1. Index page
Create an index page to check whether the user is logged in or not.
<?php
if($_GET[login_id] == ""){
header("location:login.php");
exit;
}
?>
Header
Put the content that needs to go inside the header into the response header.
header("location:login.php");
Redirect to login.php.
If you don't use exit, the code can be exposed. Although the screen might appear the same, from a hacker's perspective, the underlying code could be revealed. Sections that should only be visible after logging in might become accessible.
The meaning of exit is that the program stops running at that point.
2. Function
The function named login1 is created in login_func.php and used from there.
<?php
require_once('login_func.php');
?>
In login_func.php, compare the ID and password to authenticate whether the login is successful or not.
3. In case of Errors
When developing for the web, even a small typo in PHP code can cause an error.
Since PHP executes code from top to bottom, inserting checkpoints throughout the code can help with debugging and locating errors later on.
echo "This > " . $login_res;
4. Database
The database (DB) serves the role of storing data and communicates with the Web Application Server (WAS).
It has a structure similar to that of an Excel program used for managing data.
Number | Name | Score |
1 | James | 100 |
2 | Nick | 90 |
3 | John | 80 |
Database: Can be compared to an Excel file.
-
Table: Similar to a sheet in Excel. It organizes multiple comparable data entries.
-
Column: A vertical set of data – represents data types or categories (e.g., Number, Name, Score).
-
Row: A horizontal set of data – represents a single entry (e.g., 1, James, 100).
5. Create Database
php.myadmin/
ID : admin
PW: student1234
select [column name] from [table name]
ex) select name from test_table
select name, pass from test_table
If I want to bring all columns
select * from test_table
insert into [table name] (column name) value (value)
ex) insert into test_table (name, score, pass) value ('nomaltic', '80', '2222')
insert into test_table value (NULL, 'James', '70', '3333')
select [column name] from [table name] where [condition]
ex) select name from test_table where name='John'
select name, pass from test_table where name='John'
AND and OR conditions:
-
AND: Used to retrieve data that meets both conditions at the same time.
select name, pass from test_table where name='John' and pass='1234'
OR: Used to retrieve data that meets at least one of the conditions.
select name, pass from test_table where name='John' or pass='2222'
7. WAS-DB Connection
php - mySQL connection
WAS has to know what is ID and Password!!
DB_SERVER is localhost.
Usually, an IP address is entered instead of localhost.
define('DB_SERVER', 'localhost');
define('DB_USERNAME', 'admin');
define('DB_PASSWORD', 'student1234');
define('DB_NAME', 'test');
$db_conn = mysqli_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME);
Ticket
To communicate with the DB, a ticket is required. It is called 'Connector'.
ex)
$db_conn = mysqli_connect('localhost', 'admin', 'student1234', 'test');
if($db_conn){
echo "DB Connect OK";
}else{
echo "DB Connect Failed";
}
My ip address is entered instead of localhost.
The WAS must have the database ID and password.
Only then can the WAS connect to the database.
$sql = "select * from test_table";
$result = mysqli_query($db_conn, $sql);
Store it in a variable named result.
$db_conn = mysqli_connect('localhost', 'admin', 'student1234', 'test');
if($db_conn){
echo "DB Connect OK";
}else{
echo "DB Connect Failed";
}
// select
$sql = "select * from test_table";
$result = mysqli_query($db_conn, $sql);
var_dump($result);
$row = mysqli_fetch_array($result);
A command to fetch a single row:
mysqli_fetch_assoc() or mysqli_fetch_array() (in PHP).
$db_conn = mysqli_connect('localhost', 'admin', 'student1234', 'test');
if($db_conn){
echo "DB Connect OK";
}else{
echo "DB Connect Failed";
}
// select
$sql = "select * from test_table";
$result = mysqli_query($db_conn, $sql);
$row = mysqli_fetch_array($result);
var_dump($row);
$db_conn = mysqli_connect('localhost', 'admin', 'student1234', 'test');
if($db_conn){
echo "DB Connect OK";
}else{
echo "DB Connect Failed";
}
// select
$sql = "select * from test_table";
$result = mysqli_query($db_conn, $sql);
$row = mysqli_fetch_array($result);
var_dump($row);
$row = mysqli_fetch_array($result);
var_dump($row);
$sql = "select * from test_table";
$result = mysqli_query($db_conn, $sql);
$row = mysqli_fetch_array($result);
echo "Name: " . $row['name'];
Fetching desired information from the database
$sql = "select * from test_table where name='normaltic'";
$result = mysqli_query($db_conn, $sql);
$row = mysqli_fetch_array($result);
echo "Pass: " . $row['pass'];
Bring normaltic's password
8. Assignment
1) Review
2) Simple Task
-
Create a database containing student names and scores.
-
Using a GET request, enter the student's name to display their corresponding score on the page.
3) Create a Sign-Up Page (Implement Functionality)
SQL Code
CREATE TABLE users (
id INT(100) AUTO_INCREMENT PRIMARY KEY,
username VARCHAR(100) NOT NULL UNIQUE,
password VARCHAR(100) NOT NULL,
name VARCHAR(100) NOT NULL,
email VARCHAR(100),
phone VARCHAR(100),
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
Secure the password using a hashing algorithm(password_hash / password_verify)
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
if (password_verify($password, $user['password'])) {
4) Create a Login Page with Database Integration
Create admin_create.php to register an admin account
<?php
$conn = mysqli_connect('localhost', 'admin', 'student1234', 'test');
$hash = password_hash('student1234', PASSWORD_DEFAULT);
$sql = "UPDATE users SET password = '$hash' WHERE username = 'admin'";
mysqli_close($conn);
?>
https://github.com/YONGJAEMAN
댓글 없음:
댓글 쓰기