12/9/21

WEB TECHNOLOGIES LAB EXERCISE 20 to EXERCISE 25

 20. AIM: User Authentication:

Assume four users user1, user2, user3 and user4 having the passwords pwd1, pwd2, pwd3 and pwd4 respectively. Write a PHP for doing the following.

1.  Create a Cookie and add these four user ids and passwords to this Cookie.

2.   Read the user id and passwords entered in the Login form and authenticate with the values (user id and passwords) available in the cookies.

If he is a valid user (i.e., user-name and password match) you should welcome him by name (user-name) else you should display “You are not an authenticated user’’.



SOURCE CODE:

LOGIN.PHP:

<?php setcookie("uid1","user1");

setcookie("pwd1","pwd1");

setcookie("uid2","user2");

setcookie("pwd2","pwd2");

setcookie("uid3","user3");

setcookie("pwd3","pwd3");

setcookie("uid4","user4");

setcookie("pwd4","pwd4");

?>

<!DOCTYPE html>

<html>

<head>

<title>User Authentication</title>

</head>

<body>

<h1 align="center">LOGIN</h1>

<form action="Authentication.php" method="post">

<table align="center" cellspacing="10">

<tr>

<td><b>User ID</b></td>

<td><input name="uid" type="text"></td>

</tr>

<tr>

<td><b>Password</b></td>

<td><input name="pwd" type="password"></td>

</tr>

<tr>

<td colspan="2" align="center">

<input type="submit" name="submit" value="SUBMIT"> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

<input type="reset" value="RESET">

</td>

</tr>

</table>

</form>

</body>

</html>

AUTHENTICATION.PHP:

<!DOCTYPE html>

<html>

<head>

<title> User Authentication </title>

</head>

<body>

<?php

if($_POST["uid"]==$_COOKIE["uid1"]&&$_POST["pwd"]==$_COOKIE["pwd1"])

{

echo "welcome ".$_POST["uid"];

}

else if ($_POST["uid"]==$_COOKIE["uid2"] &&

$_POST["pwd"]==$_COOKIE["pwd2"])

{

echo "Welcome ".$_POST["uid"];

}

else if($_POST["uid"]==$_COOKIE["uid3"]&& $_POST["pwd"]==$_COOKIE["pwd3"])

{

echo "Welcome" .$_POST["uid"];

}

else if($_POST["uid"]==$_COOKIE["uid4"]&& $_POST["pwd"]==$_COOKIE["pwd4"])

{

echo "Welcome" .$_POST["uid"];

}

else{

echo "You are not an authenticated user.";

}

?>

</body>

</html>

OUTPUT:





EXPERIMENT-21:

 AIM: Example PHP program for registering users of a website and login.

SOURCE CODE:

REGISTRATION.HTML:

<!DOCTYPE html>

<html>

<head>

<title>Signup</title>

</head>

<body>

<form action="registrationaccess.php" method="post">

<h1 align="center"> REGISTRATION </h1>

<table align="center" cellspacing="10">

<tr>

<td>Name::</td>

<td> <input name="uname" type="text"> </td>

</tr>

<tr>

<td>Password::</td>

<td> <input name="pwd" type="password"> </td>

</tr>

<tr>

<td> E-mail ID:: </td>

<td> <input name="email" type="text"> </td>

</tr>

<tr>

<td> Mobile Number:: </td>

<td> <input name="mobno" type="text"> </td>

</tr>

<tr>

<td colspan="2" align="center">

<input type="submit" value="Register">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

<input type="reset" value="Cancel"> </td>

</tr>

</table>

</form>

</body>

</html>

REGISTRATIONACCESS.PHP: 

<?php

$uname=$_POST["uname"];

$pwd=$_POST["pwd"];

$email=$_POST["email"];

$mobno=$_POST["mobno"];

$host="localhost";

$user="root";

$password="";

$con=mysqli_connect($host,$user,$password);

if($con) {

echo '<h1>Connected to MySQL</h1>';

$db=mysqli_select_db($con,"crr");

}

else {

echo '<h1>MySQL Server is not connected</h1>';

}

$q="insert into regs values('".$uname."','".$pwd."','".$email."',".$mobno.");";

