This document describes an assignment to integrate client-side scripting with server-side scripting. It includes wireframes for various pages of the website, screenshots of functional testing, and descriptions of the MySQL database, PHP scripts, and SQL commands used. The live website can be viewed at the provided URL, and the code is available on GitHub.
6. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
5
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
Introduction
The scenario for part 1 was to create a database withMySQLphp scripting(backend).Thisbackend
designandimplementationof the database includes:customer,author,andguest(pleasesee
appendices).Forpart2 it isrequestedtobuildaweb-baseduserinterfaceusingHTMLand client-
side scripting.Integrate withpart1.
GitHub
Contentsof Filesare availableon:“https://github.com/ollyicycool82/web3assignment2-1430800/”
Colchester server
Website canbe viewedliveon “http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
1.0 STORY BOARD
7. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
6
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
2.0.0 Login.php Wire frame Diagram
8. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
7
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
2.0.1 home.php Wire frame Diagram
9. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
8
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
2.0.2 register.php Wire frame Diagram
10. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
9
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
2.0.3 authorshop/guestshop/shop.php Wire frame Diagram
11. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
10
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
2.0.4 cart.php Wire frame Diagram
12. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
11
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
2.0.5 added.php Wire frame Diagram
13. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
12
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
2.0.6 form.html Wire frame Diagram
14. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
13
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
2.0.7 checkoutcomplete.php Wire frame Diagram
15. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
14
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
2.0.8 authorlogin.php Wire frame Diagram
16. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
15
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
2.0.9 authorhome.php Wire frame Diagram
17. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
16
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
2.0.10 adddbook.php Wire frame Diagram
18. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
17
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
2.0.11 authoraddbook.php Wire frame Diagram
19. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
18
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
2.0.12 updateprice.php Wire frame Diagram
20. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
19
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
2.0.13 authordeletebook.php Wire frame Diagram
21. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
20
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
2.0.14 goodbye.php Wire frame Diagram
22. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
21
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
3.0 Functional Testing Screen shots
Aftercompletingthe web site locallyproblemswere arisingwhenattemptingtouploadtothe
Colchesterserver,Suchassessionissueswithembeddedcookies.
3.1 login.php screenshot
3.1.1 login.php screenshot wrong password
23. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
22
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
3.1.2 login.php screenshot wrong email
3.2 home.php screenshot
24. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
23
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
3.2 shop.php screenshot top
25. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
24
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
3.2.1 shop.php screenshot bottom
3.3 added.php screenshot
3.3 cart.php screenshot
26. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
25
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
3.4 form.html screenshot
3.5 checkoutcomplete.php screenshot
27. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
26
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
3.6 goodbye.php screenshot
3.6 guestshop.php screenshot
28. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
27
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
3.7 authorlogin.php screenshot
29. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
28
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
3.8 authorhome.php screenshot
3.9 authoraddbook.php screenshot
30. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
29
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
3.9.1 authoraddbook.php screenshot results of registration of book
3.10 authoraddbook.php screenshot
3.11 deletedbook.php screenshop
31. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
30
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
3.12 updateprice.php screenshop
32. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
31
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
3.13 authorgoodbye.php screenshop
4.1.0 Truth Tests
4.1.1 Truth Table
KEY
Loginfor registeredusers
Loginfor Author
INPUT RESULT EXPECTED RESULT PASS/FAIL
captain@hotmail.com
1234
Loginsuccessful Loginsuccessful PASS
captain@hotmail.com
124548745
Oops!There wasa
problem:
- Enteryour email
address.
- Enteryour password.
Please tryagain
or Register
Oops!There wasa
problem:
- Enteryour email
address.
- Enteryour password.
Please tryagain
or Register
PASS
33. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
32
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
A
213534654
Oops!There wasa
problem:
- Enteryour email
address.
- Enteryour password.
Please tryagain
or Register
Oops!There wasa
problem:
- Enteryour email
address.
- Enteryour password.
Please tryagain
or Register
PASS
coldcole@live.com
1234
Loginsuccessful Loginsuccessful FAIL
coldcole@live.com
2185674
unsuccessful unsuccessful FAIL
A
35486644
unsuccessful unsuccessful FAIL
4.1.2 form.html data inserted
34. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
33
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
4.2.3 form.html posted results
4.2.4 login.php Firefox browser
35. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
34
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
4.2.5 home.php Firefox browser posted results
5.0 Html Validation
6 Errors 5 warningmessages.
5.1 Fixed Validation
1 warningmessage thisisdue toname beingcalledname therefore notamajorpriorityif more time
was available thisisaneasyfix justalittle time consuming.
36. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
35
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
6.0 Measures to protect against XSS (Cross side scripting)
SQL Injection protection
SQL injectionattacksare
Since the 1990’s Cross-site scripting(XSS),asecurityhazardwhere maliciousclient-side code is
insertedintowebpages,andmostwebsitessuchas Yahoo,Google andFacebookhave all been
affectedby XSSat some pointintime.Attackscan enable datatoobe stolen,throughmaliciouscode
and phishingscamssuchas dummyemailsfrom‘ebay’,‘hsbc’‘paypal’where html hasbeencopied
to impersonate agivencompanytogaininformationfromtheirtarget. “Ajax applicationstendtobe
verycomplex,there beingmanymore interactionsbetweenthe browserandserver,andpagescan
evenpull incontentfrom othersites.Thissetupmakesitdifficulttotestthe manypossible
permutationsof userandservice interaction,allowingoldvulnerabilities,suchasXSS flaws,tobe
unwittinglyintroducedintothe application.”(Cobb,2016.)
WithSQL injection, attacksworkby code beinginjected,normallythroughthe use of JavaScript,into
the Web application'soutput.Mostwebsiteshave manyinjectionpoints(searchfields,feedback
forms,cookiesandforumsthatare vulnerable toXSS).The mostcommongoal of XSS attacksis to
getall the cookie data,as cookiesare usedregularlyand incorrectlyto“store informationlike
sessionIDs,userpreferencesorlogininformation.Althoughclient-side scriptscannotdirectlyaffect
server-sideinformation,theycanstill compromise asite'ssecurity,oftenusingDocumentObject
Model manipulationtoalterformvaluesorswitchthe formactionto postthe submitteddatatothe
attacker'ssite.”(Cobb,2016.)
(Cobb,2016.)
37. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
36
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
(SearchSecurity,2016.)
Reflection
Thishas beenquite apressingassignment andcanbe as creative oras basic as desired.The use of
javascriptandjquerywere both usedtocreate a slide show of the featuredbooksavailabletobuy,
inorder to give the newuseranincentive toregisterandperhapssee acoverof a bookthey are
interestedintoencourage themtojointhe site andbrowse andpossiblypurchase anebook. HTML 5
was usedtostyle certainaspectsof pagesthiscan be foundwithinthe style tags(<style>).
AJAXandJSON were bothusedto ensure onlypartof the page isrefreshedthisisauseful designas
rather thanreloadthe whole page inthiscase for an incorrectpassword,justthe sectionof the
passwordisrefreshedandeverythingelse onthe page remainsthe same.Anotheruse forAJAXand
JSON isif youwishto have a bannergoingacross the screenwithcertaininformation,agood
example of thiscanbe knownon SKY Sportsand SKYNews,where theyhave new informationcome
inand rather thaninterruptthe currentvideodialogue thatisoccurring(mainwindow) thisfunction
allowsextrainformationwithoutmuchinterference,if anythingitcomplementsthe channelinits
newsthatit isdelivering.
