Write a PHP/HTML script and design MySQL database to achieve the following;
Create a user database with two fields (i.e. studid and pwd) and populate it with four records.
Create HTML form to accept StudentIDs and Passwords.
Create a Cookie and add these four records (i.e. Student IDs and passwords) to this Cookie.
Read the student IDs and passwords entered in the login page and authenticate with the values (i.e. Student IDs, Password) available in the cookies. The Student should be welcomed by Student ID if both Student ID and Password match else the script should reject the user with an error message.
CREATE DATABASE LoginSystem;
CREATE TABLE IF NOT EXISTS `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(50) NOT NULL,
`email` varchar(50) NOT NULL,
`password` varchar(50) NOT NULL,
`create_datetime` datetime NOT NULL,
PRIMARY KEY (`id`)
);
<?php
// Enter your host name, database username, password, and database name.
// If you have not set database password on localhost then set empty.
$con = mysqli_connect("localhost","root","root","LoginSystem");
// Check connection
if (mysqli_connect_errno()){
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
?>
<?php
session_start();
if(!isset($_SESSION["username"])) {
header("Location: login.php");
exit();
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8"/>
<title>Registration</title>
<link rel="stylesheet" href="style.css"/>
</head>
<body>
<?php
require('db.php');
// When form submitted, insert values into the database.
if (isset($_REQUEST['username'])) {
// removes backslashes
$username = stripslashes($_REQUEST['username']);
//escapes special characters in a string
$username = mysqli_real_escape_string($con, $username);
$email = stripslashes($_REQUEST['email']);
$email = mysqli_real_escape_string($con, $email);
$password = stripslashes($_REQUEST['password']);
$password = mysqli_real_escape_string($con, $password);
$create_datetime = date("Y-m-d H:i:s");
$query = "INSERT into `users` (username, password, email, create_datetime)
VALUES ('$username', '" . md5($password) . "', '$email', '$create_datetime')";
$result = mysqli_query($con, $query);
if ($result) {
echo "<div class='form'>
<h3>You are registered successfully.</h3><br/>
<p class='link'>Click here to <a href='login.php'>Login</a></p>
</div>";
} else {
echo "<div class='form'>
<h3>Required fields are missing.</h3><br/>
<p class='link'>Click here to <a href='registration.php'>registration</a> again.</p>
</div>";
}
} else {
?>
<form class="form" action="" method="post">
<h1 class="login-title">Registration</h1>
<input type="text" class="login-input" name="username" placeholder="Username" required />
<input type="text" class="login-input" name="email" placeholder="Email Adress">
<input type="password" class="login-input" name="password" placeholder="Password">
<input type="submit" name="submit" value="Register" class="login-button">
<p class="link"><a href="login.php">Click to Login</a></p>
</form>
<?php
}
?>
</body>
</html>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8"/>
<title>Login</title>
<link rel="stylesheet" href="style.css"/>
</head>
<body>
<?php
require('db.php');
session_start();
// When form submitted, check and create user session.
if (isset($_POST['username'])) {
$username = stripslashes($_REQUEST['username']); // removes backslashes
$username = mysqli_real_escape_string($con, $username);
$password = stripslashes($_REQUEST['password']);
$password = mysqli_real_escape_string($con, $password);
// Check user is exist in the database
$query = "SELECT * FROM `users` WHERE username='$username'
AND password='" . md5($password) . "'";
$result = mysqli_query($con, $query) or die(mysql_error());
$rows = mysqli_num_rows($result);
if ($rows == 1) {
$_SESSION['username'] = $username;
// Redirect to user dashboard page
header("Location: dashboard.php");
} else {
echo "<div class='form'>
<h3>Incorrect Username/password.</h3><br/>
<p class='link'>Click here to <a href='login.php'>Login</a> again.</p>
</div>";
}
} else {
?>
<form class="form" method="post" name="login">
<h1 class="login-title">Login</h1>
<input type="text" class="login-input" name="username" placeholder="Username" autofocus="true"/>
<input type="password" class="login-input" name="password" placeholder="Password"/>
<input type="submit" value="Login" name="submit" class="login-button"/>
<p class="link"><a href="registration.php">New Registration</a></p>
</form>
<?php
}
?>
</body>
</html>
Comments
Leave a comment