- CREATE DATABASE login;
- USE login;
- CREATE TABLE users (
- id int auto_increment,
- primary key(id),
- username varchar(100) unique,
- password varchar(300)
- );
- <?php
- // Initialize the session
- session_start();
- // Unset all of the session variables
- $_SESSION = array();
- // Destroy the session.
- session_destroy();
- // Redirect to login page
- header("location: login.php");
- exit;
- ?>
- <?php
- /* Database credentials. Assuming you are running MySQL
- server with default setting (user 'root' with no password) */
- define('DB_SERVER', 'localhost');
- define('DB_USERNAME', 'root');
- define('DB_PASSWORD', '');
- define('DB_NAME', 'login');
- /* Attempt to connect to MySQL database */
- $link = mysqli_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME);
- // Check connection
- if($link === false){
- die("ERROR: Could not connect. " . mysqli_connect_error());
- }
- ?>
- <?php
- // Initialize the session
- session_start();
- // Include config file
- require_once "config.php";
- // Check if the user is logged in, if not then redirect him to login page
- if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
- header("location: login.php");
- exit;
- }
- $sql = "SELECT id, username FROM users ORDER BY id ASC";
- $result = $link->query($sql);
- ?>
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="UTF-8">
- <title>Welcome</title>
- <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css" integrity="sha384-Vkoo8x4CGsO3+Hhxv8T/Q5PaXtkKtu6ug5TOeNV6gBiFeWPGFN9MuhOf23Q9Ifjh" crossorigin="anonymous">
- <style type="text/css">
- body{ font: 14px sans-serif; text-align: center; }
- </style>
- </head>
- <body>
- <div class="page-header">
- <h1>Hi, <b><?php echo htmlspecialchars($_SESSION["username"]); ?></b>. Welcome to our site.</h1>
- </div>
- <p>
- <a href="reset-password.php" class="btn btn-warning">Reset Your Password</a>
- <a href="logout.php" class="btn btn-danger">Sign Out of Your Account</a>
- </p>
- <div class="container">
- <table class="table">
- <thead>
- <tr>
- <th>#</th>
- <th>Username</th>
- </tr>
- </thead>
- <tbody>
- <?php
- foreach($result as $value) {
- echo "<tr>";
- echo "<td>" . $value['id'] . "</td>";
- echo "<td>" . $value['username'] . "</td>";
- echo "</tr>";
- }
- ?>
- </tbody>
- </table>
- </div>
- </body>
- </html>
- <?php
- // Initialize the session
- session_start();
- // Check if the user is logged in, otherwise redirect to login page
- if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
- header("location: login.php");
- exit;
- }
- // Include config file
- require_once "config.php";
- // Define variables and initialize with empty values
- $new_password = $confirm_password = "";
- $new_password_err = $confirm_password_err = "";
- // Processing form data when form is submitted
- if($_SERVER["REQUEST_METHOD"] == "POST"){
- // Validate new password
- if(empty(trim($_POST["new_password"]))){
- $new_password_err = "Please enter the new password.";
- } elseif(strlen(trim($_POST["new_password"])) < 6){
- $new_password_err = "Password must have atleast 6 characters.";
- } else{
- $new_password = trim($_POST["new_password"]);
- }
- // Validate confirm password
- if(empty(trim($_POST["confirm_password"]))){
- $confirm_password_err = "Please confirm the password.";
- } else{
- $confirm_password = trim($_POST["confirm_password"]);
- if(empty($new_password_err) && ($new_password != $confirm_password)){
- $confirm_password_err = "Password did not match.";
- }
- }
- // Check input errors before updating the database
- if(empty($new_password_err) && empty($confirm_password_err)){
- // Prepare an update statement
- $sql = "UPDATE users SET password = ? WHERE id = ?";
- if($stmt = mysqli_prepare($link, $sql)){
- // Bind variables to the prepared statement as parameters
- mysqli_stmt_bind_param($stmt, "si", $param_password, $param_id);
- // Set parameters
- $param_password = password_hash($new_password, PASSWORD_DEFAULT);
- $param_id = $_SESSION["id"];
- // Attempt to execute the prepared statement
- if(mysqli_stmt_execute($stmt)){
- // Password updated successfully. Destroy the session, and redirect to login page
- session_destroy();
- header("location: login.php");
- exit();
- } else{
- echo "Oops! Something went wrong. Please try again later.";
- }
- // Close statement
- mysqli_stmt_close($stmt);
- }
- }
- // Close connection
- mysqli_close($link);
- }
- ?>
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="UTF-8">
- <title>Reset Password</title>
- <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css" integrity="sha384-Vkoo8x4CGsO3+Hhxv8T/Q5PaXtkKtu6ug5TOeNV6gBiFeWPGFN9MuhOf23Q9Ifjh" crossorigin="anonymous">