$insert=mysqli_query($con,$q);

mysqli_close($con);

if(!$insert){

echo '<script>alert("Registration Failed."); window.location.href="registration.html";</script>';

}

echo '<script>alert("Successfully registered."); window.location.href="login.html";</script>';

?>

LOGIN.HTML:

<!DOCTYPE html>

<html>

<head>

<meta charset="ISO-8859-1">

<title>Login</title>

</head>

<body>

<h1 align="center">LOGIN</h1>

<form action="loginaccess.php" method="post">

<table align="center" cellspacing="10">

<tr>

<td><b>User Name</b></td>

<td><input name="uid" type="text"></td>

</tr>

<tr>

<td><b>Password</b></td>

<td><input name="pwd" type="password"></td>

</tr>

<tr>

<td colspan="2" align="center">

<input type="Submit" value="Login"> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

<input type="reset">

</td>

</tr>

<tr>

<td colspan="2" align="right"><i><a href="registration.html">New User Click Here</a></i></td>

</tr>

</table>

</form>

</body>

</html>

LOGINACCESS.PHP: 

<!DOCTYPE html>

<html>

<head>

<title>Welcome</title>

</head>

<body>

<?php

$uid=$_POST["uid"];

$pass=$_POST["pwd"];

$host="localhost";

$user="root";

$password="";

$con=mysqli_connect($host,$user,$password);

if($con) {

echo '<h1>Connected to MySQL</h1>';

$db=mysqli_select_db($con,"crr");

}

else {

echo '<h1>MySQL Server is not connected</h1>';

}

$q="select * from regs;";

$retrecs=mysqli_query($con,$q);

if (!$retrecs) {

printf("Error: %s\n", mysqli_error($con));

exit();

}

while ($rec=mysqli_fetch_array($retrecs)) {

if ($rec["uname"]==$uid && $rec["pwd"]==$pass) {

$flag=1;

break;

}

}

mysqli_close($con);

if($flag==1){

echo "Welcome ".$uid;

}

else{

echo '<script>alert("Invalid User Name/Password"); window.location.href="login.html";</script>';

}

?>

</body>

</html>

OUTPUT:





EXPERIMENT-22:

AIM: Install a database (Mysql or Oracle).

Create a table which should contain at least the following fields: name, password, email-id,

phone number (these should hold the data from the registration form).

Write a PHP program to connect to that database and extract data from the tables and display

them. Experiment with various SQL queries.

Insert the details of the users who register with the web site, whenever a new user clicks the

submit button in the registration page.

SOURCE CODE:

REGISTRATION.HTML:

<!DOCTYPE html>

<html>

<head>

<title>Signup</title>

</head>

<body>

<form action="registrationaccess1.php" method="post">

<h1 align="center"> REGISTRATION </h1>

<table align="center" cellspacing="10">

<tr>

<td>Name::</td>

<td> <input name="uname" type="text"> </td>

</tr>

<tr>

<td>Password::</td>

<td> <input name="pwd" type="password"> </td>

</tr>

<tr>

<td> E-mail ID:: </td>

<td> <input name="email" type="text"> </td>

</tr>

<tr>

<td> Mobile Number:: </td>

<td> <input name="mobno" type="text"> </td>

</tr>

<tr>

<td colspan="2" align="center"> <input type="submit" value="Register">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

<input type="reset" value="Cancel"> </td>

</tr>

</table>

</form>

</body>

</html>

REGISTRATIONACCESS1.PHP:

<?php

//Accessing registration form details

$uname=$_POST["uname"];

$pwd=$_POST["pwd"];

$email=$_POST["email"];

$mobno=$_POST["mobno"];

$host="localhost";

$user="root";

$password="";

$con=mysqli_connect($host,$user,$password);

if($con) {

echo '<h1>Connected to MySQL</h1>';

//if connected then Select Database.

