Add files via upload

sreebhattacharyya · Nov 12, 2019 · 1aea16d · 1aea16d
1 parent e4eaa69
commit 1aea16d
Show file tree

Hide file tree

Showing 4 changed files with 391 additions and 0 deletions.
diff --git a/connect.php b/connect.php
@@ -0,0 +1,17 @@
+<!DOCTYPE html>
+<html>
+    <head>
+        <meta charset="UTF-8">
+        <title></title>
+    </head>
+    <body>
+        <?php
+        $link = mysqli_connect("localhost","root","","login");
+        if ($link==false)
+        {
+            die("ERROR: Could not connect.".mysqli_connect_error());
+        } 
+
+        ?>
+    </body>
+</html>
diff --git a/index.php b/index.php
@@ -0,0 +1,145 @@
+<!DOCTYPE html>
+<html>
+    <head>
+        <meta charset="UTF-8">
+        <title></title>
+    </head>
+    <body>
+    <?php
+        require_once 'connect.php';
+
+
+
+
+        $uname = $pw = $confirm_pw = "";
+        $uname_err = $pw_err = $confirm_pw_err = "";
+
+
+        if($_SERVER["REQUEST_METHOD"] == "POST"){
+
+
+            if(empty(trim($_POST["username"]))){
+                $uname_err = "Please enter a username.";
+            } else{
+
+                $sql = "SELECT id FROM users WHERE username = ?";
+
+                if($stmt = mysqli_prepare($link, $sql)){
+
+                    mysqli_stmt_bind_param($stmt, "s", $param_username);
+
+
+                    $param_username = trim($_POST["username"]);
+
+
+                    if(mysqli_stmt_execute($stmt)){
+
+                        mysqli_stmt_store_result($stmt);
+
+                        if(mysqli_stmt_num_rows($stmt) == 1){
+                            $uname_err = "This username is already taken.";
+                        } else{
+                            $uname = trim($_POST["username"]);
+                        }
+                    } else{
+                        echo "Oops! Something went wrong. Please try again later.";
+                    }
+                }
+
+
+                mysqli_stmt_close($stmt);
+            }
+
+
+            if(empty(trim($_POST["password"]))){
+                $pw_err = "Please enter a password.";     
+            } elseif(strlen(trim($_POST["password"])) < 6){
+                $pw_err = "Password must have atleast 6 characters.";
+            } else{
+                $pw = trim($_POST["password"]);
+            }
+
+               if(empty(trim($_POST["confirm_password"]))){
+                $confirm_pw_err = "Please confirm password.";     
+                }
+                else{
+                $confirm_pw = trim($_POST["confirm_password"]);
+                if(empty($pw_err) && ($pw != $confirm_pw)){
+                    $confirm_pw_err = "Password did not match.";
+                }
+            }
+
+
+            if(empty($uname_err) && empty($pw_err) && empty($confirm_pw_err)){
+
+
+                $sql = "INSERT INTO users (username, password) VALUES (?, ?)";
+
+                if($stmt = mysqli_prepare($link, $sql)){
+
+                    mysqli_stmt_bind_param($stmt, "ss", $param_username, $param_password);
+
+                    $param_username = $uname;
+                    $param_password = password_hash($pw, PASSWORD_DEFAULT); 
+
+                    if(mysqli_stmt_execute($stmt)){
+
+                        header("location: login.php");
+                    } else{
+                        echo "Something went wrong. Please try again later.";
+                    }
+                }
+                mysqli_stmt_close($stmt);
+            }
+
+            mysqli_close($link);
+        }
+    ?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>Sign Up</title>
+    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.css">
+    <style type="text/css">
+
+        body{ font: 14px sans-serif; }
+        h2 {background-color:powderblue; color: grey;}
+        .wrapper{ width: 350px; padding: 20px; }
+    </style>
+</head>
+<body>
+    <div class="wrapper">
+        <h2>Sign Up to <b>SHIKSHA</b></h2>
+        <p>Please fill this form to create an account.</p>
+        <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
+            <div class="form-group <?php echo (!empty($uname_err)) ? 'has-error' : ''; ?>">
+                <label>Username</label>
+                <input type="text" name="username" class="form-control" value="<?php echo $uname; ?>">
+                <span class="help-block"><?php echo $uname_err; ?></span>
+            </div>    
+            <div class="form-group <?php echo (!empty($pw_err)) ? 'has-error' : ''; ?>">
+                <label>Password</label>
+                <input type="password" name="password" class="form-control" value="<?php echo $pw; ?>">
+                <span class="help-block"><?php echo $pw_err; ?></span>
+            </div>
+            <div class="form-group <?php echo (!empty($confirm_pw_err)) ? 'has-error' : ''; ?>">
+                <label>Confirm Password</label>
+                <input type="password" name="confirm_password" class="form-control" value="<?php echo $confirm_pw; ?>">
+                <span class="help-block"><?php echo $confirm_pw_err; ?></span>
+            </div>
+            <div class="form-group">
+                <input type="submit" class="btn btn-primary" value="Submit">
+                <input type="reset" class="btn btn-default" value="Reset">
