By GokiSoft.com|
15:30 09/06/2021|
Học PHP
[Share Code] Tìm hiểu GET/POST - Thêm/sửa/xoá tài khoản người dùng - Cookie trong PHP/MySQL
#utility.php
<?php
function fixSqlInjection($str) {
// abc\okok -> abc\\okok
//abc\okok (user) -> abc\okok (server) -> sql (abc\okok) -> xuat hien ky tu \ -> ky tu dac biet -> error query
//abc\okok (user) -> abc\okok (server) -> convert -> abc\\okok -> sql (abc\\okok) -> chinh xac
$str = str_replace('\\', '\\\\', $str);
//abc'okok -> abc\'okok
//abc'okok (user) -> abc'okok (server) -> sql (abc'okok) -> xuat hien ky tu \ -> ky tu dac biet -> error query
//abc'okok (user) -> abc'okok (server) -> convert -> abc\'okok -> sql (abc\'okok) -> chinh xac
$str = str_replace('\'', '\\\'', $str);
return $str;
}
function getPOST($key) {
$value = '';
if (isset($_POST[$key])) {
$value = $_POST[$key];
}
return fixSqlInjection($value);
}
function getCOOKIE($key) {
$value = '';
if (isset($_COOKIE[$key])) {
$value = $_COOKIE[$key];
}
return fixSqlInjection($value);
}
function getGET($key) {
$value = '';
if (isset($_GET[$key])) {
$value = $_GET[$key];
}
return fixSqlInjection($value);
}
function md5Security($pwd) {
return md5(md5($pwd).MD5_PRIVATE_KEY);
}#users.php
<?php
require_once ('db/dbhelper.php');
require_once ('utils/utility.php');
$status = getCOOKIE('status');
if ($status != 'login') {
header('Location: login.php');
die();
}
$userList = executeResult('select * from users');
?>
<!DOCTYPE html>
<html>
<head>
<title>User Management Page</title>
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css">
<!-- jQuery library -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script>
<!-- Popper JS -->
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js"></script>
<!-- Latest compiled JavaScript -->
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container">
<div class="panel panel-primary">
<div class="panel-heading">
<h2 class="text-center">Users Management</h2>
</div>
<div class="panel-body">
<table class="table table-bordered">
<thead>
<tr>
<th>No</th>
<th>Full Name</th>
<th>User Name</th>
<th>Email</th>
<th>Address</th>
<th></th>
<th></th>
</tr>
</thead>
<tbody>
<?php
$count = 0;
foreach ($userList as $item) {
echo '<tr>
<td>'.(++$count).'</td>
<td>'.$item['fullname'].'</td>
<td>'.$item['username'].'</td>
<td>'.$item['email'].'</td>
<td>'.$item['address'].'</td>
<td><button class="btn btn-warning">Edit</button></td>
<td><button class="btn btn-danger" onclick="deleteUser('.$item['id'].')">Delete</button></td>
</tr>';
}
?>
</tbody>
</table>
</div>
</div>
</div>
<script type="text/javascript">
function deleteUser(id) {
var option = confirm('Ban co chac chan muon xoa thong tin nguoi dung khong???')
if(!option) return
$.post('form/form-user.php', {
'action': 'delete',
'id': id
}, function(data) {
location.reload()
})
}
</script>
</body>
</html>#test-cookie.php
<?php
//Them 1 cookie: key => value
//key: username => value: admin
// setcookie('username', 'admin', time()+24*60*60, '/');//them/sua
// setcookie('email', 'tranvandiep.it@gmail.com', time()+24*60*60, '/');//them/sua
//setcookie('username', '', time()-100, '/');//delete -> dua tgian ve qua khu la tu xoa.