Problemsfaced:
Whenstartingthe project a name came quickto the surface ‘Bookstop’afterfindingasuitable
background(lotsof booksina bookcase) alogowasdesignedthroughthe use of PhotoshopCS6.
The backgroundusedwas veryvibrantandneededtobe toneddowna bit,throughthe use of
PhotoshopCS6,opacitywasset to 40% thiswas effectiveandnecessaryforthe textonthe screento
be more bolderandclearer.The backgroundimage wasthenarrangedincss (style1.css),the next
task wasto insertthe logointoa divand place towardsthe leftcornerof mostpages,thisappeared
to workwithlittle time however,whenaslide show wasintroducedonthe loginpage (inthe center)
thiscompromisedthe logoinserted.Aftermuchtime spenttryingtorectifythisitwasdecidedthat
the logowouldbe embeddedintothe backgroundimage thiswayitwill stayInthe desiredspace
and cause lessconfusionforthe codingof the site.Afteralittle trial anderrorthe logoimage was
placedinto the requiredplace,the opacitywassetto50% as it wasimportantthat itwas bolder
that the backgroundslightlysowouldstandoutratherthan be lostinthe background.
38. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
37
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
There were problemswithusingregisteredusersfrompreviousassignment,eachattemptwould
register,howeverwhenitcame toentering the password the loginwouldfail,whencheckedon‘php
admin’the database hadaddedthe newuseronlythe passwordwas scrambledwithrandom
characters,aftera lotof researchingintothe code createdthere wasone line of code thathad “SHA
1” withinthe password section,once thiswasremovedthe usersthatregisteredcouldaccesspast
the loginscreenintothe shopand purchase books. Dreamhostwasrequiredtouploadthe database
so the database and site cancommunicate withone anotherforexample,the passwordsandlogin
informationiscontainedwithinthe database andthe site referstoitto ensure the information
enterediscorrectso the site can move onto the nextdesiredpage.There were some initial
problemswiththe Dreamhostaccounttobe usedtouploaddatabase,thoughthiswassorted
throughadministrationresettingaswasthe Colchesterserver(“olivera0800.ccacolchester.com/”). If
more time wasavailable anindex page withaclosedbookwouldhave beenagoodchoice withthe
title labelled‘The Bookstop’withajavafunctionof clickingonthe bookallowingthe booktoopen
displayingthe ‘login’page andthe startof the site. The backgroundforthe shop wouldhave been
bettersetout if bookimagesandinformationwere all nicelysectionedintoatable withthe border
setto “0” to enable invisibility,thistablecouldhave thenbeeneasilymovedaroundwiththe align
functionandif that was to fail the appropriate marginswouldbe able tosetintorequired
placement,because there was notenoughtime todothisand the itemsappearverticallydownthe
page the background(asisset:stretch to fit) ismuchlargeras the page ismuch longerthanany
otherpage in the site,aftercareful considerationitwasdecidedtoleave the shoppage (shop.php)
as it is. Once site wascomplete certainpageswere notloadingaftermuchanalysisitwasdiscovered
that the ‘session_start’commandatthe topof the php scriptswere beingdisabledbyColchester
institutesastheir‘sessions’are settoa default,togetaroundthisissue anexternal headerwas
added‘session_start()’atthe topof the page too rectifythisissue.,thoughunfortunatelythiswas
still aproblem andwouldonlyworklocally. Aftermuchhard workwebsite was uploaded
successfullyfullyfunctional andworkingerrorsandwarningswere repairedforvalidationalso.
References
Cobb, Michael. (2016): n. pag. Print.
SearchSecurity,. "SQL Injection Protection: A Guide On How To Prevent And Stop Attacks". N.p.,
2016. Web. 12 Feb. 2016.
W3schools.com
39. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
38
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
Appendices
Assignment1data
Customer Author Guest
Loginwithpassword Loginwithpassword View site
Viewshop Viewbookstheirselling
Log out Summaryof book
Viewsummaries Addbooks
Selectbooktobuy Update book price
Delete abook
(fig1.)
mysqli_real_escape_string
The above functionisusedto neutraliseandpreventmaliciousattacksonyourdatabase. By
allowingthe usertoenter' or " it can be possible forthemtoalterthe original actionthatthe SQL
stringwas intendingondoing.
SQL injection
SQL injection attacks give the user the ability to change and manipulate current data, this could
be deleting someone’s records, changing balances and voiding transactions and even shutting
down the entire web site on the system.
Author and customer login details for testing
Author:coldcole@hotmail.com
Password:1234
Customer:captain@hotmail.com
Password:1234
40. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
39
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
DATA DICTIONARY
KEY
PRIMARY KEY
FOREIGN KEY
Customer Data Type
CustomerID INT
FirstName VARCHAR
LastName VARCHAR
Email VARCHAR
Telephone INT
Username VARCHAR
Password VARCHAR
Author Data Type
AuthorID INT
FirstName VARCHAR
LastName VARCHAR
Username VARCHAR
Password VARCHAR
Ebook Data Type
ISBN INT
Title VARCHAR
41. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
40
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
Genre VARCHAR
Year INT
Price DECIMAL
AuthorID INT
Publisher VARCHAR
Quantity INT
Summary VARCHAR
OrderReceipt Data Type
ReceiptID INT
CustomerID INT
Quantity INT
TimeDate DATETIME
Title VARCHAR
OrderTotal INT
ISBN INT
Transaction Data Type
TransactionID INT
CustomerID INT
TimeDate TIMEDATE
PaymentMethod ENUM
Deletebook Data Type
deleteID INT
AuthorID INT
Item_name VARCHAR
42. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
41
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
Item_desc VARCHAR
ISBN VARCHAR
Item_img TEXT
Item_price Decimal
forum Data type
Post_id INT
First_name VARCHAR
Last_name VARCHAR
Subject VARCHAR
Message TEXT
Post_date DATETIME
Order_contents Data type
Content_id INT
Order_id INT
Item_id INT
Quantity INT
price Decimal
orders Data type
order_id INT
user_id INT
Total Decimal
Order_date DATETIME
43. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
42
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
Shop Data type
item_id INT
item_name VARCHAR
item_desc VARCHAR
Item_img TEXT
Item_price Decimal
AuthorID INT
filelocation VARCHAR
Original RELATIONSHIP DIAGRAM
f
(fig2.)
Aftercompilingthe above designerwhichwasthoughttobe finalised,progresswithdatabase
requiredmore tables.Please seebelow.
44. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
43
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
Final RELATIONSHIP DIAGRAM
(fig3.)
TESTING PHP SCRIPTS
Test Login.php
INPUT OUTPUT EXPECTED OUTPUT PASS/FAIL
captain@hotmail.com
pword:1234
You are nowloggedin
PaymanSparrow
You are now loggedin
PaymanSparrow
PASS
captain29@hotmail.com
pword:1234
Problemwithemail
and add password
Problemwithemail
and add password
PASS
captain@hotmail.com
pword:helpme
Email passwordnot
found
Email passwordnot
found
PASS
(fig4.)
Test Authorlogin.php
INPUT OUTPUT EXPECTED OUTPUT PASS/FAIL
coldcole@live.com
password:1234
You are nowlogged
in…
You are now logged
in…
PASS
45. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
44
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
coldcole79@live.com
password:1234
Problemwithemail
and add password
Problemwithemail
and add password
PASS
coldcole@hotmail.com
pword:helpme
Email passwordnot
found
Email passwordnot
found
PASS
(fig5.)
Test Authoraddbook.php
INPUT OUTPUT EXPECTED OUTPUT PASS/FAIL
The fall,item
description,item
price(2.99),
Booksuccessfully
registered!
