· 4 years ago · Apr 18, 2021, 05:46 PM
1Nejdříve začneme vytvořením tabulky v MySQL konzoli (Třeba v phpMyAdmin):
2
3CREATE TABLE users (
4 id INT NOT NULL PRIMARY KEY AUTO_INCREMENT,
5 username VARCHAR(50) NOT NULL UNIQUE,
6 password VARCHAR(255) NOT NULL,
7 created_at DATETIME DEFAULT CURRENT_TIMESTAMP
8);
9
10Pokračujeme vytvořením složky "backward" v kořenovém adresáři webu.
11
12A sypeme do něj tyto soubory:
13
14register.php:
15
16<?php
17
18require_once "config.php";
19
20
21$username = $password = $confirm_password = "";
22$username_err = $password_err = $confirm_password_err = "";
23
24
25if($_SERVER["REQUEST_METHOD"] == "POST"){
26
27
28 if(empty(trim($_POST["username"]))){
29 $username_err = "Prosím zadej přezdívku!";
30 } else{
31 $sql = "SELECT id FROM users WHERE username = ?";
32
33 if($stmt = mysqli_prepare($link, $sql)){
34 mysqli_stmt_bind_param($stmt, "s", $param_username);
35
36 $param_username = trim($_POST["username"]);
37
38 if(mysqli_stmt_execute($stmt)){
39 mysqli_stmt_store_result($stmt);
40
41 if(mysqli_stmt_num_rows($stmt) == 1){
42 $username_err = "Tato převzdívka je již registrovaná.";
43 } else{
44 $username = trim($_POST["username"]);
45 }
46 } else{
47 echo "Nastala chyba, zkus to znovu.";
48 }
49
50 mysqli_stmt_close($stmt);
51 }
52 }
53
54 if(empty(trim($_POST["password"]))){
55 $password_err = "Prosím zadej heslo.";
56 } elseif(strlen(trim($_POST["password"])) < 6){
57 $password_err = "Heslo musi mít minimálně 6 znaků.";
58 } else{
59 $password = trim($_POST["password"]);
60 }
61
62 if(empty(trim($_POST["confirm_password"]))){
63 $confirm_password_err = "Zadej heslo ještě jednou.";
64 } else{
65 $confirm_password = trim($_POST["confirm_password"]);
66 if(empty($password_err) && ($password != $confirm_password)){
67 $confirm_password_err = "Hesla se neschodují.";
68 }
69 }
70
71 if(empty($username_err) && empty($password_err) && empty($confirm_password_err)){
72
73 $sql = "INSERT INTO users (username, password) VALUES (?, ?)";
74
75 if($stmt = mysqli_prepare($link, $sql)){
76 mysqli_stmt_bind_param($stmt, "ss", $param_username, $param_password);
77
78 $param_username = $username;
79 $param_password = password_hash($password, PASSWORD_DEFAULT);
80 if(mysqli_stmt_execute($stmt)){
81 header("location: login.php");
82 } else{
83 echo "Nastala chyba.";
84 }
85
86 mysqli_stmt_close($stmt);
87 }
88 }
89
90 mysqli_close($link);
91}
92?>
93
94<!DOCTYPE html>
95<html lang="en">
96<head>
97 <meta charset="UTF-8">
98</head>
99<body>
100 <div class="wrapper">
101 <h2>Sign Up</h2>
102 <p>Please fill this form to create an account.</p>
103 <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
104 <div class="form-group">
105 <label>Přezdívka</label>
106 <input type="text" name="username" class="form-control <?php echo (!empty($username_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $username; ?>">
107 <span class="invalid-feedback"><?php echo $username_err; ?></span>
108 </div>
109 <div class="form-group">
110 <label>Heslo</label>
111 <input type="password" name="password" class="form-control <?php echo (!empty($password_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $password; ?>">
112 <span class="invalid-feedback"><?php echo $password_err; ?></span>
113 </div>
114 <div class="form-group">
115 <label>Potvrzení hesla</label>
116 <input type="password" name="confirm_password" class="form-control <?php echo (!empty($confirm_password_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $confirm_password; ?>">
117 <span class="invalid-feedback"><?php echo $confirm_password_err; ?></span>
118 </div>
119 <div class="form-group">
120 <label>E-Mail</label>
121 <input type="email" name="mail" class="form-control <?php echo (!empty($username_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $mail; ?>">
122 <span class="invalid-feedback"><?php echo $username_err; ?></span>
123 </div>
124 <div class="form-group">
125 <input type="submit" class="btn btn-primary" value="Submit">
126 <input type="reset" class="btn btn-secondary ml-2" value="Reset">
127 </div>
128 <p>Už máš účet? <a href="login.php">Přihlaš se zde.</a>.</p>
129 </form>
130 </div>
131</body>
132</html>
133
134login.php:
135
136<?php
137// Initialize the session
138session_start();
139
140// Check if the user is already logged in, if yes then redirect him to welcome page
141if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){
142 header("location: welcome.php");
143 exit;
144}
145
146// Include config file