+            </div>
+            <p>Already have an account? <a href="login.php">Login here</a>.</p>
+        </form>
+    </div>    
+</body>
+</html>
+
+
+
+
+
diff --git a/login.php b/login.php
@@ -0,0 +1,180 @@
+<?php
+session_start();
+
+require_once "connect.php";
+
+$username=$password="";
+$username_error=$password_error="";
+
+if($_SERVER["REQUEST_METHOD"]=="POST")
+{
+    if(empty(trim($_POST["username"])))
+    {
+        $username_error="Please enter a username";
+    }
+    else
+    {
+        $username=trim($_POST["username"]);
+    }
+     if(empty(trim($_POST["password"])))
+    {
+        $password_error="Please enter a password";
+    }
+    else
+    {
+        $password=trim($_POST["password"]);
+    }
+    if(empty($username_error) && empty($password_error))
+    {
+        $sql="SELECT id , username , password FROM users WHERE username = ?";
+        if($stmt = mysqli_prepare($link, $sql))
+        {
+             mysqli_stmt_bind_param($stmt, "s", $param_username);
+
+
+            $param_username = $username;
+
+
+            if(mysqli_stmt_execute($stmt))
+            {
+                mysqli_stmt_store_result($stmt);
+
+                if(mysqli_stmt_num_rows($stmt) == 1)
+                {
+
+                    mysqli_stmt_bind_result($stmt, $id, $username, $hashed_password);
+                    if(mysqli_stmt_fetch($stmt))
+                    {
+                        if(password_verify($password, $hashed_password))
+                        {
+                            session_start();
+                            $_SESSION["loggedin"] = true;
+                            $_SESSION["id"] = $id;
+                            $_SESSION["username"] = $username;
+                            header ("location: homepage.php");
+                        }
+                        else
+                        {
+                            //displaying error message
+                            $password_error= "Password entered is not valid.";
+                        }
+                    }
+                    else
+                    {
+                        $username_error="Username entered does not have an account.";
+                    }
+                }
+                else
+                {
+                    echo "Something went wrong. Try again later.";
+                }
+        }   
+        mysqli_stmt_close($stmt);
+    }
+    mysqli_close($link);
+}
+
+?>
+<!DOCTYPE html>
+<html>
+<head>
+<title>New Site</title>
+<style>
+    body
+{
+	background-color:lightgray;
+	margin: 0;
+	margin-top: 50px;
+}
+header
+{
+	font-family:"Sans Serif","Times New Roman";
+	font-size:40px;
+	color:RGB(60,60,60);	
+	display:flex;
+	position:fixed;
+	align-items:center;
+	text-align:center;
+	top:0;
+	left:0;
+	right:0;
+	height:100px;
+	line-height:100px;
+	background-color:powderblue;
+	border-style:outset;
+	border-color:teal;
+}
+h1
+{
+	margin: 5px 480px 5px;
+}
+input[type=text], input[type=password] 
+{
+
+	  padding: 12px 20px;
+	  margin: 8px 0;
+	  display: inline-block;
+	  border: 1px solid #ccc;
+	  box-sizing: border-box;
+}
+button 
+{
+  	background-color: #4CAF50;
+  	color: white;
+  	padding: 14px 20px;
+  	margin: 8px 0;
+  	border: none;
+  	cursor: pointer;
+}
+button:hover 
+{
+ 	 opacity: 0.8;
+}
+label
+{
+	font-size:15px;
+}
+form
+{
+	font-family:"Sans Serif","Times New Roman";
+	font-size:25px;
+	line-height:1.8;
+	margin-top:200px;
+	justify-content: center;
+	align-items:center;
+	text-align:center;
+}
+
+
+</style>
+</head>
+<body>
+
+<header>
+<h1><b>SHIKSHA</b></h1>           
+</header>
+
+<main>
+<section id="login">
+    <form method="POST" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
+Login:<br>
+Username:<br>
+<input type="text" name="username"  placeholder="Enter Username" class="form-control" required><br>
+<span class="error"><?php echo $username_error; ?></span><br>
+Password:<br>
+<input type="password" name="password"  placeholder="Enter Password" required><br>
+<span class="error"><?php echo $password_error; ?></span><br>
+<button type="submit">Login</button><br>
+<label>
+<input type="checkbox" checked="checked" name="remember"> Remember me
+</label>
+<p>Don't have an account? <a href='Register.php'>Sign up now!</a></p>
+</form>                
+</section> 
+</body>
+</html>
+
+
+
+
+
diff --git a/login.sql b/login.sql
@@ -0,0 +1,49 @@
+-- phpMyAdmin SQL Dump
+-- version 4.9.1
+-- https://www.phpmyadmin.net/
+--
+-- Host: 127.0.0.1
+-- Generation Time: Nov 12, 2019 at 10:04 AM
+-- Server version: 10.4.8-MariaDB
+-- PHP Version: 7.3.11
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+SET AUTOCOMMIT = 0;
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `login`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE `users` (
+  `id` int(10) NOT NULL,
+  `username` varchar(25) NOT NULL,
+  `password` varchar(25) NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
+
+--
+-- Dumping data for table `users`
+--
+
+INSERT INTO `users` (`id`, `username`, `password`) VALUES
+(0, 'sreebhattacharyya', '$2y$10$zNrFhrajJbmhZ6.OyN'),
+(0, 'susmita123', '$2y$10$sYl0d9SOd1LpQ4sYCo'),
+(0, 'sub123', '$2y$10$p2PwjaP53zxVUEJJfy');
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;