<?php
//start session
session_start();
class Database{
//for db
var $host;
var $dbusername;
var $dbpasswd;
var $db;
//for pagination
//max page numbers
var $page_count;
//max contents per page
var $per_page;
function __construct($usr, $pass, $host, $db){
$this->host = $host;
$this->dbusername = $usr;
$this->dbpasswd = $pass;
$this->db = $db;
}
// connect db
function connect(){
$conn = mysql_connect($this->host, $this->dbusername, $this->dbpasswd) or die (mysql_error());
mysql_select_db($this->db, $conn) or die(mysql_error());
return $conn;
}
}//end class db
class LoginRegister extends Database{
//credentials - fname, lname, email, username, password
var $firstname;
var $lastname;
var $email;
var $username;
var $password;
var $date;
function __construct(){
parent::__construct('root', 'jesus', 'localhost', 'testlogin');
}
function Authenticate($user, $passwd){
$username = mysql_real_escape_string($user);
$password = $this->encrypt(mysql_real_escape_string($passwd));
//connect
$conn = $this->connect();
$query = "SELECT * FROM users WHERE username = '$username'";
$res = mysql_query($query);
if (mysql_num_rows($res)==1){
//user exists
$row = mysql_fetch_assoc($res);
$dbusername = $row['username'];
$dbpassword = $row['password'];
$fname = $row['firstname'];
//password check
if ($dbusername == $username && $dbpassword == $password){
//correct passwd
//call function to set something useful for sessions
$_SESSION['username'] = $dbusername;
$_SESSION['fname'] = $fname;
$_SESSION['who'] = 1;
}//end if
else{
//incorrect passwd
return 2;
}//end else
}//end if
else{
//user doesn't exists
return 1;
}//end else
}
function validate($usr, $pass){
$usr = trim($usr);
$pass = trim($pass);
if (empty($usr)&&empty($pass)){
return 5;
}//end if
else if (empty($usr)){
return 3;
}//end elif
else if (empty($pass)){
return 4;
}//end elif
else{
//both field submitted -- Authenticate
//connect to server
$this->connect();
$res = $this->Authenticate($usr, $pass);
return $res;
}//end else
}
function logout(){
session_destroy();
}
function validateemail($email){
$sanitized = filter_var($email, FILTER_SANITIZE_EMAIL);
if (filter_var($sanitized, FILTER_VALIDATE_EMAIL)) {
$this->email = $sanitized;
return 0;
}//end if
else{
return 10;
}//end else
}
function validateusername($usr){
$this->connect();
$usr = mysql_real_escape_string($usr);
$res = mysql_query("SELECT username from users WHERE username = '$usr'") or die(mysql_error());
if(mysql_num_rows($res)>0){
return 11;
}//end if
else{
return 0;
}//end else
}
//call this only after register/validateform is successful
function registerme(){
$conn = $this->connect();
$query = "INSERT INTO users(firstname, lastname, email, username, password, date) VALUES('$this->firstname', '$this->lastname', '$this->email', '$this->username', '$this->password', ' $this->date') ";
mysql_query( $query) or die(mysql_error());
}
function encrypt($pass){
//do all encrypt stuffs here
return sha1($pass);
}
//call this only after register is successful
function validateform(){
$usr = $this->username;
$fname = $this->firstname;
$lname = $this->lastname;
$email = $this->email;
$uname = $this->username;
$passwd = $this->password;
if (strlen($fname )>25 or strlen($lname )>25 or strlen($uname )>25 or strlen($passwd )>25){
return 8;
}//end if
else{
if(strlen($passwd)<6){
return 9;
}//end if
else if (($this->validateusername($usr))>0){
return 11;
}//end elif
else if(($this->validateemail($email))==0){
$this->password = $this->encrypt($passwd);
$this->registerme();
return 0;
}//end if
else{
return 10;
}//end else
}//end else
}
function register($arr){
//array of fname, lname, email, username, password
//form data
$this->firstname = strip_tags($arr['fname']);
$this->lastname = strip_tags($arr['lname']);
$this->email = strip_tags($arr['email']);
$this->username = strtolower(strip_tags($arr['username']));
$password = strip_tags($arr['password']);
$rpassword = strip_tags($arr['rpassword']);
$this->date = Date("Y-m-d H:i:s");
if( $this->firstname && $this->lastname && $this->email && $this->username && $password && $rpassword){
//echo " $date/$firstname $lastname /$email/$username/$password /$rpassword ";
$this->$password = $password ;
if( $this->encrypt($password) == $this->encrypt($rpassword)){
$this->password = $password;
return 0;
}//end if
else{
return 7;
}
}//end if
else{
//blank field(s)
return 6;
}
}
}//end class
class HtmlSms{
/*
error codes
* 0 = successful
* 1 = username wrong
* 2 = password wrong
* 3 = unsubmitted username
* 4 = unsubmitted password
* 5 = empty username and passwd
//registration codes
* 6 empty field
* 7 password don't match
* 8 one field is more than 25 characters
* 9 password field is less than 6
* 10 invalid email
* 11 username already exists // forgot password?