Booksuccessfully
registered!
PASS
(fig6.)
(fig7.) As youcan see fromthe above screenshot,the bookhas beenaddedtothe database table
viathe phpscripting.
46. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
45
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
Guest view site screen shots
(fig8.)
47. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
46
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
(fig9.)
If the ‘guestuser’attemptstoselect‘Addtocart’ optiontheywill linkedstraightbackto original
page and will be able toregisterbyusingthe providedlink‘Register’.
48. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
47
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
Customer Login screen shots
(fig10.)
(fig11.)
49. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
48
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
Customer selecting shop
(fig12.)
Customer Adding too cart
50. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
49
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
(fig13.)
Customer multiple items selected
Afternumerousamountsof booksaddedtocart givesusthe nextpage whichisa shoppingbasketin
effect.
(fig14.)
Customer Log out
51. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
50
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
(fig15.)
(fig16.)
Customer summary
The summaryof each bookisavailable rightawaymaybe forfuture developmentitwouldbe wiseto
have brief descriptionandoptiontoretrieve more information,adropdownmenuwouldbe
advisable inthiscase.
(fig17.)
52. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
51
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
Author login
Afterselecting‘AuthorLogin’onmainscreen(fig1.) the Authorwill be presentedwithbelow screen
shot(fig18.)
(fig18.)
(fig19.)
53. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
52
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
Author shop view
(fig21.)
54. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
53
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
Register Customer
(fig22.)
(fig23.)
Author add book
55. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
54
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
(fig24.)
(fig25.)
The Authorhas an optionafterto add anotherbookwithone click.
Author delete book
56. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
55
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
(fig26.)
(fig27.) the bookdisplayedatthe topwas selectedfordelete.
57. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
56
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
(fig28.)
58. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
57
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
Author Update book price
(fig29.)
59. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
58
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
MySQL
(fig30.)
MySQL Author
(fig31.)
60. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
59
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
MySQL Order contents
(fig32.)
61. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
60
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
MySQL shop
(fig33.)
MySQL Customer
(fig34.)
62. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
61
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
PHP scripts
Login.php
<?php # DISPLAY COMPLETE LOGIN PAGE.
# Set page title and display header section.
//$page_title = 'Login' ;
//include ( 'header.html' ) ;
# Display any error messages if present.
if ( isset( $errors ) && !empty( $errors ) )
{
echo '<p id="err_msg">Oops! There was a problem:<br>' ;
foreach ( $errors as $msg ) { echo " - $msg<br>" ; }
echo 'Please try again or <a href="register.php">Register</a></p>' ;
}
?>
<!-- Display body section. -->
<h1>Login</h1>
<form action="login_action.php" method="post">
<p>Email Address: <input type="text" name="email"> </p>
<p>Password: <input type="password" name="pass"></p>
<p><input type="submit" value="Login" ></p>
<p><a href="guestshop.php">Login as Guest</a></p>
<p><a href="authorlogin.php">Login as Author</a></p>
<p><a href="register.php">Register</a></p>
</form>
<?php
# Display footer section.
//include ( 'footer.html' ) ;
?>
Shop.php
<?php # DISPLAY COMPLETE PRODUCTS PAGE.
# Access session.
session_start() ;
# Redirect if not logged in
if ( !isset( $_SESSION[ 'CustomerID' ] ) ) { require ( 'login_tools.php' )
; load() ; }
# Set page title and display header section.
$page_title = 'Shop' ;
//include ( 'includes/header.html' ) ;
# Open database connection.
require ( 'connect_db.php' ) ;
# Retrieve items from 'shop' database table.
63. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
62
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
$q = "SELECT * FROM shop" ;
$r = mysqli_query( $dbc, $q ) ;
if ( mysqli_num_rows( $r ) > 0 )
{
# Display body section.
echo '<table>';
$counter=0;
while ( $row = mysqli_fetch_array( $r, MYSQLI_ASSOC ))
{
if($counter=5){
echo '<tr><td><strong>' . $row['item_name'] .'</strong><br><span
style="font-size:smaller">'. $row['item_desc'] . '</span><br><img src='.
$row['item_img'].'><br>$' . $row['item_price'] . '<br><a
href="added.php?id='.$row['item_id'].'">Add To Cart</a></td></tr>';
$counter++;}
}
echo '</table>';
# Close database connection.
mysqli_close( $dbc ) ;
}
# Or display message.
else { echo '<p>There are currently no items in this shop.</p>' ; }
# Create navigation links.
echo '<p><a href="cart.php">View Cart</a> | <a href="forum.php">Forum</a> |
<a href="home.php">Home</a> | <a href="goodbye.php">Logout</a></p>' ;
# Display footer section.
#include ( 'includes/footer.html' ) ;
?>
Added.php
<?php # DISPLAY SHOPPING CART ADDITIONS PAGE.
# Access session.
session_start() ;
# Redirect if not logged in.
if ( !isset( $_SESSION[ 'CustomerID' ] ) ) { require ( 'login_tools.php' )
; load() ; }
# Set page title and display header section.
$page_title = 'Cart Addition' ;
#include ( 'includes/header.html' ) ;
# Get passed product id and assign it to a variable.
if ( isset( $_GET['id'] ) ) $id = $_GET['id'] ;
# Open database connection.
require ( 'connect_db.php' ) ;
# Retrieve selective item data from 'shop' database table.
$q = "SELECT * FROM shop WHERE item_id = $id" ;
64. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
63
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
$r = mysqli_query( $dbc, $q ) ;
if ( mysqli_num_rows( $r ) == 1 )
{
$row = mysqli_fetch_array( $r, MYSQLI_ASSOC );
# Check if cart already contains one of this product id.
if ( isset( $_SESSION['cart'][$id] ) )
{
# Add one more of this product.
$_SESSION['cart'][$id]['quantity']++;
echo '<p>Another '.$row["item_name"].' has been added to your
cart</p>';
}
else
{
# Or add one of this product to the cart.
$_SESSION['cart'][$id]= array ( 'quantity' => 1, 'price' =>
$row['item_price'] ) ;
echo '<p>A '.$row["item_name"].' has been added to your cart</p>' ;
}
}
# Close database connection.
mysqli_close($dbc);
# Create navigation links.
echo '<p><a href="shop.php">Shop</a> | <a href="cart.php">View Cart</a> |
<a href="forum.php">Forum</a> | <a href="home.php">Home</a> | <a
href="goodbye.php">Logout</a></p>' ;
# Display footer section.
#include ( 'includes/footer.html' ) ;
?>
Authorshop.php
<?php # DISPLAY COMPLETE PRODUCTS PAGE.
# Access session.
session_start() ;
# Redirect if not logged in
if ( !isset( $_SESSION[ 'AuthorID' ] ) ) { require (
'authorlogin_tools.php' ) ; load() ; }
# Set page title and display header section.
$page_title = 'AuthorShop' ;
//include ( 'includes/header.html' ) ;
# Open database connection.
require ( 'connect_db.php' ) ;
# Retrieve items from 'shop' database table.
$q = "SELECT * FROM shop" ;
$r = mysqli_query( $dbc, $q ) ;
if ( mysqli_num_rows( $r ) > 0 )
{
# Display body section.
65. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
64
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
echo '<table>';
$counter=0;
while ( $row = mysqli_fetch_array( $r, MYSQLI_ASSOC ))
{
if($counter=5){
echo '<tr><td><strong>' . $row['item_name'] .'</strong><br><span
style="font-size:smaller">'. $row['item_desc'] . '</span><br><img src='.