$db=mysqli_select_db($con,"crr");

}

else {

echo '<h1>MySQL Server is not connected</h1>';

}

//Inserting new user details

$q="insert into regs values('".$uname."','".$pwd."','".$email."',".$mobno.");";

$insert=mysqli_query($con,$q);

$q1="select *from regs";

$result=mysqli_query($con,$q1);

mysqli_close($con);

if(!$insert){

echo '<script>alert("Registration Failed."); window.location.href="registration.html";</script>';

}

echo '<script>alert("Successfully registered.");

</script>';

?>

<html>

<body>

<br/><br/><br/>

<p align="right"><a href="registration.html">[RegistrationPage]</a></p>

<center>

<font face="verdana"size="4">

<table border="1"cellpadding="0"cellspacing="0">

<tr>

<th>S.No.</th>

<th>UserName</th>

<th>Email</th>

<th>Mobile Number</th>

</tr>

<?php $num=1;

while($row=mysqli_fetch_array($result))

{?>

<tr>

<td><?php echo$num++;?></td>

<td><?php echo$row['uname'];?></td>

<td><?php echo$row['email'];?></td>

<td><?php echo$row['mobno'];?></td>

</tr>

<?php

}?>

</table>

</center>

</body>

</html>

OUTPUT:

EXPERIMENT-23:

AIM: Insert the details of the 3 or 4 users who register with the web site by using registration

form. Authenticate the user when he submits the login form using the username and password from the database.

SOURCE CODE:

REGISTRATION.HTML:

<!DOCTYPE html>

<html>

<head>

<title>Signup</title>

</head>

<body>

<form action="registrationaccess.php" method="post">

<h1 align="center"> REGISTRATION </h1>

<table align="center" cellspacing="10">

<tr>

<td>Name::</td>

<td> <input name="uname" type="text"> </td>

</tr>

<tr>

<td>Password::</td>

<td> <input name="pwd" type="password"> </td>

</tr>

<tr>

<td> E-mail ID:: </td>

<td> <input name="email" type="text"> </td>

</tr>

<tr>

<td> Mobile Number:: </td>

<td> <input name="mobno" type="text"> </td>

</tr>

<tr>

<td colspan="2" align="center">

<input type="submit" value="Register">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

<input type="reset" value="Cancel"> </td>

</tr>

</table>

</form>

</body>

</html>

REGISTRATIONACCESS.PHP: 

<?php

$uname=$_POST["uname"];

$pwd=$_POST["pwd"];

$email=$_POST["email"];

$mobno=$_POST["mobno"];

$host="localhost";

$user="root";

$password="";

$con=mysqli_connect($host,$user,$password);

if($con) {

echo '<h1>Connected to MySQL</h1>';

$db=mysqli_select_db($con,"crr");

}

else {

echo '<h1>MySQL Server is not connected</h1>';

}

$q="insert into regs values('".$uname."','".$pwd."','".$email."',".$mobno.");";

$insert=mysqli_query($con,$q);

mysqli_close($con);

if(!$insert){

echo '<script>alert("Registration Failed."); window.location.href="registration.html";</script>';

}

echo '<script>alert("Successfully registered."); window.location.href="login.html";</script>';

?>

LOGIN.HTML:

<!DOCTYPE html>

<html>

<head>

<meta charset="ISO-8859-1">

<title>Login</title>

</head>

<body>

<h1 align="center">LOGIN</h1>

<form action="loginaccess.php" method="post">

<table align="center" cellspacing="10">

<tr>

<td><b>User Name</b></td>

<td><input name="uid" type="text"></td>

</tr>

<tr>

<td><b>Password</b></td>

<td><input name="pwd" type="password"></td>

</tr>

<tr>

<td colspan="2" align="center">

<input type="Submit" value="Login"> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

<input type="reset">

</td>

</tr>

<tr>

<td colspan="2" align="right"><i><a href="registration.html">New User Click Here</a></i></td>

</tr>

</table>

</form>

</body>

</html>

LOGINACCESS.PHP: 

<!DOCTYPE html>

<html>

<head>

<title>Welcome</title>

</head>

<body>

<?php

$uid=$_POST["uid"];

$pass=$_POST["pwd"];

$host="localhost";

$user="root";

$password="";

$con=mysqli_connect($host,$user,$password);

if($con) {

echo '<h1>Connected to MySQL</h1>';

$db=mysqli_select_db($con,"crr");

}

else {

echo '<h1>MySQL Server is not connected</h1>';