*/
function login(){
$html = <<<HTML
<form method='POST' action = 'index.php?do=login'>
<p>Username: <input name='username' type = 'text'></p>
<p>Password: <input name='password' type = 'password'></p>
<input value = 'login' type = 'submit'>
</form>
<a href='index.php?do=register'>Register</a>
HTML;
echo $html;
}
function register(){
echo "<h1>Register</h1>";
$html = <<<HTML
<form method='POST' action = 'index.php?do=register'>
<html>
<table cellpadding='5px'>
<tr>
<td> Your First Name</td>
<td><input name='fname' type = 'text'> </td>
</tr>
<tr>
<td> Your Last Name</td>
<td><input name='lname' type = 'text'> </td>
</tr>
<tr>
<td> Email address</td>
<td><input name='email' type = 'text'> </td>
</tr>
<tr>
<td> Choose a User Name</td>
<td><input name='username' type = 'text'> </td>
</tr>
<tr>
<td>Choose a password</td>
<td><input name='password' type = 'password'> </td>
</tr>
<tr>
<td>Repeat your password</td>
<td><input name='rpassword' type = 'password'> </td>
</tr>
</table>
</html>
<p> <input name = submit value = 'register' type = 'submit'></p>
</form>
HTML;
echo $html;
}
function error($ecode){
switch($ecode){
case 1:
echo "<p style = 'color:red; font-weight:bold;'>Incorrect Username</p>";
$this->login();
break;
case 2:
echo "<p style = 'color:red; font-weight:bold;'>Incorrect Password</p>";
$this->login();
break;
case 3:
echo "<p style = 'color:red; font-weight:bold;'>Blank usernames are not allowed!</p>";
$this->login();
break;
case 4:
echo "<p style = 'color:red; font-weight:bold;'>Blank passwords are not allowed!</p>";
$this->login();
break;
case 5:
echo "<p style = 'color:red; font-weight:bold;'>Blank usernames and passwords are not allowed!</p>";
$this->login();
break;
case 6:
echo "<p style = 'color:red; font-weight:bold;'>Blank fields are not allowed!. Please fill <b>all</b> fields</p>";
$this->register();
break;
case 7:
echo "<p style = 'color:red; font-weight:bold;'>Passwords doesn't match! </p>";
$this->register();
break;
case 8:
echo "<p style = 'color:red; font-weight:bold;'>No Field can exceed 25 Characters!</p>";
$this->register();
break;
case 9:
echo "<p style = 'color:red; font-weight:bold;'>Your password must be between 6 and 25 characters</p>";
$this->register();
break;
case 10:
echo "<p style = 'color:red; font-weight:bold;'>Your Email is invalid</p>";
$this->register();
break;
case 11:
echo "<p style = 'color:red; font-weight:bold;'>The username is already taken, please choose another one!</p>";
$this->register();
break;
}//end switch
}
}//end class htmlsms
?>
Offline 
Unsolved 
