Hello there i would like someone to have a peek at this code and does it solve the question correctly ?? Are there any mistakes or any improvements i could add ??
Thank you
Question:
1. (a)modify the addnames.php script to read in and store two fields of data – username and password (call your script adduser.php and call the table ‘passwords’).
(b)modify matchname.php to identify when a username and password exists in the database table (call your script checkuser.php ).
Answer:
adduser.php
<?php
// adduser.php adds form values to database table (but adds blank row first time!)
$dbhandle = sqlite_popen("passwords", 0666, $err_msg);
if(!$dbhandle) die("Could not open the database");
$query = "CREATE TABLE passwords(username VARCHAR(255), password VARCHAR(6))";
if(!sqlite_query($dbhandle, $query)){ echo "table not created (maybe already created)"; }
//$query = "INSERT INTO passwords VALUES('John', '2534')";
$username = $_POST['username'];
$password = $_POST['password'];
$query = "INSERT INTO passwords VALUES('$username', '$password')";
//print " sql is $query ";
if(!sqlite_query($dbhandle, $query)) { echo "Could not insert table row"; }
//sqlite_query($dbhandle, $query);
$query = sqlite_query($dbhandle, 'SELECT * FROM passwords'); //result set goes into query
$result = sqlite_fetch_all($query, SQLITE_ASSOC); //calls columns by name (or NUM for col num eg 0,1..)
// each result array element contains a row of table. The row holds pairs of row name, row value
print_r( $result); // useful debug - show all results
foreach ($result as $arow) {
echo '<br> username: ' . $arow['username'] . ' password: ' . $arow['password'];
}
sqlite_close($dbhandle);
?>
<form action='' method=post>
Username <input type='text' name='username' /> <br>
Password <input type='text' name='password' /> <br>
<input type='submit' value='Submit' />
</form>
checkuser.php
<script type="text/javascript">
function validateForm()
{
var x=document.forms["login"]["username"]["password"].value;
if (x==null || x=="")
{
alert("Wrong login details");
return false;
}
}
</script>
<form name="login" action='' method=post>
Username <input type='text' name='username' /> <br>
Password <input type='text' name='password' /> <br>
<input type='submit' value='Submit' />
</form>
<?php
// matchnames.php to see how many times a friends and phoneNo name matches in table
// only sees a match if matches once only (not 2 times)
//if (!(isset($_POST['username']))) { exit; } // password not sent in ... so exit
$username = $_POST['username'];
$password = $_POST['password'];
$dbhandle = sqlite_popen("passwords", 0666, $err_msg);
if(!$dbhandle) die("Could not open the database");
// Count rows with this
$sql = "SELECT COUNT(password) from username WHERE name = '$username' AND password = '$password' ";
$query = sqlite_query($dbhandle, $sql); // result set goes into query
$result = sqlite_fetch_all($query, SQLITE_NUM); //calls columns by num (use ASSOC for col names)
print_r( $result); // useful debug - show all results
// each result array element contains a row of table. The row holds pairs of row name, row value
$firstrow = $result[0]; //sql result has just one row - so get the first row
$rowcount = $firstrow[0]; //the first array element (first column) in that first row
print "Count result is: $rowcount ";
// count rows with this
$sql = "SELECT * from username WHERE name = '$username' AND password = '$password' ";
$query = sqlite_query($dbhandle, $sql); // result set goes into query
$result = sqlite_fetch_all($query, SQLITE_NUM); //calls columns by num (use ASSOC for col names)
$rowcount = sqlite_num_rows($query);
print " Alternative count is $rowcount ";
if ( $rowcount != 1)
{
print " name didnt match once ";
// exit; // we could stop them trying again with end program
}
else
{
print " name matched once ";
}
sqlite_close($dbhandle);
?>