Tuesday, July 2, 2013

3 TIRE ARCHITECTURE WITH SESSION IN PHP

conn.php:

<?php

$con=mysqli_connect("localhost","root","","trusttec_db");
// Check connection
if ($con<0)
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }
?>

login.php:

<?php
session_start();
if (isset($_SESSION['username'])) {
header('Location: login_main.php');
}
?>
<!DOCTYPE html>
<html lang="en" >
    <head>
        <meta charset="utf-8" />
        <title>Trust Tech Support &amp; Solutions</title>
        <link href="css/layout.css" rel="stylesheet" type="text/css" />
        <link href="css/modal.css" rel="stylesheet" type="text/css" />
    </head>
    <body>
    <header>
        <h2>Trust Tech Support &amp; Solutions </h2>
            <a href="http://trusttechsupport.us/" class="stuts">Back to <span>Dashbord Site</span></a>      </header>

        <!-- panel with buttons -->
        <div class="main">
            <div class="panel">
                 <a href="customer_search.php" id="login_pop">Customer Search</a>
                <a href="download.php" id="join_pop">Download</a>

            </div>
<br><br>
<article>
  <h1>Welcome Administrator</h1>



  <p><?php

 $date=date_create();

echo date_format($date,"Y-m-d H:i:s");
  ?></p>

  <table  align="center" width="100%" border="0">
<tr>
<td width="31%" height="350" valign="middle"></td>
<td>
<form action="login2.php">
<table>
<tr><td></td><td width="69%"><table width="382"  border="0" align="center">
<tr bgcolor="#CCCCCC">
<td height="49" colspan="2">
<div align="center"><b>Administrator Login</b></div>
</td>
</tr>
<tr>
<td width="128" height="39"><b><font color="#660000">User Name</font></b></td>
<td width="244">
<input type="text" name="username" autofocus="autofocus" required/>
</td>
</tr>
<tr>
<td height="52"><b><font color="#660000">Password</font></b></td>
<td>
<input type="password" name="password" required/>
</td>
</tr>

<tr>
<td> </td>
<td>
<input type="submit" name="Submit" value="Submit">
</td>
</tr>
</table>
</form>
</td>
</tr>
</table></td></tr></table>

  <br><br>
  <br>

  <section>

  </section>
</article>



        </div>


   
<center>@Copyright 2013 Trust Tech Support &amp; Solutions</center>


    </body>
</html>


login2.php:

<?php
session_start();
if (isset($_SESSION['username'])) {
header('Location: login_main.php');
}

?>
<?php
$host="localhost";
$username="root";
$password="";
$db_name="trust_db";
$tbl_name="members";

$link  = mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

$Email=$_REQUEST['username'];
$Password=$_REQUEST['password'];

$Email = stripslashes($Email);
$Password = stripslashes($Password);
$Email = mysql_real_escape_string($Email);
$Password = mysql_real_escape_string($Password);


$sql="SELECT * FROM $tbl_name WHERE username='$Email' AND password ='$Password'";
$result=mysql_query($sql, $link) or die ('Unable to run query:'.mysql_error());


$count=mysql_num_rows($result);


if($count==1){
/* session_register("Email");
session_register("password"); */
$_SESSION['username'] = $_REQUEST['username'];
header("location:login_main.php");
}
else {
echo "Wrong Email or Password";
}

?>


login_main.php:

<?php
include('conn.php');
?>
<?php

// Inialize session
session_start();

// Check, if username session is NOT set then this page will jump to login page
if (!isset($_SESSION['username'])) {
header('Location: login.php');
}

?>
<!DOCTYPE html>
<html lang="en" >
    <head>
        <meta charset="utf-8" />
        <title>Trust Tech Support &amp; Solutions</title>
        <link href="css/layout.css" rel="stylesheet" type="text/css" />
        <link href="css/modal.css" rel="stylesheet" type="text/css" />
<link rel="stylesheet" href="css/style1.css" type="text/css" media="screen"/>
    </head>
    <body>
    <header>
        <h2>Trust Tech Support &amp; Solutions </h2>
            <a href="http://trusttechsupport.us/" class="stuts">Back to <span>Dashbord Site</span></a>      </header>

        <!-- panel with buttons -->
        <div class="main">
            <div class="panel">
   <a href="logout.php" id="login_pop">Log Out</a>
                <a href="remarks.php" id="join_pop">Customer Remarks/Comments</a>
<a href="admin_note.php" id="join_pop">Administrator Notes</a>
<a href="edit.php" id="join_pop">Customer Edit</a>
<a href="search.php" id="join_pop">Customer Search</a>
<a href="login_main.php" id="login_pop">Customer Info</a>
<!-- BEGIN: Powered by Supercounters.com -->
<center><script type="text/javascript" src="http://widget.supercounters.com/online_i.js"></script><script type="text/javascript">sc_online_i(614849,"ffffff","e61c1c");</script><br><noscript><a href="http://www.supercounters.com/">Free Online Counter</a></noscript>
</center>
<!-- END: Powered by Supercounters.com -->

