Compare commits
5 Commits
88d20ed476
...
5ebb0ccd6c
Author | SHA1 | Date |
---|---|---|
mrlan | 5ebb0ccd6c | |
Lan Hui | 5bbd812189 | |
Lan Hui | 162de63b4d | |
ADMASU EDEN SOLOMON | 64ffc3af1c | |
ADMASU EDEN SOLOMON | adc9daef98 |
82
Script.php
82
Script.php
|
@ -76,9 +76,17 @@ if (!empty($_POST["form_signup"])) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$_SESSION['user_fullname'] = $_POST["fullname"];
|
||||||
|
$_SESSION['user_fullname_temp'] = $_POST["fullname"];
|
||||||
|
$_SESSION['user_email'] = $_POST["email"];
|
||||||
|
$_SESSION['user_student_id_temp'] = $_POST["user_student_id"];
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
// validate student number
|
// validate student number
|
||||||
if (!is_valid_student_number($student_id)) {
|
if (!is_valid_student_number($student_id)) {
|
||||||
$_SESSION["info_signup"] = "Invalid student number.";
|
$_SESSION["info_signup"] = "Invalid student number.";
|
||||||
|
$_SESSION['user_fullname'] = null;
|
||||||
header("Location: signup.php");
|
header("Location: signup.php");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
@ -87,6 +95,10 @@ if (!empty($_POST["form_signup"])) {
|
||||||
$result = mysqli_query($con, "SELECT * FROM `students_data` WHERE Student_ID='$student_id'");
|
$result = mysqli_query($con, "SELECT * FROM `students_data` WHERE Student_ID='$student_id'");
|
||||||
if (mysqli_num_rows($result) == 0) {
|
if (mysqli_num_rows($result) == 0) {
|
||||||
$_SESSION["info_signup"] = "Your entered student number could not be verified. Please contact Student Management Office <lanhui at zjnu.edu.cn>. Thanks.";
|
$_SESSION["info_signup"] = "Your entered student number could not be verified. Please contact Student Management Office <lanhui at zjnu.edu.cn>. Thanks.";
|
||||||
|
$_SESSION['user_fullname'] = null;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
header("Location: signup.php");
|
header("Location: signup.php");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
@ -97,6 +109,7 @@ if (!empty($_POST["form_signup"])) {
|
||||||
$student_result = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'");
|
$student_result = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'");
|
||||||
if (mysqli_num_rows($student_result) > 0) {
|
if (mysqli_num_rows($student_result) > 0) {
|
||||||
$_SESSION["info_signup"] = "This Student ID is already in use! Please contact Student Management Office <lanhui at zjnu.edu.cn> for help.";
|
$_SESSION["info_signup"] = "This Student ID is already in use! Please contact Student Management Office <lanhui at zjnu.edu.cn> for help.";
|
||||||
|
$_SESSION['user_fullname'] = null;
|
||||||
header("Location: signup.php");
|
header("Location: signup.php");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
@ -106,7 +119,56 @@ if (!empty($_POST["form_signup"])) {
|
||||||
if (!empty($_POST["form_signup"])) {
|
if (!empty($_POST["form_signup"])) {
|
||||||
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
|
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
|
||||||
$student_id = mysqli_real_escape_string($con, $_POST["user_student_id"]);
|
$student_id = mysqli_real_escape_string($con, $_POST["user_student_id"]);
|
||||||
$_SESSION['user_fullname'] = $fullname;
|
|
||||||
|
$email = mysqli_real_escape_string($con, $_POST["email"]);
|
||||||
|
$password = mysqli_real_escape_string($con, $_POST["password"]);
|
||||||
|
$confirmpassword = mysqli_real_escape_string($con, $_POST["confirmpassword"]);
|
||||||
|
|
||||||
|
$_SESSION['user_student_id'] = $_POST["student_id"];
|
||||||
|
$_SESSION['user_type'] = "Student";
|
||||||
|
|
||||||
|
// check confirmed password
|
||||||
|
if (strcasecmp($password, $confirmpassword) != 0) {
|
||||||
|
$_SESSION['info_signup'] = "Password confirmation failed.";
|
||||||
|
$_SESSION['user_fullname'] = null; // such that Header.php do not show the header information.
