-Create complete Login/Register page (with DB connection, read data from databas

Question

-Create complete Login/Register page (with DB connection, read data from database - Without Salt & Hash, Without sending email) [This task also include the loading up of one random security question after three miss attempt login] (with a little bit of explanation)

-Retrieve and validate user information from the database for logging in. Validate Registration Information in the Register (look at the description for more info)

-JavaScript for toggle view between Login & Register

HTML and CSS for login and registration page and PHP and my SQL for users to register their detail in the database

Explanation / Answer

According to the requirement, Login and Register page created using PHP and MYSQL. For creating this pages follow this following steps:

1. Create a database and create a table using MYSQL.

1. Table 'tbl_user_registration'

create table 'tbl_user_registration' (

User_Id INT AUTO_INCREMENT PRIMARY KEY,

User_Name VARCHAR(100) NOT NULL,

Password VARCHAR(50) NOT NULL,

Security_Question_Id int,

Security_Answer VARCHAR(50)

)

2. Table `tbl_security_question`(`Security_Question_Id`, `Security_Question`)

create table tbl_security_question (

Security_Question_Id INT AUTO_INCREMENT PRIMARY KEY,

Security_Question VARCHAR(200) NOT NULL

)

2. Connect your php application with mysql.First create a php page and the write this following code for connection method:

connect.php:

<?php

define('DB_SERVER', 'localhost:3306');

define('DB_USERNAME', 'root');

define('DB_PASSWORD', '');

define('DB_DATABASE', 'db_registration');

$con = mysqli_connect(DB_SERVER,DB_USERNAME,DB_PASSWORD,DB_DATABASE);

?>

3. Then create your Register.php page for user registration here we will give user information with security answer for future use.

Register.php:

<?php

include ("connect.php");

$msg = "";

if(isset($_POST["submit"]))

{

if($_POST["User_Name"]=='')

{

$msg = "Enter User Name...";

//return false;

}

else if($_POST["password"]=='')

{

$msg = "Enter Password...";

//return false;

}

else if($_POST["ddlsecurity"]=="0")

{

$msg = "Select Security Question...";

//return false;

}

else if($_POST["answer"]=='')

{

$msg = "Enter Answer...";

//return false;

}

else

{

$User_Name = $_POST["User_Name"];

$password = $_POST["password"];

$ddlsecurity = $_POST["ddlsecurity"];

$answer = $_POST["answer"];

$User_Name = mysqli_real_escape_string($con, $User_Name);

$ddlsecurity = mysqli_real_escape_string($con, $ddlsecurity);

$answer = mysqli_real_escape_string($con, $answer);

$password = mysqli_real_escape_string($con, $password);

//$password = md5($password);

$sql="SELECT * FROM `tbl_user_registration` WHERE User_Name='".$User_Name."'";

$result=mysqli_query($con,$sql);

if(!$result)

{

$msg = "Sorry...This email already exist...";

}

else

{

$query = mysqli_query($con, "INSERT INTO `tbl_user_registration`(`User_Name`, `Password`, `Security_Question_Id`, `Security_Answer`) VALUES ('".$User_Name."','".$password."','".$ddlsecurity."','".$answer."')");

if($query)

{

$msg = "Thank You! you are now registered.";

header("Location: login.php"); /* Redirect browser */

exit();

}

}

}

}

?>

<!DOCTYPE html>

<html lang="en" >

<head>

<meta charset="UTF-8">

<title>Register</title>   

<style>

.txtcontrol{

height: 40px;

font-size: 22px;

border: single;

border-color:black;

width: 100%;

margin-bottom:10px;

text-align:center;

}

.mcontainer {

max-width: 600px;

margin: 0 auto;

padding: 80px 0;

height: 400px;

text-align: center;

}

.mcontainer {

width: 100%;

padding-right: 10px;

padding-left: 10px;

margin-right: auto;

margin-left: auto;

}

.sbutton

{

width: 42%;

height: 42px;

background-color: #75d4b6;

border: none;

color: #f9f5ee;

font-size: 17px;

}

</style>

</head>

<body>

<div class="wrapper">

<div class="mcontainer">

<h1>Welcome</h1>

<form method="post" action="">

<?php

if($msg!='')

{

echo " <div>

<h4>Message</h4>

$msg</div>";

}

?>

<table align="center" width="60%">

<tr>

<td>

<input type="text" placeholder="User Name" class="txtcontrol" name="User_Name"/>

</td>

</tr>

<tr>

<td>

<input type="password" placeholder="Password" class="txtcontrol" name="password"/>

</td>

</tr>

<tr>

<td>

<select name="ddlsecurity" class="txtcontrol">

<option value="0">Select Security Question</option>

<?php

$sql="SELECT * FROM `tbl_Security_Question`";

$qury=mysqli_query($con,$sql);

if(!$qury){

echo "No Records Found";

}

else

{

while($row=mysqli_fetch_array($qury))

{

echo "<option value=".$row["Security_Question_Id"].">".$row["Security_Question"]."</option>";

}

}

?>

</select>

</td>

</tr>

<tr>

<td>

<input type="text" placeholder="Security Answer" class="txtcontrol" name="answer"/>

</td>

</tr>

<tr>

<td>

<input type="submit" name="submit" value="Register" class="sbutton"/>

</td>

</tr>

<tr>

<td>

Already a User? <a href="login.php">Login Here</a>

</td>

</tr>

</table>

  