$row['item_img'].'><br>$' . $row['item_price'] . '<br><a
href="added.php?id='.$row['item_id'].'">Add to cart</a></td> </tr>';
$counter++;}
}
echo '</table>';
# Close database connection.
mysqli_close( $dbc ) ;
}
# Or display message.
else { echo '<p>There are currently no items in this shop.</p>' ; }
# Create navigation links.
echo '<p><a href="cart.php">View Cart</a> <p><a href="cart.php">View
Cart</a>| <a href="forum.php">Forum</a> | <a href="home.php">Home</a> | <a
href="goodbye.php">Logout</a></p>' ;
# Display footer section.
#include ( 'includes/footer.html' ) ;
?>
author.php
<?php # DISPLAY COMPLETE LOGGED IN PAGE.
# Access session.
session_start() ;
# Redirect if not logged in.
if ( !isset( $_SESSION[ 'AuthorID' ] ) ) { require (
'authorlogin_tools.php' ) ; load() ; }
# Set page title and display header section.
$page_title = 'Author Home' ;
//include ( 'includes/header.html' ) ;
# Display body section.
echo "<h1>HOME</h1><p>You are now logged in, {$_SESSION['FirstName']}
{$_SESSION['LastName']} </p>";
# Create navigation links.
echo '<p><a href="authorshop.php">Shop</a> | <a
href="authoraddbook.php">Add Book</a> | <a
href="authordeletebook.php">Delete Book</a> | <a
href="updateprice.php">Update Book Price</a> | <a
href="authorgoodbye.php">Logout</a></p>';
# Display footer section.
66. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
65
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
//include ( 'includes/footer.html' ) ;
?>
Authoradded.php
<?php # DISPLAY SHOPPING CART ADDITIONS PAGE.
# Access session.
session_start() ;
# Redirect if not logged in.
if ( !isset( $_SESSION[ 'AuthorID' ] ) ) { require (
'authorlogin_tools.php' ) ; load() ; }
# Set page title and display header section.
$page_title = 'Cart Addition' ;
#include ( 'includes/header.html' ) ;
# Get passed product id and assign it to a variable.
if ( isset( $_GET['id'] ) ) $id = $_GET['id'] ;
# Open database connection.
require ( 'connect_db.php' ) ;
# Retrieve selective item data from 'shop' database table.
$q = "SELECT * FROM shop WHERE item_id = $id" ;
$r = mysqli_query( $dbc, $q ) ;
if ( mysqli_num_rows( $r ) == 1 )
{
$row = mysqli_fetch_array( $r, MYSQLI_ASSOC );
# Check if cart already contains one of this product id.
if ( isset( $_SESSION['cart'][$id] ) )
{
# Add one more of this product.
$_SESSION['cart'][$id]['quantity']++;
echo '<p>Another '.$row["item_name"].' has been added to your
cart</p>';
}
else
{
# Or add one of this product to the cart.
$_SESSION['cart'][$id]= array ( 'quantity' => 1, 'price' =>
$row['item_price'] ) ;
echo '<p>A '.$row["item_name"].' has been added to your cart</p>' ;
}
}
# Close database connection.
mysqli_close($dbc);
# Create navigation links.
echo '<p><a href="shop.php">Shop</a> | <a href="cart.php">View Cart</a> |
<a href="forum.php">Forum</a> | <a href="home.php">Home</a> | <a
href="goodbye.php">Logout</a></p>' ;
# Display footer section.
#include ( 'includes/footer.html' ) ;
67. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
66
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
?>
Authorcheckout.php
<?php # DISPLAY CHECKOUT PAGE.
# Access session.
session_start() ;
# Redirect if not logged in.
if ( !isset( $_SESSION[ 'AuthorID' ] ) ) { require (
'authorlogin_tools.php' ) ; load() ; }
# Set page title and display header section.
$page_title = 'Checkout' ;
#include ( 'includes/header.html' ) ;
# Check for passed total and cart.
if ( isset( $_GET['total'] ) && ( $_GET['total'] > 0 ) &&
(!empty($_SESSION['cart']) ) )
{
# Open database connection.
require ('connect_db.php');
# Store buyer and order total in 'orders' database table.
$q = "INSERT INTO orders ( CustomerID, total, order_date ) VALUES (".
$_SESSION['user_id'].",".$_GET['total'].", NOW() ) ";
$r = mysqli_query ($dbc, $q);
# Retrieve current order number.
$order_id = mysqli_insert_id($dbc) ;
# Retrieve cart items from 'shop' database table.
$q = "SELECT * FROM shop WHERE item_id IN (";
foreach ($_SESSION['cart'] as $id => $value) { $q .= $id . ','; }
$q = substr( $q, 0, -1 ) . ') ORDER BY item_id ASC';
$r = mysqli_query ($dbc, $q);
# Store order contents in 'order_contents' database table.
while ($row = mysqli_fetch_array ($r, MYSQLI_ASSOC))
{
$query = "INSERT INTO order_contents ( order_id, item_id, quantity,
price )
VALUES ( $order_id,
".$row['item_id'].",".$_SESSION['cart'][$row['item_id']]['quantity'].",".$_
SESSION['cart'][$row['item_id']]['price'].")" ;
$result = mysqli_query($dbc,$query);
}
# Close database connection.
mysqli_close($dbc);
# Display order number.
echo "<p>Thanks for your order. Your Order Number Is #".$order_id."</p>";
# Remove cart items.
$_SESSION['cart'] = NULL ;
}
# Or display a message.
68. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
67
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
else { echo '<p>There are no items in your cart.</p>' ; }
# Create navigation links.
echo '<p><a href="shop.php">Shop</a> | <a href="forum.php">Forum</a> | <a
href="home.php">Home</a> | <a href="goodbye.php">Logout</a></p>' ;
# Display footer section.
#include ( 'includes/footer.html' ) ;
?>
Authorcheckout.php
<?php # DISPLAY CHECKOUT PAGE.
# Access session.
session_start() ;
# Redirect if not logged in.
if ( !isset( $_SESSION[ 'AuthorID' ] ) ) { require (
'authorlogin_tools.php' ) ; load() ; }
# Set page title and display header section.
$page_title = 'Checkout' ;
#include ( 'includes/header.html' ) ;
# Check for passed total and cart.
if ( isset( $_GET['total'] ) && ( $_GET['total'] > 0 ) &&
(!empty($_SESSION['cart']) ) )
{
# Open database connection.
require ('connect_db.php');
# Store buyer and order total in 'orders' database table.
$q = "INSERT INTO orders ( CustomerID, total, order_date ) VALUES (".
$_SESSION['user_id'].",".$_GET['total'].", NOW() ) ";
$r = mysqli_query ($dbc, $q);
# Retrieve current order number.
$order_id = mysqli_insert_id($dbc) ;
# Retrieve cart items from 'shop' database table.
$q = "SELECT * FROM shop WHERE item_id IN (";
foreach ($_SESSION['cart'] as $id => $value) { $q .= $id . ','; }
$q = substr( $q, 0, -1 ) . ') ORDER BY item_id ASC';
$r = mysqli_query ($dbc, $q);
# Store order contents in 'order_contents' database table.
while ($row = mysqli_fetch_array ($r, MYSQLI_ASSOC))
{
$query = "INSERT INTO order_contents ( order_id, item_id, quantity,
price )
VALUES ( $order_id,
".$row['item_id'].",".$_SESSION['cart'][$row['item_id']]['quantity'].",".$_
SESSION['cart'][$row['item_id']]['price'].")" ;
$result = mysqli_query($dbc,$query);
}
69. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
68
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
# Close database connection.
mysqli_close($dbc);
# Display order number.
echo "<p>Thanks for your order. Your Order Number Is #".$order_id."</p>";
# Remove cart items.
$_SESSION['cart'] = NULL ;
}
# Or display a message.
else { echo '<p>There are no items in your cart.</p>' ; }
# Create navigation links.
echo '<p><a href="shop.php">Shop</a> | <a href="forum.php">Forum</a> | <a
href="home.php">Home</a> | <a href="goodbye.php">Logout</a></p>' ;
# Display footer section.
#include ( 'includes/footer.html' ) ;
?>
Addbook.php
<?php # DISPLAY COMPLETE PRODUCTS PAGE.