147require_once "config.php";
148
149// Define variables and initialize with empty values
150$username = $password = "";
151$username_err = $password_err = $login_err = "";
152
153// Processing form data when form is submitted
154if($_SERVER["REQUEST_METHOD"] == "POST"){
155
156 // Check if username is empty
157 if(empty(trim($_POST["username"]))){
158 $username_err = "Please enter username.";
159 } else{
160 $username = trim($_POST["username"]);
161 }
162
163 // Check if password is empty
164 if(empty(trim($_POST["password"]))){
165 $password_err = "Please enter your password.";
166 } else{
167 $password = trim($_POST["password"]);
168 }
169
170 // Validate credentials
171 if(empty($username_err) && empty($password_err)){
172 // Prepare a select statement
173 $sql = "SELECT id, username, password FROM users WHERE username = ?";
174
175 if($stmt = mysqli_prepare($link, $sql)){
176 // Bind variables to the prepared statement as parameters
177 mysqli_stmt_bind_param($stmt, "s", $param_username);
178
179 // Set parameters
180 $param_username = $username;
181
182 // Attempt to execute the prepared statement
183 if(mysqli_stmt_execute($stmt)){
184 // Store result
185 mysqli_stmt_store_result($stmt);
186
187 // Check if username exists, if yes then verify password
188 if(mysqli_stmt_num_rows($stmt) == 1){
189 // Bind result variables
190 mysqli_stmt_bind_result($stmt, $id, $username, $hashed_password);
191 if(mysqli_stmt_fetch($stmt)){
192 if(password_verify($password, $hashed_password)){
193 // Password is correct, so start a new session
194 session_start();
195
196 // Store data in session variables
197 $_SESSION["loggedin"] = true;
198 $_SESSION["id"] = $id;
199 $_SESSION["username"] = $username;
200
201 // Redirect user to welcome page
202 header("location: welcome.php");
203 } else{
204 // Password is not valid, display a generic error message
205 $login_err = "Invalid username or password.";
206 }
207 }
208 } else{
209 // Username doesn't exist, display a generic error message
210 $login_err = "Invalid username or password.";
211 }
212 } else{
213 echo "Oops! Something went wrong. Please try again later.";
214 }
215
216 // Close statement
217 mysqli_stmt_close($stmt);
218 }
219 }
220
221 // Close connection
222 mysqli_close($link);
223}
224?>
225
226<!DOCTYPE html>
227<html lang="en">
228<head>
229 <meta charset="UTF-8">
230 <title>Pepik - Internet pre deti # Prihlásenie k účtu </title>
231</head>
232<body>
233 <div class="wrapper">
234 <h2>Prihlásenie k účtu</h2>
235 <p>Zadaj svoje prihlasovacie údaje</p>
236
237 <?php
238 if(!empty($login_err)){
239 echo '<div class="alert alert-danger">' . $login_err . '</div>';
240 }
241 ?>
242
243 <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
244 <div class="form-group">
245 <label>Prezývka</label>
246 <input type="text" name="username" class="form-control <?php echo (!empty($username_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $username; ?>">
247 <span class="invalid-feedback"><?php echo $username_err; ?></span>
248 </div>
249 <div class="form-group">
250 <label>Heslo</label>
251 <input type="password" name="password" class="form-control <?php echo (!empty($password_err)) ? 'is-invalid' : ''; ?>">
252 <span class="invalid-feedback"><?php echo $password_err; ?></span>
253 </div>
254 <div class="form-group">
255 <input type="submit" class="btn btn-primary" value="Login">
256 </div>
257 <p>Nemáš účet? <a href="register.php">Zaregistruj sa!</a>.</p>
258 </form>
259 </div>
260</body>
261</html>
262
263welcome.php:
264
265<?php
266
267session_start();
268
269
270if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
271 header("location: login.php");
272 exit;
273}
274?>
275
276<!DOCTYPE html>
277<html lang="en">
278<head>
279 <meta charset="UTF-8">
280 <meta http-equiv="refresh" content="8;url=/u/prehled.php">
281 <title>Pepik - Internet pre deti # Vitaj</title>
282</head>
283<body>
284<script src="/script/hlavicka/hlavicka_obecna.js">
285</script>
286<h3><p style="text-align: center">Vitaj späť <?php echo htmlspecialchars($_SESSION["username"]); ?>!</p></h3>
287<p style="text-align: center"><i>Občas sa môže stať, že ťa prehliadač automaticky nepresunie na hlavnú adresu, ak sa tak stalo, <a href="/u/prehled.php">klikni tu</a>.</i></p>
288<script src="/script/paticka/paticka_obecna.js">
289</script>
290</body>
291</html>
292
293reset-password.php:
294
295<?php
296
297session_start();
298
299if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