|
||||||
|
header("Location: signup.php");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// validate email
|
||||||
|
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
||||||
|
$_SESSION['info_signup'] = "Invalid email address.";
|
||||||
|
$_SESSION['user_fullname'] = null;
|
||||||
|
|
||||||
|
header("Location: signup.php");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$upperLetter = preg_match('@[A-Z]@', $password);
|
||||||
|
$smallLetter = preg_match('@[a-z]@', $password);
|
||||||
|
$containsDigit = preg_match('@[0-9]@', $password);
|
||||||
|
$containsSpecial = preg_match('@[^\w]@', $password);
|
||||||
|
$containsAll = $upperLetter && $smallLetter && $containsDigit && $containsSpecial;
|
||||||
|
|
||||||
|
// check for strong password
|
||||||
|
if (!$containsAll) {
|
||||||
|
$_SESSION['info_signup'] = "Password must have at least characters that include lowercase letters, uppercase letters, numbers and special characters (e.g., !?.,*^).";
|
||||||
|
$_SESSION['user_fullname'] = null;
|
||||||
|
|
||||||
|
header("Location: signup.php");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// check if email is taken
|
||||||
|
$result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'");
|
||||||
|
if (mysqli_num_rows($result) != 0) {
|
||||||
|
$_SESSION["info_signup"] = "Email address " . $email . " is already in use.";
|
||||||
|
$_SESSION['user_fullname'] = null;
|
||||||
|
header("Location: signup.php");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
$_SESSION['user_type'] = "Student";
|
$_SESSION['user_type'] = "Student";
|
||||||
$_SESSION['user_email'] = $email;
|
$_SESSION['user_email'] = $email;
|
||||||
$_SESSION['user_student_id'] = $student_id;
|
$_SESSION['user_student_id'] = $student_id;
|
||||||
|
@ -116,6 +178,9 @@ if (!empty($_POST["form_signup"])) {
|
||||||
$sql = "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`, `Student_ID`) VALUES "
|
$sql = "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`, `Student_ID`) VALUES "
|
||||||
. "('$email','$password_hash','$fullname','Student','$student_id')";
|
. "('$email','$password_hash','$fullname','Student','$student_id')";
|
||||||
|
|
||||||
|
|
||||||
|
$_SESSION['user_fullname'] =$_SESSION['user_fullname_temp'];
|
||||||
|
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
header("Location: Courses.php");
|
header("Location: Courses.php");
|
||||||
} else {
|
} else {
|
||||||
|
@ -130,11 +195,15 @@ if (!empty($_POST["form_login"])) {
|
||||||
$user = mysqli_real_escape_string($con, $_POST["user"]); // user could be a 12-digit student number or an email address
|
$user = mysqli_real_escape_string($con, $_POST["user"]); // user could be a 12-digit student number or an email address
|
||||||
$is_student_number = 0;
|
$is_student_number = 0;
|
||||||
|
|
||||||
|
$_SESSION["failed_login_user"] = $user; // Save the entered username in a session variable
|
||||||
|
echo "Failed login user: " . $_SESSION["failed_login_user"];
|
||||||
|
|
||||||
// Validate student number
|
// Validate student number
|
||||||
if (is_valid_student_number($user)) {
|
if (is_valid_student_number($user)) {
|
||||||
$is_student_number = 1;
|
$is_student_number = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
// Validate email address if what provided is not a student number
|
// Validate email address if what provided is not a student number
|
||||||
if (!$is_student_number && !filter_var($user, FILTER_VALIDATE_EMAIL)) {
|
if (!$is_student_number && !filter_var($user, FILTER_VALIDATE_EMAIL)) {
|
||||||
$_SESSION["info_login"] = "Invalid email address: " . "$user";