}

$q="select * from regs;";

$retrecs=mysqli_query($con,$q);

if (!$retrecs) {

printf("Error: %s\n", mysqli_error($con));

exit();

}

while ($rec=mysqli_fetch_array($retrecs)) {

if ($rec["uname"]==$uid && $rec["pwd"]==$pass) {

$flag=1;

break;

}

}

mysqli_close($con);

if($flag==1){

echo "Welcome ".$uid;

}

else{

echo '<script>alert("Invalid User Name/Password"); window.location.href="login.html";</script>';

}

?>

</body>

</html>

OUTPUT:

EXPERIMENT-24:

 AIM: Create tables in the database which contain the details of items (books in our case like Book name,Price, Quantity, Amount) of each category. Modify your catalogue page (week 2)in such a way that youshould connect to the database and extract data from the tables and display them in the catalogue page using PHP

 SOURCE CODE:

 

Catalogue table:

CREATE TABLE catalogue

(

bnamevarchar(50) NOT NULL,

auth varchar(25) NOT NULL,

publvarchar(25) NOT NULL,

isbnvarchar(20) NOT NULL,

edivarchar(10) NOT NULL,

cost int(5) NOT NULL,

qty int(3) NOT NULL,

UNIQUE KEY(bname)

)

 

bkEntryForm.html

<html>

<head>

<title> Catalogue Page</title>

<script language="javascript">

function validate()

{

var nam = document.f1.bname.value;

if(nam=="")

{

alert("Please enter Book name");

document.f1.bname.focus();

return false;

}

var auth = document.f1.auth.value;

if(auth=="")

{

alert("Please enter Author Name");

document.f1.auth.focus();

return false;

}

var publ = document.f1.publ.value;

if(publ=="")

{

alert("Please enter Publisher name");

document.f1.publ.focus();

return false;

}

var isbn = document.f1.isbn.value;

if(isbn=="")

{

alert("Please enter ISBN Number");

document.f1.isbn.focus();

return false;

}

var ed = document.f1.edi.value;

if(ed=="")

{

alert("Please enter book edition");

document.f1.edi.focus();

return false;

}

var cost = document.f1.cost.value;

if(cost=="")

{

alert("Please enter cost of the book");

document.f1.cost.focus();

return false;}

var qty = document.f1.qty.value;

if(qty=="")

{

 

</head>

<body>

}

}

</script>

 

alert("Please enter number of books you want!!!");

document.f1.qty.focus();

return false;

 

validate()">

 

<br/><br/><br/>

<center>

<form name="f1" action="Catalogue.php" method="post" onsubmit="javascript:return

<table border="3" cellpadding="0" cellspacing="0">

<tr>

<td>

<table cellspacing="5">

<tr>

<td colspan="2" align="center"><h2><u>Book Details Entry Form</u></h2></td>

</tr>

<tr>

<td> Book Name</td>

<td><input type="text" name="bname" size="50"></td>

 

</form>

</tr>

<tr>

<td> Author</td>

<td><input type="text" name="auth" size="50"></td>

</tr>

<tr>

<td> Publication</td>

<td><input type="text" name="publ" size="50"></td>

</tr>

<tr>

<td> ISBN</td>

<td><input type="text" name="isbn" size="15"></td>

</tr>

<tr>

<td> Edition</td>

<td><input type="text" name="edi" size="15"></td>

</tr>

<tr>

<td> Cost</td>

<td>$<input type="text" name="cost" size="5"></td>

</tr>

<tr>

<td> Quantity</td>

<td><input type="text" name="qty" size="3"></td>

</tr>

<tr>

<td colspan="2" align="center"><input type="submit" value="submit"></td>

</tr>

</table>

</td>

</tr>

</table>

</center>

</body>

</html>

 

Catalogue.php

<?php

$conn = mysql_connect("localhost","root","");

if($conn)

echo "Connected to database!!!";

else

echo "Failed to Connect:".mysql_error();

mysql_select_db("test",$conn) or die("No Database existing:".mysql_error());

if(isset($_POST['bname']))

{

$bname=$_POST['bname'];

$auth=$_POST['auth'];

