How JustAnswer Works:

  • Ask an Expert
    Experts are full of valuable knowledge and are ready to help with any question. Credentials confirmed by a Fortune 500 verification firm.
  • Get a Professional Answer
    Via email, text message, or notification as you wait on our site.
    Ask follow up questions if you need to.
  • 100% Satisfaction Guarantee
    Rate the answer you receive.

Ask TheDoctor Your Own Question

TheDoctor
TheDoctor, Professional w/Adv. Degree
Category: Homework
Satisfied Customers: 1757
Experience:  M.S. in Internet Information Systems
59032869
Type Your Homework Question Here...
TheDoctor is online now
A new question is answered every 9 seconds

I need some help fixing my php login code.

This answer was rated:

I need some help fixing my php login code.
Hello and thank you for your question. Is this for an assignment or course work? It is alright if it is.

Please send me the code that you have. Also, you can export your database from PHPMyAdmin. Take all of the files and zip them up. Then upload the zip file to http://ge.tt

Once uploaded, you will be given a link on the right. Click on the 'Copy Link' option and then paste it here.

Thank you
Customer: replied 3 years ago.

Heres the gett link: http://ge.tt/4J1An7y/v/0?c


 


Also, here is an example page of how the log on is supposed to work. I also need help with the delete function and the log out button.


 


http://web.engr.oregonstate.edu/~sagalynr/php_example/index.php

Thank you. I will review your files and get back to you soon.
Customer: replied 3 years ago.

Obviously this is for a school assignment. Can you explain what you are doing? Maybe online?


 

Yes.

Once I have had a chance to fully review your code, I will provide a detailed explanation for you.
Customer: replied 3 years ago.

Thx


 

Hello again!

Please download the files here:

DOWNLOAD

The login.php file contains the changes.

And here is the explanation:

First, you where checking if $_POST was set. It is better to do $_SERVER['REQUEST_METHOD'] == 'POST'

Next, you did not have all of your code for processing on post inside of that conditional. That was just a simple mistake and it resulted in a couple warnings if your PHP is set up to display warnings. I fixed that for you.

If you are running queries with passed-in data from a form, you should use prepared statements, as it automatically escapes the data. You were doing this one one of the queries but not the others.

If you look at the new code line by line, you can easily see what is being done. Your code was almost there and pretty good, so you obviously have a good understanding of this stuff.

First, we run a query to look for a password XXXXX on the entered username.

That is on line 21. We set the returned password XXXXX the $result variable. If the passed-in password XXXXX the form is equal to the result, then we redirect the user to the todo page and exit. If you do not exit, the page will technically continue to be processed by the server even after it has redirected the user. So it is best practice to always exit after a header redirect. You were having a link display for the user to click and go to the todo page after successful log in. However, you can simply redirect the user to the todo page, as I have done here.

Next, if the password XXXXX not match but there IS a password XXXXX then the user typed in a username that exists in the database but the incorrect password. The page sets a variable for a user message to tell the user that it is the Incorrect Login. This is displayed on the page.

Then there is another else... this time it means that $result is empty. That means that the user name does not exist in the database. So it goes ahead and inserts it in the exact same way that your code was doing. But now, it also creates a message to let the user know that a new user has been created and is displayed on the page.

I think that covers everything that is going on in the script. If you have any questions at all about any of the code, just let me know and I will explain it. I'm here to help!

If you require assistance in the future, please feel free to request me directly by starting your question with **For TheDoctor**.

Please remember to rate my answer. Thank you so much and have a wonderful day!
Customer: replied 3 years ago.

Want to fix a couple other issues? I'll rate you as excellent as you did exactly what I need. But I have 3 other things I can't get to work-



  • I need a delete button on each todo list item that removes it from the database and from the screen. (see the example site)



  • I need a log out button in the upper right corner

  • I need the session variables to work so that a person can't get to the ToDo page unless they log in.


 


How much to fix these things?

Hello again!

I'll make these edits for you. Once they are complete and you provide a positive rating, you can leave a bonus of however much you want to leave.

I will contact you once these additional changes are ready.

Thank you
Customer: replied 3 years ago.

The link in the original package has an example of what its supposed to do if that helps.


Thank you. Can I ask questions about what you've done after I get a chance to look at the code?


 

Hello again,

Yes, you can ask questions.

The example link that you gave me goes to a page that allows you to enter a string, a substring, and then remove part of the string. It doesn't have anything related to logins or todo lists.
Customer: replied 3 years ago.

http://web.engr.oregonstate.edu/~sagalynr/login/index.php


 


Actually, this one doesn't have the todo page working. But I think mine is close. Its supposed to have a delete link next to each listed todo item below the input box. That link deletes the todo item from the db and from the page.


 


Thanks.


 

Tell me a little more about the todo items, as it may require a database change?

Can a user have more than 3 todo items? If so, your database currently violates 1st Normal Form and will need a slight change. I can easily do that, just let me know about these todo items.

Thank you
Customer: replied 3 years ago.

I don't mind if it violates that rule- I'm aware I should use a second databse for the todo items, but its not critical. I'll let you be the judge. I do understand about primary keys and foreign keys.


A user can have more that 3 items, but I need to make sure I understand how you do that- I sure couldn't do that now.


 


Thanks. Again.


Wayne

Customer: replied 3 years ago.

If I want to remove the ability to add a new user (register) how will I do that? The actual assignment doesn't require that. I can just check against two preloaded users, test 1/ password XXXXX and test 2/password XXXXX


 


Thanks

I'll remove it along with these other changes and let you know what I did. Thank you.
THIS ANSWER IS LOCKED!

You need to spend $3 to view this post. Add Funds to your account and buy credits.
TheDoctor and 2 other Homework Specialists are ready to help you