- <style type="text/css">
- body{ font: 14px sans-serif; }
- .wrapper{ width: 350px; padding: 20px; }
- </style>
- </head>
- <body>
- <div class="wrapper">
- <h2>Reset Password</h2>
- <p>Please fill out this form to reset your password.</p>
- <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
- <div class="form-group <?php echo (!empty($new_password_err)) ? 'has-error' : ''; ?>">
- <label>New Password</label>
- <input type="password" name="new_password" class="form-control" value="<?php echo $new_password; ?>">
- <span class="help-block"><?php echo $new_password_err; ?></span>
- </div>
- <div class="form-group <?php echo (!empty($confirm_password_err)) ? 'has-error' : ''; ?>">
- <label>Confirm Password</label>
- <input type="password" name="confirm_password" class="form-control">
- <span class="help-block"><?php echo $confirm_password_err; ?></span>
- </div>
- <div class="form-group">
- <input type="submit" class="btn btn-primary" value="Submit">
- <a class="btn btn-link" href="welcome.php">Cancel</a>
- </div>
- </form>
- </div>
- </body>
- </html>
- <?php
- // Initialize the session
- session_start();
- // Check if the user is already logged in, if yes then redirect him to welcome page
- if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){
- header("location: welcome.php");
- exit;
- }
- // Include config file
- require_once "config.php";
- // Define variables and initialize with empty values
- $username = $password = "";
- $username_err = $password_err = "";
- // Processing form data when form is submitted
- if($_SERVER["REQUEST_METHOD"] == "POST"){
- // Check if username is empty
- if(empty(trim($_POST["username"]))){
- $username_err = "Please enter username.";
- } else{
- $username = trim($_POST["username"]);
- }
- // Check if password is empty
- if(empty(trim($_POST["password"]))){
- $password_err = "Please enter your password.";
- } else{
- $password = trim($_POST["password"]);
- }
- // Validate credentials
- if(empty($username_err) && empty($password_err)){
- // Prepare a select statement
- $sql = "SELECT id, username, password FROM users WHERE username = ?";
- if($stmt = mysqli_prepare($link, $sql)){
- // Bind variables to the prepared statement as parameters
- mysqli_stmt_bind_param($stmt, "s", $param_username);
- // Set parameters
- $param_username = $username;
- // Attempt to execute the prepared statement
- if(mysqli_stmt_execute($stmt)){
- // Store result
- mysqli_stmt_store_result($stmt);
- // Check if username exists, if yes then verify password
- if(mysqli_stmt_num_rows($stmt) == 1){
- // Bind result variables
- mysqli_stmt_bind_result($stmt, $id, $username, $hashed_password);
- if(mysqli_stmt_fetch($stmt)){
- if(password_verify($password, $hashed_password)){
- // Password is correct, so start a new session
- session_start();
- // Store data in session variables
- $_SESSION["loggedin"] = true;
- $_SESSION["id"] = $id;
- $_SESSION["username"] = $username;
- // Redirect user to welcome page
- header("location: welcome.php");
- } else{
- // Display an error message if password is not valid
- $password_err = "The password you entered was not valid.";
- }
- }
- } else{
- // Display an error message if username doesn't exist
- $username_err = "No account found with that username.";
- }
- } else{
- echo "Oops! Something went wrong. Please try again later.";
- }
- // Close statement
- mysqli_stmt_close($stmt);
- }
- }
- // Close connection
- mysqli_close($link);
- }
- ?>
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="UTF-8">
- <title>Login</title>
- <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css" integrity="sha384-Vkoo8x4CGsO3+Hhxv8T/Q5PaXtkKtu6ug5TOeNV6gBiFeWPGFN9MuhOf23Q9Ifjh" crossorigin="anonymous">
- <style type="text/css">
- body{ font: 14px sans-serif; }
- .wrapper{ width: 350px; padding: 20px; }
- </style>
- </head>
- <body>
- <div class="wrapper">
- <h2>Login</h2>
- <p>Please fill in your credentials to login.</p>
- <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
- <div class="form-group <?php echo (!empty($username_err)) ? 'has-error' : ''; ?>">
- <label>Username</label>
- <input type="text" name="username" class="form-control" value="<?php echo $username; ?>">
- <span class="help-block"><?php echo $username_err; ?></span>
- </div>
- <div class="form-group <?php echo (!empty($password_err)) ? 'has-error' : ''; ?>">
- <label>Password</label>
- <input type="password" name="password" class="form-control">
- <span class="help-block"><?php echo $password_err; ?></span>
