By GokiSoft.com|
20:09 08/05/2021|
Học PHP
[Video] Bài tập - Tạo trang login và register - kết nối CSDL trong PHP - Lập trình PHP/MySQL - C2010L
#users.php
<?php
require_once ('../db/dbhelper.php');
$sql = "select * from bt2276_users";
$userList = executeResult($sql);
?>
<!DOCTYPE html>
<html>
<head>
<title>Users Page</title>
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css">
<!-- jQuery library -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script>
<!-- Popper JS -->
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js"></script>
<!-- Latest compiled JavaScript -->
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container">
<div class="panel panel-primary">
<div class="panel-heading">
<h2 class="text-center">Users Page</h2>
</div>
<div class="panel-body">
<table class="table table-bordered">
<thead>
<tr>
<th>No</th>
<th>User Name</th>
<th>Email</th>
<th style="width: 50px;"></th>
<th style="width: 50px;"></th>
</tr>
</thead>
<tbody>
<?php
$count = 0;
foreach ($userList as $item) {
echo '<tr>
<td>'.(++$count).'</td>
<td>'.$item['username'].'</td>
<td>'.$item['email'].'</td>
<td><button class="btn btn-warning">Edit</button></td>
<td><button class="btn btn-danger" onclick="deleteUsers(\''.$item['username'].'\')">Delete</button></td>
</tr>';
}
?>
</tbody>
</table>
</div>
</div>
</div>
<script type="text/javascript">
function deleteUsers(username) {
option = confirm('Are you sure to delete this user?')
if(!option) return
$.post('form-delete.php', {
'username': username
}, function(data) {//callback -> khi du lieu dc tra ve tu server
location.reload() //load website -> khong load cung dc -> su dung jquery de update data -> tuy vao nghiep cua du an.
})
}
</script>
</body>
</html>#register.php
<?php
require_once ('form-user.php');
?>
<!DOCTYPE html>
<html>
<head>
<title>Registation Page</title>
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css">
<!-- jQuery library -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script>
<!-- Popper JS -->
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js"></script>
<!-- Latest compiled JavaScript -->
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container">
<div class="panel panel-primary">
<div class="panel-heading">
<h2 class="text-center">Registation Page</h2>
</div>
<div class="panel-body">
<form method="post" id="RegisterForm">
<div class="form-group">
<label for="usr">User Name:</label>
<input required="true" type="text" class="form-control" id="usr" name="username" pattern="[a-zA-Z0-9]{3,}">
</div>
<div class="form-group">
<label for="email">Email:</label>
<input required="true" type="email" class="form-control" id="email" name="email">
</div>
<div class="form-group">
<label for="pwd">Password:</label>
<input required="true" type="password" class="form-control" id="pwd" name="password">
</div>
<div class="form-group">
<label for="confirmation_pwd">Confirmation Password:</label>
<input required="true" type="password" class="form-control" id="confirmation_pwd" name="confirmation_pwd">
</div>
<button class="btn btn-success">Register</button>
</form>
</div>
</div>
</div>
<script type="text/javascript">
$(function() {
$('#RegisterForm').submit(function() {
if($('[name=password]').val() != $('[name=confirmation_pwd]').val()) {
alert('Password is not matching, plz check it again!!!')