            </div>
<br><br>
<article>
  <h1>Welcome Administrator</h1>



  <p><?php

 $date=date_create();

echo date_format($date,"Y-m-d H:i:s");
  ?>
  <br><br>Welcome...<b><?php echo $_SESSION['username']; ?></b>
</p>
  <br><br>
  <br>

  <section>
  <?php

/* session_start();
$server='localhost';
$db_username='root';
$db_password='';
$database='trust_db';

if(!mysql_connect($server, $db_username, $db_password))
{
echo "not connected";
}
else
{
echo "successfully connected";
} */



/* $con=mysqli_connect("localhost","root","","trust_db");
// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  } */

$result = mysqli_query($con,"SELECT * FROM trust_tech");


//$result = mysqli_query("SELECT * FROM trust_tech");

echo "<table class='table1'>
<tr>
<th>ID</th>
<th>NAME</th>
<th>E-MAIL</th>
<th>PHONE NO</th>
<th>ADDRESS</th>
<th>CITY</th>
<th>STATE</th>
<th>COUNTRY</th>
<th>PIN/ZIP CODE</th>
<th>PACKAGES</th>
<th>SERVICE</th>
<th>DATE</th>
<th>REMARKS</th>

</tr>";

while($row = mysqli_fetch_array($result))
  {
  echo "<tr>";
  echo "<td>" . $row['id'] . "</td>";
  echo "<td>" . $row['name'] . "</td>";
  echo "<td>" . $row['email'] . "</td>";
  echo "<td>" . $row['phone'] . "</td>";
  echo "<td>" . $row['address'] . "</td>";
  echo "<td>" . $row['city'] . "</td>";
  echo "<td>" . $row['state'] . "</td>";
  echo "<td>" . $row['country'] . "</td>";
  echo "<td>" . $row['pincode'] . "</td>";
  echo "<td>" . $row['package'] . "</td>";
  echo "<td>" . $row['service'] . "</td>";
  echo "<td>" . $row['date_reg'] . "</td>";
  echo "<td>" . $row['remarks'] . "</td>";

  echo "</tr>";
  }
echo "</table>";

mysqli_close($con);
?>


  </section>
</article>



        </div>


        <!-- popup form #1 -->
        <a href="#x" class="overlay" id="login_form"></a>
        <div class="popup">
            <h2>Welcome Guest!</h2>
            <p>Please enter your login and password here</p>
            <div>
                <label for="login">Login</label>
                <input type="text" id="login" value="" />
            </div>
            <div>
                <label for="password">Password</label>
                <input type="password" id="password" value="" />
            </div>
            <input type="button" value="Log In" />

            <a class="close" href="#close"></a>
        </div>

        <!-- popup form #2 -->
        <a href="#x" class="overlay" id="join_form"></a>
        <div class="popup">
            <h2>Sign Up</h2>
            <p>Please enter your details here</p>
            <div>
                <label for="email">Login (Email)</label>
                <input type="text" id="email" value="" />
            </div>
            <div>
                <label for="pass">Password</label>
                <input type="password" id="pass" value="" />
            </div>
            <div>
                <label for="firstname">First name</label>
                <input type="text" id="firstname" value="" />
            </div>
            <div>
                <label for="lastname">Last name</label>
                <input type="text" id="lastname" value="" />
            </div>
            <input type="button" value="Sign Up" />&nbsp;&nbsp;&nbsp;or&nbsp;&nbsp;&nbsp;<a href="#login_form" id="login_pop">Log In</a>

            <a class="close" href="#close"></a>
        </div>
<center>@Copyright 2013 Trust Tech Support &amp; Solutions</center>


    </body>
</html>

logout.php:

<?php
session_start();
if(session_destroy())
{
header("Location: login.php");
}
?>


PHP Forms and User Input

The PHP $_GET and $_POST OTHERWISE $_REQUIEST variables are used to retrieve information from forms, like user input.


PHP Form Handling

The most important thing to notice when dealing with HTML forms and PHP is that any form element in an HTML page will automatically be available to your PHP scripts.

Example

The example below contains an HTML form with two input fields and a submit button:
<html>
<body>

<form action="welcome.php" method="post">
Name: <input type="text" name="fname">
Age: <input type="text" name="age">
<input type="submit">
</form>

</body>
</html>
When a user fills out the form above and clicks on the submit button, the form data is sent to a PHP file, called "welcome.php":
"welcome.php" looks like this:
<html>
<body>

Welcome <?php echo $_POST["fname"]; ?>!<br>
You are <?php echo $_POST["age"]; ?> years old.

</body>
</html>
Output could be something like this:
Welcome John!
You are 28 years old.
The PHP $_GET and $_POST variables will be explained in the next chapters.

Form Validation

User input should be validated on the browser whenever possible (by client scripts). Browser validation is faster and reduces the server load.
You should consider server validation if the user input will be inserted into a database. A good way to validate a form on the server is to post the form to itself, instead of jumping to a different page. The user will then get the error messages on the same page as the form. This makes it easier to discover the error.