- </div>
- <div class="form-group">
- <input type="submit" class="btn btn-primary" value="Login">
- </div>
- <p>Don't have an account? <a href="register.php">Sign up now</a>.</p>
- </form>
- </div>
- </body>
- </html>
- <?php
- // Include config file
- require_once "config.php";
- // Define variables and initialize with empty values
- $username = $password = $confirm_password = "";
- $username_err = $password_err = $confirm_password_err = "";
- // Processing form data when form is submitted
- if($_SERVER["REQUEST_METHOD"] == "POST"){
- // Validate username
- if(empty(trim($_POST["username"]))){
- $username_err = "Please enter a username.";
- } else{
- // Prepare a select statement
- $sql = "SELECT id FROM users WHERE username = ?";
- if($stmt = mysqli_prepare($link, $sql)){
- // Bind variables to the prepared statement as parameters
- mysqli_stmt_bind_param($stmt, "s", $param_username);
- // Set parameters
- $param_username = trim($_POST["username"]);
- // Attempt to execute the prepared statement
- if(mysqli_stmt_execute($stmt)){
- /* store result */
- mysqli_stmt_store_result($stmt);
- if(mysqli_stmt_num_rows($stmt) == 1){
- $username_err = "This username is already taken.";
- } else{
- $username = trim($_POST["username"]);
- }
- } else{
- echo "Oops! Something went wrong. Please try again later.";
- }
- // Close statement
- mysqli_stmt_close($stmt);
- }
- }
- // Validate password
- if(empty(trim($_POST["password"]))){
- $password_err = "Please enter a password.";
- } elseif(strlen(trim($_POST["password"])) < 6){
- $password_err = "Password must have atleast 6 characters.";
- } else{
- $password = trim($_POST["password"]);
- }
- // Validate confirm password
- if(empty(trim($_POST["confirm_password"]))){
- $confirm_password_err = "Please confirm password.";
- } else{
- $confirm_password = trim($_POST["confirm_password"]);
- if(empty($password_err) && ($password != $confirm_password)){
- $confirm_password_err = "Password did not match.";
- }
- }
- // Check input errors before inserting in database
- if(empty($username_err) && empty($password_err) && empty($confirm_password_err)){
- // Prepare an insert statement
- $sql = "INSERT INTO users (username, password) VALUES (?, ?)";
- if($stmt = mysqli_prepare($link, $sql)){
- // Bind variables to the prepared statement as parameters
- mysqli_stmt_bind_param($stmt, "ss", $param_username, $param_password);
- // Set parameters
- $param_username = $username;
- $param_password = password_hash($password, PASSWORD_DEFAULT); // Creates a password hash
- // Attempt to execute the prepared statement
- if(mysqli_stmt_execute($stmt)){
- // Redirect to login page
- header("location: login.php");
- } else{
- echo "Something went wrong. Please try again later.";
- }
- // Close statement
- mysqli_stmt_close($stmt);
- }
- }
- // Close connection
- mysqli_close($link);
- }
- ?>
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="UTF-8">
- <title>Sign Up</title>
- <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css" integrity="sha384-Vkoo8x4CGsO3+Hhxv8T/Q5PaXtkKtu6ug5TOeNV6gBiFeWPGFN9MuhOf23Q9Ifjh" crossorigin="anonymous">
- <style type="text/css">
- body{ font: 14px sans-serif; }
- .wrapper{ width: 350px; padding: 20px; }
- </style>
- </head>
- <body>
- <div class="wrapper">
- <h2>Sign Up</h2>
- <p>Please fill this form to create an account.</p>
- <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
- <div class="form-group <?php echo (!empty($username_err)) ? 'has-error' : ''; ?>">
- <label>Username</label>
- <input type="text" name="username" class="form-control" value="<?php echo $username; ?>">
- <span class="help-block"><?php echo $username_err; ?></span>
- </div>
- <div class="form-group <?php echo (!empty($password_err)) ? 'has-error' : ''; ?>">
- <label>Password</label>
- <input type="password" name="password" class="form-control" value="<?php echo $password; ?>">
- <span class="help-block"><?php echo $password_err; ?></span>
- </div>
- <div class="form-group <?php echo (!empty($confirm_password_err)) ? 'has-error' : ''; ?>">
- <label>Confirm Password</label>
- <input type="password" name="confirm_password" class="form-control" value="<?php echo $confirm_password; ?>">
- <span class="help-block"><?php echo $confirm_password_err; ?></span>
- </div>
- <div class="form-group">
- <input type="submit" class="btn btn-primary" value="Submit">
- <input type="reset" class="btn btn-default" value="Reset">
- </div>
- <p>Already have an account? <a href="login.php">Login here</a>.</p>
- </form>
- </div>
- </body>
- </html>