# Access session.
session_start() ;
# Redirect if not logged in.
if ( !isset( $_SESSION[ 'CustomerID' ] ) ) { require ( 'login_tools.php' )
; load() ; }
# Set page title and display header section.
$page_title = 'addbook' ;
//include ( 'includes/header.html' ) ;
# Open database connection.
require ( 'connect_db.php' ) ;
# Retrieve items from 'shop' database table.
$q = "SELECT * FROM shop" ;
$r = mysqli_query( $dbc, $q ) ;
if ( mysqli_num_rows( $r ) > 0 )
{
# Display body section.
echo '<table><tr>';
while ( $row = mysqli_fetch_array( $r, MYSQLI_ASSOC ))
{
echo '<td><strong>' . $row['item_name'] .'</strong><br><span
style="font-size:smaller">'. $row['item_desc'] . '</span><br><img src='.
$row['item_img'].'><br>$' . $row['item_price'] . '<br><a
href="added.php?id='.$row['item_id'].'">Add To Cart</a></td>';
}
echo '</tr></table>';
# Close database connection.
70. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
69
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
mysqli_close( $dbc ) ;
}
# Or display message.
else { echo '<p>There are currently no items in this shop.</p>' ; }
# Create navigation links.
echo '<p><a href="cart.php">View Cart</a> | <a href="forum.php">Forum</a> |
<a href="home.php">Home</a> | <a href="goodbye.php">Logout</a></p>' ;
# Display footer section.
#include ( 'includes/footer.html' ) ;
?>
Authoraddbook.php
<?php # DISPLAY COMPLETE AUTHOR ADDING A BOOK.
session_start() ;
# Set page title and display header section.
$page_title = 'Author Add Book' ;
//include ( 'header.html' ) ;
# Check form submitted.
if ( $_SERVER[ 'REQUEST_METHOD' ] == 'POST' )
{
# Connect to the database.
require ('connect_db.php');
# Initialize an error array.
$errors = array();
# Check for a first name.
/* if ( empty( $_POST[ 'Item_ID' ] ) )
{ $errors[] = 'Enter your item ID.' ; }
else
{ $fn = mysqli_real_escape_string( $dbc, trim( $_POST[ 'FirstName' ] ) )
; }
*/
# Check for a last name.
if (empty( $_POST[ 'item_name' ] ) )
{ $errors[] = 'Enter a name.' ; }
else
{ $item_name = mysqli_real_escape_string( $dbc, trim( $_POST[ 'item_name'
] ) ) ; }
# Check for an email address:
if ( empty( $_POST[ 'item_desc' ] ) )
{ $errors[] = 'Enter a description.'; }
else
{ $item_desc = mysqli_real_escape_string( $dbc, trim( $_POST[ 'item_desc'
] ) ) ; }
if ( empty( $_POST[ 'item_price' ] ) )
{ $errors[] = 'Enter a price.'; }
else
{ $item_price = mysqli_real_escape_string( $dbc, trim( $_POST[
'item_price' ] ) ) ; }
71. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
70
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
if ( empty( $errors ) )
{
$AuthorID= $_SESSION['AuthorID'];
echo $AuthorID;
$q = "INSERT INTO shop (item_name, item_desc, item_price, AuthorID)
VALUES ('$item_name', '$item_desc', '$item_price','$AuthorID' )";
$r = @mysqli_query ( $dbc, $q ) ;
if ($r)
{ echo '<h1>Book successfully Registered!</h1><p>Your new added book is
now registered.</p><p><a href="authoraddbook.php">Add another
book</a></p>'; }
# Close database connection.
mysqli_close($dbc);
# Display footer section and quit script:
//include ('footer.html');
exit();
}
# Or report errors.
else
{
echo '<h1>Error!</h1><p id="err_msg">The following error(s)
occurred:<br>' ;
foreach ( $errors as $msg )
{ echo " - $msg<br>" ; }
echo 'Please try again.</p>';
# Close database connection.
mysqli_close( $dbc );
}
}
?>
<!-- Display body section with sticky form. -->
<h1>Add Book</h1>
<form action="authoraddbook.php" method="post">
<p>Item Name: <input type="text" name="item_name" size="20"
value="<?php if (isset($_POST['item_name']))
echo $_POST['item_name']; ?>"></p>
<p>Item Description: <input type="text" name="item_desc" size="200"
value="<?php if (isset($_POST['item_desc']))
echo $_POST['item_desc']; ?>">
<!--Item image: <input type="text" name="item_img" size="20"
value="<?php if (isset($_POST['item_img']))
echo $_POST['item_img']; ?>">
-->
<p>Item Price: <input type="text" name="item_price" size="20"
value="<?php if (isset($_POST['item_price']))
echo $_POST['item_price']; ?>">
<p><input type="submit" value="Register Book"></p>
</form>
<?php
# Display footer section.
//include ( 'footer.html' ) ;
72. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
71
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
?>
Authordeletebook.php
<?php # DISPLAY COMPLETE AUTHOR ADDING A BOOK.
session_start();
# Set page title and display header section.
$page_title = 'Author Delete Book' ;
//include ( 'header.html' ) ;
require ('connect_db.php');
$AuthorID= $_SESSION['AuthorID'];
$q="SELECT * FROM shop WHERE AuthorID= $AuthorID ";
$result= mysqli_query($dbc,$q);
while($row= mysqli_fetch_array($result, MYSQLI_ASSOC ))
{
#echo '<table><tr>';
echo $row['item_name']. '<br><a
href="deletedbook.php?id='.$row['item_id'].'">DELETE BOOK</a>';
echo $row['item_price'];
#echo '</table></tr>';
}
?>
<?php
# Display footer section.
//include ( 'footer.html' ) ;
?>
Authoradded.php
<?php # DISPLAY SHOPPING CART ADDITIONS PAGE.
# Access session.
session_start() ;
# Redirect if not logged in.
if ( !isset( $_SESSION[ 'AuthorID' ] ) ) { require (
'authorlogin_tools.php' ) ; load() ; }
# Set page title and display header section.
$page_title = 'Cart Addition' ;
#include ( 'includes/header.html' ) ;
# Get passed product id and assign it to a variable.
if ( isset( $_GET['id'] ) ) $id = $_GET['id'] ;
# Open database connection.
require ( 'connect_db.php' ) ;
73. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
72
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
# Retrieve selective item data from 'shop' database table.
$q = "SELECT * FROM shop WHERE item_id = $id" ;
$r = mysqli_query( $dbc, $q ) ;
if ( mysqli_num_rows( $r ) == 1 )
{
$row = mysqli_fetch_array( $r, MYSQLI_ASSOC );
# Check if cart already contains one of this product id.
if ( isset( $_SESSION['cart'][$id] ) )
{
# Add one more of this product.
$_SESSION['cart'][$id]['quantity']++;
echo '<p>Another '.$row["item_name"].' has been added to your
cart</p>';
}
else
{
# Or add one of this product to the cart.
$_SESSION['cart'][$id]= array ( 'quantity' => 1, 'price' =>
$row['item_price'] ) ;
echo '<p>A '.$row["item_name"].' has been added to your cart</p>' ;
}
}
# Close database connection.
mysqli_close($dbc);
# Create navigation links.
echo '<p><a href="shop.php">Shop</a> | <a href="cart.php">View Cart</a> |
<a href="forum.php">Forum</a> | <a href="home.php">Home</a> | <a
href="goodbye.php">Logout</a></p>' ;
# Display footer section.
#include ( 'includes/footer.html' ) ;
?>
Authorgoodbye.php
<?php # DISPLAY COMPLETE LOGGED OUT PAGE.