$publ=$_POST['publ'];

$isbn=$_POST['isbn'];

$edi=$_POST['edi'];

$cost=(float)$_POST['cost'];

$qty=(int)$_POST['qty'];

echo"<br/><br/><br/><p align='right'><a href='bkEntryForm.html'>[Book Entry Page]</a></p>";

$query = "INSERT INTO catalogue VALUES('$bname','$auth','$publ','$isbn','$edi','$cost','$qty')";

mysql_query($query);

$result = mysql_query("select * from catalogue");

?>

<html>

<body><center>

<font face="verdana" size="4">

<table border="1" cellpadding="0" cellspacing="0">

<tr>

</tr>

<tr>

<thcolspan="8" align="center">Books List</td>

<th>S.No.</th>

<th>Title</th>

<th>Author</th>

<th> Publication</th>

<th>ISBN</th>

<th>Edition</th>

<th>Cost</th>

<th>Quantity</th>

</body>

</html>

</tr>

<?php $num=1; while($row = mysql_fetch_array($result))

{ ?>

<tr>

<td align="center"><?php echo $num++; ?></td>

<td align="left"><?php echo $row['bname']; ?></td>

<td align="left"><?php echo $row['auth']; ?></td>

<td align="left"><?php echo $row['publ']; ?></td>

<td align="center"><?php echo $row['isbn']; ?></td>

<td align="center"><?php echo $row['edi']; ?></td>

<td align="center"><?php echo $row['cost']; ?></td>

<td align="center"><?php echo $row['qty']; ?></td>

</tr>

<?php }?>

</table>

</center>

<?php } ?>

 OUT PUT:

­­­­­EXPERIMENT-25:

 

AIM: HTTP is a stateless protocol. Session is required to maintain the state.

The user may add some items to cart from the catalog page. He can check the cart page for the selected items. He may visit the catalogue again and select some more items. Here our interest is the selected items should be added to the old cart rather than a new cart. Multiple users can dothe same thing at a time(i.e., from different systems in the LAN using the ip-address instead of local host). This can be achieved through the use of sessions. Every user will have his own session which will be created after his successful login to the website. When the user logs out his

session should get invalidated (by using the method session. Invalidate ().

Modify your catalogue and cart PHP pages to achieve the above mentioned functionality using

sessions.

 

SOURCE CODE:

 

style.css

body

{

width:800px;

}

.txt-heading

{

padding: 5px 10px;

font-size:1.1em;

font-weight:bold;

color:#999;

}

.btnRemoveAction

{

color:#D60202;

border:0;

padding:2px 10px;

font-size:0.9em;

}

#btnEmpty

{

background-color:#D60202;

border:0;

padding:1px 10px;

color:#FFF;

font-size:0.8em;

font-weight:normal;

float:right;

text-decoration:none;

}

.btnAddAction

{

background-color:#79b946;

border:0;

padding:3px 10px;

color:#FFF;

margin-left:1px;

}

#shopping-cart

{

border-top: #79b946 2px solid;

margin-bottom:30px;

}

#shopping-cart .txt-heading

{

background-color: #D3F5B8;

}

#shopping-cart table

{

width:100%;

background-color:#F0F0F0;

}

{

background-color:#FFFFFF;

}

.cart-item

{

border-bottom: #79b946 1px dotted;

padding: 10px;

}

#product-grid

{

border-top: #F08426 2px solid;

margin-bottom:30px;

}

#product-grid .txt-heading

{

background-color: #FFD0A6;

}

.product-item {

float:left;

background:#F0F0F0;

margin:15px;

padding:5px;

}

.product-item div

{

text-align:center;

margin:10px;

}

.product-price

{

color:#F08426;

}

.product-image {

height:100px;

background-color:#FFF;

}

dbController.php

<?php

class DBController {

private $host = "localhost";

private $user = "root";

private $password = "";

private $database = "test";

function construct() {

$conn = $this->connectDB();

if(!empty($conn)) {

$this->selectDB($conn);

}

}

function connectDB() {

$conn = mysql_connect($this->host,$this->user,$this->password);

return $conn;

}

function selectDB($conn) {

mysql_select_db($this->database,$conn);