<br>

</form>

</div>

</div>

</body>

</html>

Then Create a login.php page for login to your user account. Follow this below code,

login.php:

<?php

session_start();

include ("connect.php");

if($_SESSION['counter']==null)

{

$_SESSION['counter']=1;

}

$msg = "";

if(isset($_POST["check"]))

{

if($_POST["username1"]=='')

{

$msg = "Enter User Name...";

//return false;

}

else if($_POST["ddlsecurity"]=="0")

{

$msg = "Select Security Question...";

//return false;

}

else if(empty($_POST["answer"]))

{

$msg = "Enter Answer...";

//return false;

}

else{

$username1 = $_POST["username1"];

$ddlsecurity = $_POST["ddlsecurity"];

$answer = $_POST["answer"];

$username1 = mysqli_real_escape_string($con, $username1);

$ddlsecurity = mysqli_real_escape_string($con, $ddlsecurity);

$answer = mysqli_real_escape_string($con, $answer);

$sql="SELECT Password FROM `tbl_user_registration` WHERE User_Name='$username1' and Security_Question_Id='$ddlsecurity' and Security_Answer='$answer'";

$result=mysqli_query($con,$sql);

$row=mysqli_fetch_array($result,MYSQLI_ASSOC);

if(mysqli_num_rows($result) == 1)

{

//$_SESSION['User_Id'] = $row['Password'];

$msg = "Your Password is:".$row['Password']; /* Redirect browser */

//exit();

}

else

{

$msg = "Sorry..! Invalid Answer";

}

}

}

if(isset($_POST["submit"]))

{

if($_POST["username"]=='')

{

$msg = "Enter User Name...";

//return false;

}

else if($_POST["password"]=='')

{

$msg = "Enter Password...";

//return false;

}

else

{

$username = $_POST["username"];

$password = $_POST["password"];

$username = mysqli_real_escape_string($con, $username);

$password = mysqli_real_escape_string($con, $password);

//$password = md5($password);

$sql="SELECT User_Id FROM `tbl_user_registration` WHERE User_Name='$username' and Password='$password'";

$result=mysqli_query($con,$sql);

$row=mysqli_fetch_array($result,MYSQLI_ASSOC);

if(mysqli_num_rows($result) == 1)

{

$_SESSION['User_Id'] = $row['User_Id'];

$msg = "Successfully Log in"; /* Redirect browser */

//exit();

}

else

{

$msg = "Sorry..! Invalid UserName and Password".$_SESSION['counter'];

$_SESSION['counter']=$_SESSION['counter']+1;

if($_SESSION['counter']==3)

{

?>

<script> var x = document.getElementById('divlogin'); x.style.display = 'none'; var y = document.getElementById('divsecurity'); y.style.display = 'block';</script>

<?php

$_SESSION['counter']=1;

}

}

}

}

?>

<!DOCTYPE html>

<html lang="en" >

<head>

<meta charset="UTF-8">

<title>login</title>

<style>

.txtcontrol{

height: 40px;

font-size: 22px;

border: single;

border-color:black;

width: 100%;

margin-bottom:10px;

text-align:center;

}

.mcontainer {

max-width: 600px;

margin: 0 auto;

padding: 80px 0;

height: 400px;

text-align: center;

}

.mcontainer {

width: 100%;

padding-right: 10px;

padding-left: 10px;

margin-right: auto;

margin-left: auto;

}

.sbutton

{

width: 42%;

height: 42px;

background-color: #75d4b6;

border: none;

color: #f9f5ee;

font-size: 17px;

}

</style>

</head>

<body>

<div class="wrapper">

<div class="mcontainer">

<h1>Welcome</h1>

<form method="post" action="">

<?php

if($msg!='')

{

echo " <div>

<h4>Message</h4>

$msg</div>";

}

?>

<div id="divlogin">

<table align="center" width="60%">

<tr>

<td>

<input type="text" placeholder="Email Id" class="txtcontrol" name="username"/>

</td>

</tr>

<tr>

<td>

<input type="password" placeholder="Password" class="txtcontrol" name="password"/>

</td>

</tr>

<tr>

<td>

<input type="submit" name="submit" value="Log In" class="sbutton"/>

<br>New User? <a href="Register.php">Register Here</a>

</td>

</tr>

</table>

</div>

<div id="divsecurity">

<table align="center" width="60%">

<tr>

<td>

<input type="text" placeholder="Email Id" class="txtcontrol" name="username1"/>

</td>

</tr>

<tr>

<td>

<select name="ddlsecurity" class="txtcontrol">

<option value="0">Select Security Question</option>

<?php

$sql="SELECT * FROM `tbl_Security_Question`";

$qury=mysqli_query($con,$sql);

if(!$qury){

echo "No Records Found";

}

else

{

while($row=mysqli_fetch_array($qury))

{

echo "<option value=".$row["Security_Question_Id"].">".$row["Security_Question"]."</option>";

}

}

?>

</select>

</td>

</tr>

<tr>

<td>

<input type="text" placeholder="Security Answer" class="txtcontrol" name="answer"/>

</td>

</tr>

<tr>

<td>

<input type="submit" name="check" value="Log In" class="sbutton"/>

</td>

</tr>

</table>

</div>

</form>

</div>

</div>

</body>

</html>

Here after login it Retrieve and validate user information from the database. and also Validate Registration Information in the Register page. This task also include the loading up of one random security question after three miss attempt login.

Related Questions

Navigate

• Browse (All)
• Browse #
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.