# Access session.
session_start() ;
# Redirect if not logged in.
if ( !isset( $_SESSION[ 'AuthorID' ] ) ) { require ( 'login_tools.php' ) ;
load() ; }
# Set page title and display header section.
$page_title = 'Goodbye' ;
//include ( 'includes/header.html' ) ;
# Clear existing variables.
$_SESSION = array() ;
# Destroy the session.
session_destroy() ;
# Display body section.
74. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
73
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
echo '<h1>Goodbye!</h1><p>You are now logged out.</p><p><a
href="login.php">Login</a></p>' ;
# Display footer section.
//include ( 'includes/footer.html' ) ;
?>
Authorlogin.php
<?php # DISPLAY COMPLETE LOGIN PAGE.
# Set page title and display header section.
//$page_title = 'AuthorLogin' ;
//include ( 'header.html' ) ;
# Display any error messages if present.
if ( isset( $errors ) && !empty( $errors ) )
{
echo '<p id="err_msg">Oops! There was a problem:<br>' ;
foreach ( $errors as $msg ) { echo " - $msg<br>" ; }
echo 'Please try again or <a href="authorregister.php">Register</a></p>' ;
}
?>
<!-- Display body section. -->
<h1>Author Login</h1>
<form action="authorlogin_action.php" method="post">
<p>Email Address: <input type="text" name="email"> </p>
<p>Password: <input type="password" name="pass"></p>
<p><input type="submit" value="Login" ></p>
</form>
<?php
# Display footer section.
//include ( 'footer.html' ) ;
?>
Authorhome.php
<?php # DISPLAY COMPLETE LOGGED IN PAGE.
# Access session.
session_start() ;
# Redirect if not logged in.
if ( !isset( $_SESSION[ 'AuthorID' ] ) ) { require (
'authorlogin_tools.php' ) ; load() ; }
# Set page title and display header section.
$page_title = 'Author Home' ;
//include ( 'includes/header.html' ) ;
75. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
74
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
# Display body section.
echo "<h1>HOME</h1><p>You are now logged in, {$_SESSION['FirstName']}
{$_SESSION['LastName']} </p>";
# Create navigation links.
echo '<p><a href="authorshop.php">Shop</a> | <a
href="authoraddbook.php">Add Book</a> | <a
href="authordeletebook.php">Delete Book</a> | <a
href="updateprice.php">Update Book Price</a> | <a
href="authorgoodbye.php">Logout</a></p>';
# Display footer section.
//include ( 'includes/footer.html' ) ;
?>
Authorlogin_action.php
<?php # PROCESS AUTHOR LOGIN ATTEMPT.
# Check form submitted.
if ( $_SERVER[ 'REQUEST_METHOD' ] == 'POST' )
{
# Open database connection.
require ( 'connect_db.php' ) ;
# Get connection, load, and validate functions.
require ( 'authorlogin_tools.php' ) ;
# Check login.
list ( $check, $data ) = validate ( $dbc, $_POST[ 'email' ], $_POST[
'pass' ] ) ;
# On success set session data and display logged in page.
if ( $check )
{
# Access session.
session_start();
$_SESSION[ 'AuthorID' ] = $data[ 'AuthorID' ] ;
$_SESSION[ 'FirstName' ] = $data[ 'FirstName' ] ;
$_SESSION[ 'LastName' ] = $data[ 'LastName' ] ;
load ( 'authorhome.php' ) ;
}
# Or on failure set errors.
else { $errors = $data; }
# Close database connection.
mysqli_close( $dbc ) ;
}
# Continue to display login page on failure.
include ( 'Authorlogin.php' ) ;
?>
Authorlogin_tools.php
76. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
75
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
<?php # AUTHOR LOGIN HELPER FUNCTIONS.
# Function to load specified or default URL.
function load( $page = 'Authorlogin.php' )
{
# Begin URL with protocol, domain, and current directory.
$url = 'http://' . $_SERVER[ 'HTTP_HOST' ] . dirname( $_SERVER[
'PHP_SELF' ] ) ;
# Remove trailing slashes then append page name to URL.
$url = rtrim( $url, '/' ) ;
$url .= '/' . $page ;
# Execute redirect then quit.
header( "Location: $url" ) ;
exit() ;
}
# Function to check email address and password.
function validate( $dbc, $email = '', $pass = '' )
{
# Initialize errors array.
$errors = array() ;
$email = $_POST['email'];
$pass = $_POST['pass'];
# Check email field.
if ( empty( $email ) )
{ $errors[] = 'Enter your email address.' ; }
else { $e = mysqli_real_escape_string( $dbc, trim( $email ) ) ; }
# Check password field.
if ( empty( $pass ) )
{ $errors[] = 'Enter your password.' ; }
else { $p = mysqli_real_escape_string( $dbc, trim( $pass ) ) ; }
# On success retrieve user_id, first_name, and last name from 'users'
database.
if ( empty( $errors ) )
{
$q = "SELECT * FROM author WHERE Email='$e' AND Pass='$p' " ;
$r = mysqli_query ( $dbc, $q ) ;
$s=mysqli_num_rows( $r );
if ( $s == 1 )
{
$row = mysqli_fetch_array ( $r, MYSQLI_ASSOC ) ;
return array( true, $row ) ;
}
# Or on failure set error message.
else { $errors[] = 'Email address and password not found.' ; }
}
# On failure retrieve error message/s.
return array( false, $errors ) ;
}
Authorregister.php
<?php # DISPLAY COMPLETE AUTHOR REGISTRATION PAGE.
77. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
76
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
# Set page title and display header section.
$page_title = 'AuthorRegister' ;
//include ( 'header.html' ) ;
# Check form submitted.
if ( $_SERVER[ 'REQUEST_METHOD' ] == 'POST' )
{
# Connect to the database.
require ('connect_db.php');