// var_dump($_COOKIE);
$username = $email = '';
if (isset($_COOKIE['username'])) {
$username = $_COOKIE['username'];
}
if (isset($_COOKIE['email'])) {
$email = $_COOKIE['email'];
}
echo $username.'-'.$email;#register.php
<?php
require_once ('db/dbhelper.php');
require_once ('utils/utility.php');
require_once ('form/form-register.php');
$status = getCOOKIE('status');
if ($status == 'login') {
header('Location: users.php');
die();
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Register Page</title>
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css">
<!-- jQuery library -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script>
<!-- Popper JS -->
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js"></script>
<!-- Latest compiled JavaScript -->
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container">
<div class="panel panel-primary">
<div class="panel-heading">
<h2 class="text-center">Create New Account</h2>
<?php
if (!empty($username)) {
echo '<h2 class="text-center" style="color: red">Username or email existed!!!</h2>';
}
?>
</div>
<div class="panel-body">
<form method="post">
<div class="form-group">
<label for="usr">Full Name (<font color="red">*</font>):</label>
<input required="true" type="text" class="form-control" id="fullname" name="fullname" value="<?=$fullname?>">
</div>
<div class="form-group">
<label for="usr">User Name (<font color="red">*</font>):</label>
<input required="true" type="text" class="form-control" id="username" name="username" value="<?=$username?>">
</div>
<div class="form-group">
<label for="email">Email (<font color="red">*</font>):</label>
<input required="true" type="email" class="form-control" id="email" name="email" value="<?=$email?>">
</div>
<div class="form-group">
<label for="pwd">Password (<font color="red">*</font>):</label>
<input required="true" type="password" class="form-control" id="pwd" name="password">
</div>
<div class="form-group">
<label for="confirmation_pwd">Confirmation Password (<font color="red">*</font>):</label>
<input required="true" type="password" class="form-control" id="confirmation_pwd" name="confirmation_pwd">
</div>
<div class="form-group">
<label for="address">Address:</label>
<input type="text" class="form-control" id="address" name="address" value="<?=$address?>">
</div>
<p>
<a href="login.php">I have a account</a>
</p>
<button type="submit" class="btn btn-success">Register</button>
</form>
</div>
</div>
</div>
<script type="text/javascript">
$(function() {
$('form').submit(function() {
var pwd = $('#pwd').val()
var confirmPwd = $('#confirmation_pwd').val()
if(pwd != confirmPwd) {
alert('Mat khau khong khop, vui long kiem tra lai!!!')
return false
}
return true
})
})
</script>
</body>
</html>#readme.txt
Nội dung kiến thức
- Thêm/sửa/xoa dữ liệu -> Quản lý tin tức
- Cookie
Ứng dụng trong bài toán login
=================================================
Quản lý thông tin tài khoản người dùng:
- login.php => Hiểu đc lệnh select -> list dữ liệu
- register.php => Hiểu đc lệnh insert
- users.php => Hiển thị thông tin tài khoản người dùng trong database => Thêm/sửa/xoá dữ liệu
=================================================
Các bước để phát triển 1 dự án phần mềm
1) Phân tích CSDL
create table users (
id int primary key auto_increment,
fullname varchar(50) not null,
username varchar(35) not null,
email varchar(150) not null unique,
address varchar(200),
password varchar(32) not null
)
2) Xay dung 1 khung du an
- db
- config.php => Luu thong tin cau hinh (const, define)
- dbhelper.php => Function su dung thao tac database
- utils
- utility.php => Nhung ham thuong xuyen => cho vao day.
