Professional Documents
Culture Documents
Authentication
Page name: Reg.php
<htm>
<head>
</head>
<body>
<pre>
</pre>
</form>
</body>
</htm>
Page name: Regp.php
<?php
$dbuser="root";
$dbname="northwind";
$spass="";
$dbhost="localhost";
$dbhandle=mysql_connect($dbhost,$dbuser,$spass) or die("Unable to connect to the
database");
$selected=mysql_select_db("northwind",$dbhandle);
if(isset($_POST['username'])){
$ffname=$_POST['fname'];
$flname=$_POST['lname'];
$fuser=$_POST['username'];
$fpass=$_POST['pass'];
$fconfpass=$_POST['confpass'];
} else if ($fpass!=$fconfpass){
echo "Paswords do not match<br />";
echo "<input type='button' value='Try again' onclick='history.back(-1)'
/>";
}
else{
$sfpass=password_hash("$fpass",PASSWORD_DEFAULT,["Cost"=>12]);
mysql_query("INSERT INTO `Registration` (`username`, `firstname`,
`lastname`, `password`) VALUES ('$fuser', '$ffname', '$flname', '$sfpass')");
echo "Record has been added successfully";
}
?>
Page name: login.php
<html>
<head>
<title> User Login</title>
</head>
<body>
<form method="post" action="loginp.php">
<pre>
User Name: <input type="text" name="uname" placeholder="Enter user name"><br/>
Password: <input type="password" name="upass" placeholder="Enter password"><br/>
<input type="submit" name="btnReg" value="Register">
</pre>
</form>
</body>
</html>
<?php
$servername="localhost";
$username = "root";
$password ="";
$database = "northwind";
$conn= mysqli_connect("$servername","$username","$password") or die ("could not connect to
mysql");
mysqli_select_db($conn, "northwind") or die ("no database");
if(isset($_POST['username'])){
$ffname=$_POST['fname'];
$flname=$_POST['lname'];
$fuser=$_POST['username'];
$fpass=$_POST['pass'];
$fconfpass=$_POST['confpass'];
<?php
$dbuser="root";
$dbname="northwind";
$spass="";
$dbhost="localhost";
$dbhandle=mysql_connect($dbhost,$dbuser,$spass) or die("Unable to connect to the
database");
$selected=mysql_select_db("northwind",$dbhandle);
if(isset($_COOKIE['user']) and isset($_COOKIE['passw'])){
$fuser=$_COOKIE['user'];
$fpass=$_COOKIE['passw'];
$query=mysql_query("SELECT * from registration where username='$fuser' and
password='$fpass'");
if(mysql_num_rows($query)>0){
while ($row = mysql_fetch_assoc($query)) {
$storeduname=$row['username'];
$storedpass=$row['password'];
$fprog=$row['Program'];
}
echo "Welcome ".$storeduname. ". This is page 1.<br/>";
echo "You belong to $fprog program.<br />";
ini_set('session.cookie.httponly',true);
session_start();
$_SESSION['sessuser']=$_COOKIE['user'];
echo "<br />";
echo "<a href='page2.php'>Page2</a><br />";
echo "<a href='page3.php'>Page3</a><br />";
} else {
header("location:login.php");
}
} else
{
header("location:login.php");
}
?>