# Initialize an error array.
$errors = array();
# Check for a first name.
if ( empty( $_POST[ 'FirstName' ] ) )
{ $errors[] = 'Enter your first name.' ; }
else
{ $fn = mysqli_real_escape_string( $dbc, trim( $_POST[ 'FirstName' ] ) )
; }
# Check for a last name.
if (empty( $_POST[ 'LastName' ] ) )
{ $errors[] = 'Enter your last name.' ; }
else
{ $ln = mysqli_real_escape_string( $dbc, trim( $_POST[ 'LastName' ] ) ) ;
}
# Check for an email address:
if ( empty( $_POST[ 'Email' ] ) )
{ $errors[] = 'Enter your email address.'; }
else
{ $e = mysqli_real_escape_string( $dbc, trim( $_POST[ 'Email' ] ) ) ; }
# Check for a password and matching input passwords.
if ( !empty($_POST[ 'pass1' ] ) )
{
if ( $_POST[ 'pass1' ] != $_POST[ 'pass2' ] )
{ $errors[] = 'Passwords do not match.' ; }
else
{ $p = mysqli_real_escape_string( $dbc, trim( $_POST[ 'pass1' ] ) ) ; }
}
else { $errors[] = 'Enter your password.' ; }
# Check if email address already registered.
if ( empty( $errors ) )
{
$q = "SELECT user_id FROM users WHERE email='$e'" ;
$r = @mysqli_query ( $dbc, $q ) ;
if ( mysqli_num_rows( $r ) != 0 ) $errors[] = 'Email address already
registered. <a href="authorlogin.php">Login</a>' ;
}
# On success register user inserting into 'users' database table.
if ( empty( $errors ) )
{
$q = "INSERT INTO users (FirstName, LastName, Email, pass, reg_date)
VALUES ('$fn', '$ln', '$e', SHA1('$p'), NOW() )";
$r = @mysqli_query ( $dbc, $q ) ;
if ($r)
78. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
77
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
{ echo '<h1>Registered!</h1><p>You are now registered.</p><p><a
href="authorlogin.php">AuthorLogin</a></p>'; }
# Close database connection.
mysqli_close($dbc);
# Display footer section and quit script:
//include ('footer.html');
exit();
}
# Or report errors.
else
{
echo '<h1>Error!</h1><p id="err_msg">The following error(s)
occurred:<br>' ;
foreach ( $errors as $msg )
{ echo " - $msg<br>" ; }
echo 'Please try again.</p>';
# Close database connection.
mysqli_close( $dbc );
}
}
?>
<!-- Display body section with sticky form. -->
<h1>Author Register</h1>
<form action="authorregister.php" method="post">
<p>First Name: <input type="text" name="first_name" size="20" value="<?php
if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>">
Last Name: <input type="text" name="last_name" size="20" value="<?php if
(isset($_POST['last_name'])) echo $_POST['last_name']; ?>"></p>
<p>Email Address: <input type="text" name="email" size="50" value="<?php if
(isset($_POST['email'])) echo $_POST['email']; ?>"></p>
<p>Password: <input type="password" name="pass1" size="20" value="<?php if
(isset($_POST['pass1'])) echo $_POST['pass1']; ?>" >
Confirm Password: <input type="password" name="pass2" size="20"
value="<?php if (isset($_POST['pass2'])) echo $_POST['pass2']; ?>"></p>
<p><input type="submit" value="Register"></p>
</form>
<?php
# Display footer section.
//include ( 'footer.html' ) ;
?>
Cart.php
<?php # DISPLAY SHOPPING CART PAGE.
# Access session.
session_start() ;
# Redirect if not logged in.
if ( !isset( $_SESSION[ 'CustomerID' ] ) ) { require ( 'login_tools.php' )
; load() ; }
79. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
78
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
# Set page title and display header section.
$page_title = 'Cart' ;
#include ( 'includes/header.html' ) ;
# Check if form has been submitted for update.
if ( $_SERVER['REQUEST_METHOD'] == 'POST' )
{
# Update changed quantity field values.
foreach ( $_POST['qty'] as $item_id => $item_qty )
{
# Ensure values are integers.
$id = (int) $item_id;
$qty = (int) $item_qty;
# Change quantity or delete if zero.
if ( $qty == 0 ) { unset ($_SESSION['cart'][$id]); }
elseif ( $qty > 0 ) { $_SESSION['cart'][$id]['quantity'] = $qty; }
}
}
# Initialize grand total variable.
$total = 0;
# Display the cart if not empty.
if (!empty($_SESSION['cart']))
{
# Connect to the database.
require ('connect_db.php');
# Retrieve all items in the cart from the 'shop' database table.
$q = "SELECT * FROM shop WHERE item_id IN (";
foreach ($_SESSION['cart'] as $id => $value) { $q .= $id . ','; }
$q = substr( $q, 0, -1 ) . ') ORDER BY item_id ASC';
$r = mysqli_query ($dbc, $q);
# Display body section with a form and a table.
echo '<form action="cart.php" method="post"><table><tr><th
colspan="5">Items in your cart</th></tr><tr>';
while ($row = mysqli_fetch_array ($r, MYSQLI_ASSOC))
{
# Calculate sub-totals and grand total.
$subtotal = $_SESSION['cart'][$row['item_id']]['quantity'] *
$_SESSION['cart'][$row['item_id']]['price'];
$total += $subtotal;
# Display the row/s:
echo "<tr> <td>{$row['item_name']}</td> <td>{$row['item_desc']}</td>
<td><input type="text" size="3" name="qty[{$row['item_id']}]"
value="{$_SESSION['cart'][$row['item_id']]['quantity']}"></td>
<td>@ {$row['item_price']} = </td> <td>".number_format ($subtotal,
2)."</td></tr>";
}
# Close the database connection.
mysqli_close($dbc);
# Display the total.
echo ' <tr><td colspan="5" style="text-align:right">Total =
'.number_format($total,2).'</td></tr></table><input type="submit"
name="submit" value="Update My Cart"></form>';
}
80. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
79
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
else
# Or display a message.
{ echo '<p>Your cart is currently empty.</p>' ; }
# Create navigation links.
echo '<p><a href="shop.php">Shop</a> | <a
href="checkout.php?total='.$total.'">Checkout</a> | <a
href="forum.php">Forum</a> | <a href="home.php">Home</a> | <a
href="goodbye.php">Logout</a></p>' ;
# Display footer section.
#include ( 'includes/footer.html' ) ;
?>
Checkout.php
<?php # DISPLAY CHECKOUT PAGE.
# Access session.
session_start() ;
# Redirect if not logged in.
if ( !isset( $_SESSION[ 'CustomerID' ] ) ) { require ( 'login_tools.php' )
; load() ; }
# Set page title and display header section.
$page_title = 'Checkout' ;
#include ( 'includes/header.html' ) ;
# Check for passed total and cart.
if ( isset( $_GET['total'] ) && ( $_GET['total'] > 0 ) &&
(!empty($_SESSION['cart']) ) )
{
# Open database connection.
require ('connect_db.php');
# Store buyer and order total in 'orders' database table.
$q = "INSERT INTO orders ( CustomerID, total, order_date ) VALUES (".
$_SESSION['user_id'].",".$_GET['total'].", NOW() ) ";
$r = mysqli_query ($dbc, $q);
# Retrieve current order number.
$order_id = mysqli_insert_id($dbc) ;
# Retrieve cart items from 'shop' database table.
$q = "SELECT * FROM shop WHERE item_id IN (";
foreach ($_SESSION['cart'] as $id => $value) { $q .= $id . ','; }
$q = substr( $q, 0, -1 ) . ') ORDER BY item_id ASC';
$r = mysqli_query ($dbc, $q);
# Store order contents in 'order_contents' database table.
while ($row = mysqli_fetch_array ($r, MYSQLI_ASSOC))
{
$query = "INSERT INTO order_contents ( order_id, item_id, quantity,
price )
81. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
80
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
VALUES ( $order_id,
".$row['item_id'].",".$_SESSION['cart'][$row['item_id']]['quantity'].",".$_
SESSION['cart'][$row['item_id']]['price'].")" ;
$result = mysqli_query($dbc,$query);
}
# Close database connection.
mysqli_close($dbc);
# Display order number.
echo "<p>Thanks for your order. Your Order Number Is #".$order_id."</p>";
# Remove cart items.
$_SESSION['cart'] = NULL ;
}
# Or display a message.
else { echo '<p>There are no items in your cart.</p>' ; }
# Create navigation links.
echo '<p><a href="shop.php">Shop</a> | <a href="forum.php">Forum</a> | <a
href="home.php">Home</a> | <a href="goodbye.php">Logout</a></p>' ;
# Display footer section.
#include ( 'includes/footer.html' ) ;
?>
Connect_db.php
<?php
# Connect on 'localhost' for user 'olly'
# With password 'nirvana' to database 'site_db'
$dbc =mysqli_connect
('localhost' , 'root' , '' , 'bookstop')
OR die
( mysqli_connect_error() );
#set encoding to match PHP script encodingmysqli_set_charset($dbc ,
'utf8');
?>
Deletebook.php
<?php # DISPLAY COMPLETE PRODUCTS PAGE.
