Login Systems due Mon 12 Feb 11:00

\begin{purpose}
In completing this assignment you will:
\begin{itemize}
\ite...
...\item Utilize session variables to protect a page.
\end{itemize}
\end{purpose}

Details

At the end of this assignment your book selling application should have the following pages:
register.php
Same as was developed in lab day assignment.

login.php
This page presents a login form (self-posting). The login form behavior should be as follows:
  • If login fails for any reason the form should be re-displayed with an error message ``Attempt to Login Failed''. This is a rare situation where we don't want to be especially helpful!
  • Reasons login might fail include no matching email address found in the database and provided password not matching value stored in database.
  • When checking their password you'll pull their password from the database and use password_verify to see if their typed password matches the hashed password stored in the database. Recommended query:
    SELECT owner_id,password FROM yourschemaname.owner WHERE email=$1
    
  • If the above query is not empty and the password matches then it is time to set a session variable. I recommend setting a session variable to hold the owner_id because that will identify who is logged in.

sell.php
Same as in previous assignment except that it now requires a user to be logged in. If no user has been logged in then a visit to this page should be redirected to login.php using PHP's header command. Also, instead of always assigning a new listing to have an owner_id of 1, you will assign the id value based on the value stored in the session variable.

logout.php
NOTE: To test, you'll need to have multiple accounts created and log in as various users. For this reason you'll want a logout script that will delete the session variable and then redirect to the login screen.

display.php
Same as in previous assignment.

Quick Links