return false;
}
return true;
})
})
</script>
</body>
</html>#login.php
<?php
require_once ('form-login.php');
?>
<!DOCTYPE html>
<html>
<head>
<title>Registation Page</title>
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css">
<!-- jQuery library -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script>
<!-- Popper JS -->
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js"></script>
<!-- Latest compiled JavaScript -->
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container">
<div class="panel panel-primary">
<div class="panel-heading">
<h2 class="text-center">Login Page</h2>
</div>
<div class="panel-body">
<form method="post">
<div class="form-group">
<label for="usr">User Name:</label>
<input required="true" type="text" class="form-control" id="usr" name="username" pattern="[a-zA-Z0-9]{3,}">
</div>
<div class="form-group">
<label for="pwd">Password:</label>
<input required="true" type="password" class="form-control" id="pwd" name="password">
</div>
<button class="btn btn-success">Login</button>
</form>
</div>
</div>
</div>
</body>
</html>#form-user.php
<?php
require_once ('../db/dbhelper.php');
$username = $password = $email = '';
if (!empty($_POST)) {
$username = getPOST('username');
$password = getPOST('password');
$email = getPOST('email');
if ($username != '' && $password != '' && $email != '') {
//save user into database
$password = getPwdSecurity($password);
$sql = "insert into bt2276_users (username, password, email) values ('$username', '$password', '$email')";
// echo $sql;//SQL Injection
execute($sql);
//chuyen sang trang login.php
header('Location: login.php');
die();
}
}#form-login.php
<?php
require_once ('../db/dbhelper.php');
$username = $password = '';
if (!empty($_POST)) {
$username = getPOST('username');
$password = getPOST('password');
if ($username != '' && $password != '') {
//save user into database
$password = getPwdSecurity($password);
$sql = "select * from bt2276_users where username = '$username' and password = '$password'";
$users = executeResult($sql);
if ($users != null && count($users) > 0) {
//login successfully
//chuyen sang trang login.php
header('Location: users.php');
die();
}
}
}#form-delete.php
<?php
require_once ('../db/dbhelper.php');
$username = '';
if (!empty($_POST)) {
$username = getPOST('username');
if ($username != '') {
$sql = "delete from bt2276_users where username = '$username'";
execute($sql);
}
}#readme.txt
B1. Thiết kế database
create table users (
username varchar(50) primary key,
email varchar(150) not null,
password varchar(32)
)
B2. Phát triển các chức năng trong dự án
Phân tích:
- register.php
- login.php
- users.php -> Hiển thị danh sách người dùng trong database
- Phát triển các thư viên sử dụng cho dự án trước -> xây dựng bộ khung dự án -> xây dựng 1 framework của dự án.
- config.php
- dbhelper.php#dbhelper.php
<?php
require_once ('config.php');
/**
* Su dung cho lenh: insert/update/delete
*/
function execute($sql) {
// Them du lieu vao database
//B1. Mo ket noi toi database
$conn = mysqli_connect(HOST, USERNAME, PASSWORD, DATABASE);
mysqli_set_charset($conn, 'utf8');
//B2. Thuc hien truy van insert
mysqli_query($conn, $sql);
//B3. Dong ket noi database
mysqli_close($conn);
}
/**
* Su dung cho lenh: select
*/
function executeResult($sql) {
// Them du lieu vao database
//B1. Mo ket noi toi database
$conn = mysqli_connect(HOST, USERNAME, PASSWORD, DATABASE);
mysqli_set_charset($conn, 'utf8');
//B2. Thuc hien truy van insert
$resultset = mysqli_query($conn, $sql);
$data = [];
while (($row = mysqli_fetch_array($resultset, 1)) != null) {
$data[] = $row;
}
//B3. Dong ket noi database
mysqli_close($conn);
return $data;
}
function getPwdSecurity($pwd) {
return md5(md5($pwd).MD5_PRIVATE_KEY);
}
function getGET($key) {
$value = '';
if (isset($_GET[$key])) {
$value = $_GET[$key];
}
$value = fixSqlInjection($value);
return $value;
}
function getPOST($key) {
$value = '';
if (isset($_POST[$key])) {
$value = $_POST[$key];
}
$value = fixSqlInjection($value);
return $value;
}
function fixSqlInjection($str) {
$str = str_replace("\\", "\\\\", $str);
$str = str_replace("'", "\'", $str);
return $str;
}#config.php
<?php
define('HOST', 'localhost');
define('USERNAME', 'root');
define('PASSWORD', '');
define('DATABASE', 'C2010L');
define('MD5_PRIVATE_KEY', '09JJJjhh7834jHJG876312^&%shjdgsjagdasKoks');Tags:
Phản hồi từ học viên
5
(Dựa trên đánh giá ngày hôm nay)