0

Hello there i would like someone to have a peek at this code and does it solve the question correctly ?? Are there any mistakes or any improvements i could add ??
Thank you

Question:
1. (a)modify the addnames.php script to read in and store two fields of data – username and password (call your script adduser.php and call the table ‘passwords’).
(b)modify matchname.php to identify when a username and password exists in the database table (call your script checkuser.php ).

Answer:
adduser.php

<?php
  // adduser.php    adds form values to database table (but adds blank row first time!)
  $dbhandle = sqlite_popen("passwords", 0666, $err_msg);
  if(!$dbhandle) die("Could not open the database");

  $query = "CREATE TABLE passwords(username VARCHAR(255), password VARCHAR(6))";
  if(!sqlite_query($dbhandle, $query)){ echo "table not created (maybe already created)"; }

 //$query = "INSERT INTO passwords VALUES('John', '2534')";
 $username = $_POST['username']; 
 $password = $_POST['password']; 
 $query = "INSERT INTO passwords VALUES('$username', '$password')";
//print " sql is $query ";
  if(!sqlite_query($dbhandle, $query)) { echo "Could not insert table row"; }
  //sqlite_query($dbhandle, $query);
 
 $query = sqlite_query($dbhandle, 'SELECT * FROM passwords');  //result set goes into query
 $result = sqlite_fetch_all($query, SQLITE_ASSOC);  //calls columns by name (or NUM for col num eg 0,1..)

 // each result array element contains a row of table. The row holds pairs of row name, row value 
 print_r( $result);  // useful debug - show all results

 foreach ($result as $arow) {
    echo '<br> username: ' . $arow['username'] . '  password: ' . $arow['password'];
   }
 sqlite_close($dbhandle);
?>

<form action='' method=post> 
    Username <input type='text' name='username' /> <br>
    Password <input type='text' name='password' /> <br>
    <input type='submit' value='Submit' /> 
</form>

checkuser.php

<script type="text/javascript">
function validateForm()
{
var x=document.forms["login"]["username"]["password"].value;
if (x==null || x=="")
  {
  alert("Wrong login details");
  return false;
  }
}
</script>
<form name="login" action='' method=post> 
    Username <input type='text' name='username' /> <br>
    Password <input type='text' name='password' /> <br>
    <input type='submit' value='Submit' /> 
</form>
<?php
//     matchnames.php   to see how many times a friends and phoneNo name matches in table  
//     only sees a match if matches once only (not 2 times)
//if (!(isset($_POST['username'])))  { exit; }  // password not sent in ... so exit

 $username = $_POST['username']; 
 $password = $_POST['password']; 

 $dbhandle = sqlite_popen("passwords", 0666, $err_msg);
 if(!$dbhandle) die("Could not open the database");

                               // Count rows with this   
 $sql = "SELECT COUNT(password) from username WHERE name = '$username' AND password = '$password' ";
 $query = sqlite_query($dbhandle, $sql);   // result set goes into query
 $result = sqlite_fetch_all($query, SQLITE_NUM);  //calls columns by num (use ASSOC for col names)
 print_r( $result);  // useful debug - show all results
 // each result array element contains a row of table. The row holds pairs of row name, row value 
 $firstrow = $result[0];    //sql result has just one row - so get the first row
 $rowcount = $firstrow[0];  //the first array element (first column) in that first row
 print "Count result is: $rowcount ";

                               // count rows with this   
  $sql = "SELECT * from username WHERE name = '$username' AND password = '$password' ";
  $query = sqlite_query($dbhandle, $sql);   // result set goes into query
  $result = sqlite_fetch_all($query, SQLITE_NUM);  //calls columns by num (use ASSOC for col names)
  $rowcount = sqlite_num_rows($query);   
  print " Alternative count is $rowcount ";


 if ( $rowcount  != 1)
   {
   print " name didnt match once ";
   // exit;   //  we could stop them trying again with end program
   }
 else
   {
    print " name matched once ";
   }
 sqlite_close($dbhandle);
?>

Edited by infinitus: n/a

1
Contributor
1
Reply
5
Views
5 Years
Discussion Span
Last Post by infinitus
0

I have noticed that checkuser does not work why ??. It does not say weather wrong details are entered or correct its just passive and does not do anything.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.