# Access session.
session_start() ;
# Redirect if not logged in.
if ( !isset( $_SESSION[ 'DeleteID' ] ) ) { require ( 'login_tools.php' ) ;
load() ; }
# Set page title and display header section.
82. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
81
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
$page_title = 'addbook' ;
//include ( 'includes/header.html' ) ;
# Open database connection.
require ( 'connect_db.php' ) ;
# Retrieve items from 'shop' database table.
$q = "SELECT * FROM shop" ;
$r = mysqli_query( $dbc, $q ) ;
if ( mysqli_num_rows( $r ) > 0 )
{
# Display body section.
echo '<table><tr>';
while ( $row = mysqli_fetch_array( $r, MYSQLI_ASSOC ))
{
echo '<td><strong>' . $row['item_name'] .'</strong><br><span
style="font-size:smaller">'. $row['item_desc'] . '</span><br><img src='.
$row['item_img'].'><br>$' . $row['item_price'] . '<br><a
href="added.php?id='.$row['item_id'].'">Add To Cart</a></td>';
}
echo '</tr></table>';
# Close database connection.
mysqli_close( $dbc ) ;
}
# Or display message.
else { echo '<p>There are currently no items in this shop.</p>' ; }
# Create navigation links.
echo '<p><a href="cart.php">View Cart</a> | <a href="forum.php">Forum</a> |
<a href="home.php">Home</a> | <a href="goodbye.php">Logout</a></p>' ;
# Display footer section.
#include ( 'includes/footer.html' ) ;
?>
Deletedbook.php
<?php
session_start();
# Check form submitted.
if ( isset($_GET['id']) )
{
$id= $_GET['id'];
echo $id;
# Connect to the database.
if ( empty( $errors ) )
{
require ('connect_db.php');
$q = "DELETE FROM shop WHERE item_id= $id ";
$r = @mysqli_query ( $dbc, $q ) ;
if ($r)
83. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
82
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
{ echo '<h1>Book successfully Deleted!</h1><p>Your new added book is
now registered.</p><p><a href="authorhome.php">Delete another
book</a></p>'; }
# Close database connection.
mysqli_close($dbc);
# Display footer section and quit script:
//include ('footer.html');
exit();
}
# Or report errors.
else
{
echo '<h1>Error!</h1><p id="err_msg">The following error(s)
occurred:<br>' ;
foreach ( $errors as $msg )
{ echo " - $msg<br>" ; }
echo 'Please try again.</p>';
# Close database connection.
mysqli_close( $dbc );
}
}
Goodbye.php
<?php # DISPLAY COMPLETE LOGGED OUT PAGE.
# Access session.
session_start() ;
# Redirect if not logged in.
if ( !isset( $_SESSION[ 'CustomerID' ] ) ) { require ( 'login_tools.php' )
; load() ; }
# Set page title and display header section.
$page_title = 'Goodbye' ;
//include ( 'includes/header.html' ) ;
# Clear existing variables.
$_SESSION = array() ;
# Destroy the session.
session_destroy() ;
# Display body section.
echo '<h1>Goodbye!</h1><p>You are now logged out.</p><p><a
href="login.php">Login</a></p>' ;
# Display footer section.
//include ( 'includes/footer.html' ) ;
?>
84. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
83
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
Guestlogin.php
<?php # PROCESS GUEST LOGIN ATTEMPT.
# Check form submitted.
if ( $_SERVER[ 'REQUEST_METHOD' ] == 'POST' )
{
# Open database connection.
require ( 'connect_db.php' ) ;
# Get connection, load, and validate functions.
require ( 'guestlogin_tools.php' ) ;
# Check login.
list ( $check, $data ) = validate ( $dbc, $_POST[ 'email' ], $_POST[
'pass' ] ) ;
# On success set session data and display logged in page.
if ( $check )
{
# Access session.
session_start();
$_SESSION[ 'AuthorID' ] = $data[ 'AuthorID' ] ;
$_SESSION[ 'FirstName' ] = $data[ 'FirstName' ] ;
$_SESSION[ 'LastName' ] = $data[ 'LastName' ] ;
load ( 'authorhome.php' ) ;
}
# Or on failure set errors.
else { $errors = $data; }
# Close database connection.
mysqli_close( $dbc ) ;
}
# Continue to display login page on failure.
include ( 'Guestlogin.php' ) ;
?>
Guestshop.php
<?php # DISPLAY COMPLETE PRODUCTS PAGE.
# Access session.
session_start() ;
# Redirect if not logged in
//if ( !isset( $_SESSION[ 'CustomerID' ] ) ) { require ( 'login_tools.php'
) ; load() ; }
# Set page title and display header section.
$page_title = 'Shop' ;
//include ( 'includes/header.html' ) ;
85. 1430800 WEB III, client-side scripting and integrationwith server-side scripting 12/02/2016
URL:”https://github.com/ollyicycool82/web3assignment2-1430800/”
84
Viewsite onserver:”http://olivera0800.ccacolchester.com/web3ass21430800/login.php”
# Open database connection.
require ( 'connect_db.php' ) ;
# Retrieve items from 'shop' database table.
$q = "SELECT * FROM shop" ;
$r = mysqli_query( $dbc, $q ) ;
if ( mysqli_num_rows( $r ) > 0 )
{
# Display body section.
echo '<table>';
$counter=0;
while ( $row = mysqli_fetch_array( $r, MYSQLI_ASSOC ))
{
if($counter=5){
echo '<tr><td><strong>' . $row['item_name'] .'</strong><br><span
style="font-size:smaller">'. $row['item_desc'] . '</span><br><img src='.
$row['item_img'].'><br>$' . $row['item_price'] . '<br><a
href="added.php?id='.$row['item_id'].'">Add To Cart</a></td></tr>';
$counter++;}
}
echo '</table>';
# Close database connection.
mysqli_close( $dbc ) ;
}
# Or display message.
else { echo '<p>There are currently no items in this shop.</p>' ; }
# Create navigation links.
echo '<p><a href="cart.php">View Cart</a> | <a href="forum.php">Forum</a> |
<a href="home.php">Home</a> | <a href="goodbye.php">Logout</a></p>' ;
# Display footer section.
#include ( 'includes/footer.html' ) ;
?>
Home.php
<?php # DISPLAY COMPLETE LOGGED IN PAGE.
# Access session.
session_start() ;
# Redirect if not logged in.
if ( !isset( $_SESSION[ 'CustomerID' ] ) ) { require ( 'login_tools.php' )
; load() ; }
# Set page title and display header section.
$page_title = 'Home' ;
//include ( 'includes/header.html' ) ;
# Display body section.
echo "<h1>HOME</h1><p>You are now logged in, {$_SESSION['FirstName']}
{$_SESSION['LastName']} </p>";