English Case Study

Submitted By bez100
Words: 1186
Pages: 5

REGISTER.PHP <?php if(isset($_POST['runame']) && isset($_POST['rpword'])){ $sql="INSERT INTO users (Username, Password) VALUES ('".$_POST['runame']."','".sha1(md5($_POST['rpword']))."')"; if(!mysqli_query($con,$sql)){ echo "No new entry made";
}else{
echo "New entry made --> <i>Username: </i><b> ".$_POST['runame']." </b>, <i>Password:</i><b> ".$_POST['rpword']." </b>";
}
} mysqli_close($con); ?> <form action="" method="post">
Username: <input type="text" name="runame"><br />
Password: <input type="password" name="rpword"><br />
<input type="submit" value="Register">
</form>

<a href='http://10.131.17.193/chatbackup/'>Back</a> ----------------
INDEX.PHP

<?php session_start(); if($_SERVER['REQUEST_URI'] == '/chatbackup/' || $_SERVER['REQUEST_URI'] == '/chatbackup/index.php'){ header('location:http://10.131.17.193/chatbackup/?p=index'); } // $host="localhost"; $user="root"; $pass=""; $db="dami"; $tbl="users";
$host="localhost"; $user="root"; $pass=""; $db="dami";
$con= mysqli_connect($host,$user,$pass,$db); ?> <!DOCTYPE html>
<html>
<head>
<meta name='description' content='' />
<meta name='keywords' content='' />
<meta name='robots' content=''/>
<meta http-equiv='Content-Type' content='text/php; charset=iso-8859-2' />
<meta http-equiv="refresh" content="500000000000" > <title>Chat</title>

</head>
<body>

<?php function isLoggedIn($con){ $query = mysqli_query($con, "SELECT * FROM session WHERE sid = '".session_id()."'");;
$row = mysqli_fetch_array($query); if($row['sid']){ return true; } return false; }

if(isLoggedIn($con)){ //if the user is logged in: $result = mysqli_query($con, "SELECT * FROM users WHERE ID = (SELECT uid FROM session WHERE sid = '".session_id()."')");;
$row = mysqli_fetch_array($result); $uid = $row['ID'];
$uname = $row['Username']; if($_GET['p'] == 'logout'){ include 'logout.php'; } elseif($_GET['p'] == 'login'){ include 'login.php'; } elseif($_GET['p'] == 'delete'){ include 'delete.php'; } elseif($_GET['p'] == 'home'){ include 'home.php'; } else { include 'home.php'; } } else { // if not: if($_GET['p'] == 'register'){ include 'register.php'; // } // elseif($_GET['p'] == 'home'){ // include 'login.php'; // } // elseif($_GET['p'] == 'logout'){ // include 'login.php'; } else { include 'login.php'; }
}

?> </body>
</html>
---------------------
HOME.PHP

<?php
$host="localhost"; $user="root"; $pass=""; $db="dami";
$con= mysqli_connect($host,$user,$pass,$db); $query = mysqli_query($con, "SELECT session.uid, users.* FROM session INNER JOIN users ON session.uid = users.ID WHERE session.sid = '".session_id()."'");
$main_dets = mysqli_fetch_array($query); // foreach($main_dets as $key => $value){ // echo $key." => ".$value."<br />"; // }; // if(isset($_POST['user']) && isset($_POST['Message'])){ // $sql = "INSERT INTO nami (Username, Message) VALUES ('".$_POST['user']."', '".$_POST['Message']."')"; // if(!mysqli_query($con,$sql)){ // echo "No new entry made"; // } else { // xx header('location:http://10.131.17.193/chatbackup/home.php'); // } // } ?> <!DOCTYPE html>
<html>
<head>
<meta name='description' content='' />
<meta name='keywords' content='' />
<meta name='robots' content=''/>
<meta http-equiv='Content-Type' content='text/php; charset=iso-8859-2' />

<title></title>
<style>
body{ margin:0px; padding:0px; background:grey; }

h1, h2, h3, h4, h5, h6, a { margin:0px; padding:0px;
}

a.clear{ margin-left:310px; color:blue; } a.clear:hover{ color:red; } a{ margin-left:10px; font-size:15px; color:blue; } a:hover{ color:red; } h3{ margin:0px; padding:0px; text-align:center; color:white;
}

#screen{ margin-top:400px; padding:0px; width:400px; height:400px; border:1px solid red; background:lightgrey; } #screen_left{ margin:0px; padding:0px; float:left; } #screen_left_top{ padding:10px; width:300px;