}

function runQuery($query) {

$result = mysql_query($query);

while($row=mysql_fetch_assoc($result)) {

$resultset[] = $row;

}

if(!empty($resultset))

return $resultset;

}

 

index.php

 

<?php

session_start();

require_once("dbcontroller.php");

$db_handle = new DBController();

if(!empty($_GET["action"])) {

switch($_GET["action"]) {

case "add":

if(!empty($_POST["quantity"])) {

$productByCode = $db_handle->runQuery("SELECT * FROM tblproduct WHERE

code='" . $_GET["code"] . "'");

$itemArray =

array($productByCode[0]["code"]=>array('name'=>$productByCode[0]["name"],

'code'=>$productByCode[0]["code"], 'quantity'=>$_POST["quantity"], 'price'=>$productByCode[0]["price"]));

= $_POST["quantity"];

if(!empty($_SESSION["cart_item"])) {

if(in_array($productByCode[0]["code"],$_SESSION["cart_item"])) {

foreach($_SESSION["cart_item"] as $k => $v) {

if($productByCode[0]["code"] == $k)

$_SESSION["cart_item"][$k]["quantity"]

} else {

}

$_SESSION["cart_item"] =

array_merge($_SESSION["cart_item"],$itemArray);

}

}

break;

} else {

}

$_SESSION["cart_item"] = $itemArray;

case "remove":

if(!empty($_SESSION["cart_item"])) {

foreach($_SESSION["cart_item"] as $k => $v) {

if($_GET["code"] == $k)

unset($_SESSION["cart_item"][$k]);

}

}

break;

if(empty($_SESSION["cart_item"]))

unset($_SESSION["cart_item"]);

case "empty":

unset($_SESSION["cart_item"]);

break;

}

}

?>

<HTML>

<HEAD>

<TITLE>Simple PHP Shopping Cart</TITLE>

<link href="style.css" type="text/css" rel="stylesheet" />

</HEAD>

<BODY>

<div id="shopping-cart">

<div class="txt-heading">Shopping Cart <a id="btnEmpty" href="index.php?action=empty">Empty Cart</a></div>

<?php

if(isset($_SESSION["cart_item"])){

$item_total = 0;

?>

<table cellpadding="10" cellspacing="1">

<tbody>

<tr>

<th><strong>Name</strong></th>

<th><strong>Code</strong></th>

<th><strong>Quantity</strong></th>

<th><strong>Price</strong></th>

<th><strong>Action</strong></th>

</tr>

<?php

foreach ($_SESSION["cart_item"] as $item){

?>

<tr>

<td><strong><?php echo $item["name"]; ?></strong></td>

<td><?php echo $item["code"]; ?></td>

<td align=center><?php echo $item["quantity"]; ?></td>

<td align=right><?php echo "$".$item["price"]; ?></td>

<td><a href="index.php?action=remove&code=<?php echo $item["code"];

?>" class="btnRemoveAction">Remove Item</a></td>

</tr>

<?php

$item_total += ($item["price"]*$item["quantity"]);

}

?>

<tr>

<td colspan="5" align=right><strong>Total:</strong><?php echo "$".$item_total; ?></td>

</tr>

</tbody>

</table>

<?php

}

?>

</div>

<div id="product-grid">

<div class="txt-heading">Products</div>

<?php

$product_array = $db_handle->runQuery("SELECT * FROM tblproduct ORDER BY id ASC");

if (!empty($product_array)) {

foreach($product_array as $key=>$value){

?>

<div class="product-item">

<form method="post" action="index.php?action=add&code=<?php echo

$product_array[$key]["code"]; ?>">

<div class="product-image"><imgsrc="<?php echo $product_array[$key]["image"];

?>" height="100" width="75"></div>

<div><strong><?php echo $product_array[$key]["name"]; ?></strong></div>

<div class="product-price"><?php echo "$".$product_array[$key]["price"]; ?></div>

<div><input type="text" name="quantity" value="1" size="2" /><input type="submit"

value="Add to cart" class="btnAddAction" /></div>

</form>

</div>

<?php

}

?>

</div>

}

</body>

</html>

 OUTPUT:






























at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Blog Archive