|
$_SESSION["info_login"] = "Invalid email address: " . "$user";
|
||||||
|
@ -176,10 +245,19 @@ if (!empty($_POST["form_login"])) {
|
||||||
header("Location: Admin.php");
|
header("Location: Admin.php");
|
||||||
}
|
}
|
||||||
// report wrong pass if not correct
|
// report wrong pass if not correct
|
||||||
} else {
|
return;
|
||||||
|
|
||||||
|
} else {
|
||||||
|
|
||||||
$_SESSION["wrong_pass"] = "Wrong Password.";
|
$_SESSION["wrong_pass"] = "Wrong Password.";
|
||||||
|
echo $_SESSION["wrong_pass"]; // Optional: Display the error message for debugging
|
||||||
|
|
||||||
header("Location: index.php");
|
header("Location: index.php");
|
||||||
|
exit(); // Add this line to prevent further execution after redirect
|
||||||
}
|
}
|
||||||
|
// Add the following line to reset the session variable when needed
|
||||||
|
unset($_SESSION["failed_login_user"]);
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -30,7 +30,7 @@ if (isset($_SESSION["user_fullname"])) {
|
||||||
<legend>Sign in</legend>
|
<legend>Sign in</legend>
|
||||||
<input type="hidden" name="form_login" value="true"/>
|
<input type="hidden" name="form_login" value="true"/>
|
||||||
<label for="user_name" class="form-label">Account name</label>
|
<label for="user_name" class="form-label">Account name</label>
|
||||||
<input type="text" name="user" placeholder="Student Number / Email address" class="form-control" required="required" id="user_name" />
|
<input type="text" name="user" placeholder="Student Number / Email address" class="form-control" required="required" id="user_name" value="<?php echo isset($_SESSION['failed_login_user']) ? htmlspecialchars($_SESSION['failed_login_user']) : ''; ?>" />
|
||||||
<br>
|
<br>
|
||||||
<label for="user_password" class="form-label">Password</label>
|
<label for="user_password" class="form-label">Password</label>
|
||||||
<input type="password" class="form-control" name="password" placeholder="password" required="required" id="user_password" />
|
<input type="password" class="form-control" name="password" placeholder="password" required="required" id="user_password" />
|
||||||
|
|
|
@ -22,10 +22,10 @@ include 'Header.php';
|
||||||
<input type="hidden" name="form_signup" value="true" />
|
<input type="hidden" name="form_signup" value="true" />
|
||||||
|
|
||||||
Full Name
|
Full Name
|
||||||
<input type="text" name="fullname" placeholder="Your full name" class="form-control" value="<?php echo $_SESSION['user_fullname']; ?>" required="required" id="full_name"/> <br>
|
<input type="text" name="fullname" placeholder="Your full name" class="form-control" value="<?php echo isset($_SESSION['user_fullname_temp']) ? $_SESSION['user_fullname_temp'] : ''; ?>" required="required" id="full_name"/> <br>
|
||||||
|
|
||||||
Student ID
|
Student ID
|
||||||
<input type="text" name="user_student_id" placeholder="Entre your student ID" class="form-control" value="<?php echo $_SESSION['user_student_id']; ?>" required="required" id="student_id"> <br>
|
<input type="text" name="user_student_id" placeholder="Entre your student ID" class="form-control" value="<?php echo isset($_SESSION['user_student_id_1']) ? $_SESSION['user_student_id_temp'] : ''; ?>" required="required" id="student_id"> <br>
|
||||||
|
|
||||||
Email
|
Email
|
||||||
<input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>" required="required" id="email" /> <br>
|
<input type="text" name="email" placeholder="Email" class="form-control" value="<?php echo $_SESSION['user_email']; ?>" required="required" id="email" /> <br>
|
||||||
|
|
Loading…
Reference in New Issue