3) Phat trien chuc nang cua du an
- 1. register.php#login.php
<?php
require_once ('db/dbhelper.php');
require_once ('utils/utility.php');
require_once ('form/form-login.php');
$status = getCOOKIE('status');
if ($status == 'login') {
header('Location: users.php');
die();
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Login Page</title>
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css">
<!-- jQuery library -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script>
<!-- Popper JS -->
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js"></script>
<!-- Latest compiled JavaScript -->
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container">
<div class="panel panel-primary">
<div class="panel-heading">
<h2 class="text-center">Login</h2>
<?php
if (!empty($email)) {
echo '<h2 class="text-center" style="color: red">Login failed</h2>';
}
?>
</div>
<div class="panel-body">
<form method="post">
<div class="form-group">
<label for="email">Email (<font color="red">*</font>):</label>
<input required="true" type="email" class="form-control" id="email" name="email" value="<?=$email?>">
</div>
<div class="form-group">
<label for="pwd">Password (<font color="red">*</font>):</label>
<input required="true" type="password" class="form-control" id="pwd" name="password">
</div>
<p>
<a href="register.php">Create new account</a>
</p>
<button type="submit" class="btn btn-success">Login</button>
</form>
</div>
</div>
</div>
</body>
</html>#form-user.php
<?php
require_once ('../db/dbhelper.php');
require_once ('../utils/utility.php');
$action = getPOST('action');
switch ($action) {
case 'delete':
doDeleteUser();
break;
}
function doDeleteUser() {
$id = getPOST('id');
$sql = "delete from users where id = $id";
execute($sql);
}#form-register.php
<?php
$username = $fullname = $email = $password = $address = '';
if (!empty($_POST)) {
$username = getPOST('username');
$fullname = getPOST('fullname');
$email = getPOST('email');
$password = getPOST('password');
$address = getPOST('address');
$sql = "select * from users where username = '$username' or email = '$email'";
$result = executeResult($sql);
if ($result == null || count($result) == 0) {
$password = md5Security($password);
$sql = "insert into users(fullname, username, email, password, address) values ('$fullname', '$username', '$email', '$password', '$address')";
execute($sql);
$username = $fullname = $email = $password = $address = '';
}
}#form-login.php
<?php
$username = $fullname = $email = $password = $address = '';
if (!empty($_POST)) {
$email = getPOST('email');
$password = getPOST('password');
$password = md5Security($password);
$sql = "select * from users where email = '$email' and password = '$password'";
$result = executeResult($sql);
if ($result != null && count($result) > 0) {
//login success
setcookie('status', 'login', time()+7*24*60*60, '/');
header('Location: users.php');
die();
}
}#dbhelper.php
<?php
require_once ('config.php');
/**
* Su dung voi cau lenh query: insert, update, delete -> ko tra ve ket qua.
*/
function execute($sql) {
//Mo ket noi toi database
$conn = mysqli_connect(HOST, USERNAME, PASSWORD, DATABASE);
mysqli_set_charset($conn, 'utf8');
//Xu ly cau query
mysqli_query($conn, $sql);
//Dong ket noi database
mysqli_close($conn);
}
/**
* Su dung voi cau lenh query: select.
*/
function executeResult($sql) {
//Mo ket noi toi database
$conn = mysqli_connect(HOST, USERNAME, PASSWORD, DATABASE);
mysqli_set_charset($conn, 'utf8');
// echo $sql;
//Xu ly cau query
$resultset = mysqli_query($conn, $sql);
// var_dump($resultset);
// die();
$data = [];
while (($row = mysqli_fetch_array($resultset, 1)) != null) {
$data[] = $row;
}
/**
* TH: param2 = 1
* $row = [
* 'id' => 1,
* 'title' => '1 - Android Tivi Sony 4K 55 inch KD-55X8000H',
* 'thumbnail' => '12321',
* ...
* ];
*
* TH: param2 = 2
* $row = [1, '1 - Android Tivi Sony 4K 55 inch KD-55X8000H', '12321', ...];
*/
//Dong ket noi database
mysqli_close($conn);
return $data;
}#config.php
<?php
define('HOST', 'localhost');
define('USERNAME', 'root');
define('PASSWORD', '');
define('DATABASE', 'T2008A');
define('MD5_PRIVATE_KEY', '2342kuhskdfsd23(&kusdhfjsgJYGJGsfdf384');Tags:
Phản hồi từ học viên
5
(Dựa trên đánh giá ngày hôm nay)
