Basic Content You will copy the existing ("less-insecure") project and paste it into a NEW folder called "more-secure".
Posted: Tue Jul 12, 2022 8:10 am
Basic Content
You will copy the existing ("less-insecure")project and paste it into a NEW folder called"more-secure". Modify the newly copiedversion as described below:
This is my code:
<!DOCTYPE html>
<html>
<head>
<title>Registration & Log In Form</title>
</head>
<style>
html{
background:AliceBlue;
color:Aquamarine;
margin:20px;
padding:20px;
text-align:center;
font-size:20px;
}
input[type=text], input[type=password]{
width: 55%;
padding: 12px 20px;
margin: 8px 0;
display: inline-block;
border: 1px solid #ccc;
border-radius: 4px;
box-sizing: border-box;
}
input[type=submit]{
padding:10px;
width:15%;
color:lightslategray;
}
</style>
<body>
<h1>Registration & Log In Form</h1>
<?php
$error = "";
$host = "sql204.byethost31.com";
$username = "b31_31745947";
$password = "welove145";
$database = "b31_31745947_login";
$access = false;
$connect = new mysqli($host, $username, $password,$database);
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if ($_POST['username'] == '' && $_POST['username'] =='') {
$error = "Please Enter Username and Password ";
} else {
if (isset($_POST['login'])) {
$sql = "SELECT * From login Where username='" .$_POST['username'] . "' and password='" . $_POST['password'] ."'";
$result = $connect->query($sql);
if ($result) {
if ($row = mysqli_num_rows($result) > 0) {
$result1 = mysqli_query($connect, $sql);
while ($row = mysqli_fetch_array($result1)) {
$id = $row['id'];
$num = $row['logins'];
}
$file = $num + 1;
$error = "Access Granted! You have logged in '" . $num . "'times";
$sql1 = "UPDATE `login` SET logins='" . $file . "' WHERE `id`='$id'";
$connect->query($sql1);
$access = true;
} else {
$error = "Access Denied";
}
}
} elseif (isset($_POST['regis'])) {
$sql2 = "INSERT INTO login(username,password,logins) VALUES('" .$_POST['username'] . "','" . $_POST['password'] . "',0)";
$register = $connect->query($sql2);
$error = "Registration Successfully";
}
}
}
?>
<?php
echo "<h2>" . $error . "</h2>"; ?>
<?php
if (!$access) {
?>
<form action="index.php" method="post">
<input type="text" name="username"placeholder="Username"><br>
<input type="password" name="password"placeholder="Password"><br><br>
<input type="submit" name="login" value="Log In">
<input type="submit" name="regis" value="Register">
</div>
</form>
</div>
<?php
}
?>
</body>
</html>
You will copy the existing ("less-insecure")project and paste it into a NEW folder called"more-secure". Modify the newly copiedversion as described below:
This is my code:
<!DOCTYPE html>
<html>
<head>
<title>Registration & Log In Form</title>
</head>
<style>
html{
background:AliceBlue;
color:Aquamarine;
margin:20px;
padding:20px;
text-align:center;
font-size:20px;
}
input[type=text], input[type=password]{
width: 55%;
padding: 12px 20px;
margin: 8px 0;
display: inline-block;
border: 1px solid #ccc;
border-radius: 4px;
box-sizing: border-box;
}
input[type=submit]{
padding:10px;
width:15%;
color:lightslategray;
}
</style>
<body>
<h1>Registration & Log In Form</h1>
<?php
$error = "";
$host = "sql204.byethost31.com";
$username = "b31_31745947";
$password = "welove145";
$database = "b31_31745947_login";
$access = false;
$connect = new mysqli($host, $username, $password,$database);
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if ($_POST['username'] == '' && $_POST['username'] =='') {
$error = "Please Enter Username and Password ";
} else {
if (isset($_POST['login'])) {
$sql = "SELECT * From login Where username='" .$_POST['username'] . "' and password='" . $_POST['password'] ."'";
$result = $connect->query($sql);
if ($result) {
if ($row = mysqli_num_rows($result) > 0) {
$result1 = mysqli_query($connect, $sql);
while ($row = mysqli_fetch_array($result1)) {
$id = $row['id'];
$num = $row['logins'];
}
$file = $num + 1;
$error = "Access Granted! You have logged in '" . $num . "'times";
$sql1 = "UPDATE `login` SET logins='" . $file . "' WHERE `id`='$id'";
$connect->query($sql1);
$access = true;
} else {
$error = "Access Denied";
}
}
} elseif (isset($_POST['regis'])) {
$sql2 = "INSERT INTO login(username,password,logins) VALUES('" .$_POST['username'] . "','" . $_POST['password'] . "',0)";
$register = $connect->query($sql2);
$error = "Registration Successfully";
}
}
}
?>
<?php
echo "<h2>" . $error . "</h2>"; ?>
<?php
if (!$access) {
?>
<form action="index.php" method="post">
<input type="text" name="username"placeholder="Username"><br>
<input type="password" name="password"placeholder="Password"><br><br>
<input type="submit" name="login" value="Log In">
<input type="submit" name="regis" value="Register">
</div>
</form>
</div>
<?php
}
?>
</body>
</html>