."</br>";
//Creating Database
$sql = "CREATE DATABASE accounting";
if ($conn->query($sql) === TRUE) {
echo "Database created successfully"."</br>";
} else {
echo "Error creating database: " ."</br>".
$conn->error;
}
//Create Table account
$sql="CREATE TABLE account(username VARCHAR(20),password
varchar(50),name varchar(20),email varchar(50))";
if ($conn->query($sql) === TRUE) {
echo "</br>"."Table account created
successfully"."</br>";
} else {
echo "</br>"."Error creating table: "."</br>" .
$conn->error;
}
?>
</body>
</html>
Sample output:
The statements below "Register For account" heading are for testing the database operations, they can be removed from dbconn.php file.
Cant create database means that already database is existing.
Error creating table means that the table "account" is already created.
Test Cases:
1.
2.
MH was the user name given for testing.