300 header("location: login.php");
301 exit;
302}
303
304require_once "config.php";
305
306$new_password = $confirm_password = "";
307$new_password_err = $confirm_password_err = "";
308
309if($_SERVER["REQUEST_METHOD"] == "POST"){
310
311 if(empty(trim($_POST["new_password"]))){
312 $new_password_err = "Prosím zadaj nové heslo.";
313 } elseif(strlen(trim($_POST["new_password"])) < 6){
314 $new_password_err = "Heslo musí mať aspoň 6 znakov.";
315 } else{
316 $new_password = trim($_POST["new_password"]);
317 }
318
319 if(empty(trim($_POST["confirm_password"]))){
320 $confirm_password_err = "Prosím potvrď nové heslo.";
321 } else{
322 $confirm_password = trim($_POST["confirm_password"]);
323 if(empty($new_password_err) && ($new_password != $confirm_password)){
324 $confirm_password_err = "Heslá sa nezhodujú.";
325 }
326 }
327
328 if(empty($new_password_err) && empty($confirm_password_err)){
329 // Prepare an update statement
330 $sql = "UPDATE users SET password = ? WHERE id = ?";
331
332 if($stmt = mysqli_prepare($link, $sql)){
333 mysqli_stmt_bind_param($stmt, "si", $param_password, $param_id);
334
335 $param_password = password_hash($new_password, PASSWORD_DEFAULT);
336 $param_id = $_SESSION["id"];
337
338 if(mysqli_stmt_execute($stmt)){
339 session_destroy();
340 header("location: login.php");
341 exit();
342 } else{
343 echo "Ale nie! Nastala chyba, skús to znova!";
344 }
345
346 mysqli_stmt_close($stmt);
347 }
348 }
349
350 mysqli_close($link);
351}
352?>
353
354<!DOCTYPE html>
355<html lang="en">
356<head>
357 <meta charset="UTF-8">
358 <title>Pepik - Internet pre deti # Zmena hesla</title>
359</head>
360<body>
361 <div class="wrapper">
362 <h2>Zmena hesla</h2>
363 <p>Vyplň tento formulár, aby sa ti zmenilo heslo!</p>
364 <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
365 <div class="form-group">
366 <label>Nové heslo</label>
367 <input type="password" name="new_password" class="form-control <?php echo (!empty($new_password_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $new_password; ?>">
368 <span class="invalid-feedback"><?php echo $new_password_err; ?></span>
369 </div>
370 <div class="form-group">
371 <label>Potvrdenie hesla</label>
372 <input type="password" name="confirm_password" class="form-control <?php echo (!empty($confirm_password_err)) ? 'is-invalid' : ''; ?>">
373 <span class="invalid-feedback"><?php echo $confirm_password_err; ?></span>
374 </div>
375 <div class="form-group">
376 <input type="submit" class="btn btn-primary" value="Odoslať">
377 <a href="/index.php">Zrušiť</a>
378 </div>
379 </form>
380 </div>
381</body>
382</html>
383
384logout.php:
385
386<?php
387session_start();
388
389$_SESSION = array();
390
391session_destroy();
392
393header("location: login.php");
394exit;
395?>
396
397config.php:
398
399<?php
400define('DB_SERVER', 'free1db.zikum.cz');
401define('DB_USERNAME', 'pepik_webowna_cz');
402define('DB_PASSWORD', 'I..W4d7S4Xuc8b');
403define('DB_NAME', 'pepik_webowna_cz');
404
405$link = mysqli_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME);
406
407Pak v kořeni vyrob ještě složku "u" a vlož do něj soubor prehled.php s tímto obsahem:
408
409<html>
410 <?php
411
412session_start();
413
414
415if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
416 header("location: login.php");
417 exit;
418}
419?>
420<head>
421<html>
422 <title>
423 Pepik - Internet pre deti # Prehľad používateľského účtu
424 </title>
425 </head>
426
427 <body>
428 <meta charset="UTF-8">
429 <script src="/script/hlavicka/hlavicka_obecna.js">
430 </script>
431 <p> Tvoja prezývka:</p><?php echo htmlspecialchars($_SESSION["username"]); ?><br><br>
432 <a href="/backward/logout.php">Odhlásiť sa</a>
433 <a href="/backward/reset-password.php">Zmeniť heslo</a>
434 <a href="/backward/zapomenot-ucet.php">Zabudnúť účet</a>
435 <script src="/script/paticka/paticka_obecna.js">
436</body>
437</html>
438
439
440Aby jsi dodržoval GDPR, tak doporučuju si to to nějak ošéfovat, tak aby jsi měl někde nějaké podmínky a v nich napsáno něco ve stylu, aby mladším 15-ti let vyrobili účet rodiče a vyrob si vlastní formulář pro zapomenutí účtu :) Soubory jsem nijak neupravoval, proto si to asi budeš muset upravit, jelikož na webu asi nemáš soubor /script/hlavicka/hlavicka_obecna.js , taky jazyk je slovenský (Někde mi z testování dokonce zbyla ještě angličtina), vše se dá jednoduše přeložit. Píšu to napodruhé (kvůli Windows), tak ti to snad bude fungovat a popsal jsem to srozumitelně.