12 IPT‎ > ‎

Sample Teddybear Website

index.html
<!DOCTYPE html>
<html>
<head>
<script>
    location.href='index.php'
</script>
</head>
</html>
sessionCheck.php

<?php
session_start();
if (!isset($_SESSION['userName'])) {
    header("Location: logout.php");
    exit;
else {
    //Retrieve all Session Variables that you wish to recover
    $userName       = $_SESSION["userName"];
    $userFirstName  = $_SESSION["userFirstName"];
    $userLastName   = $_SESSION["userLastName"];
    $userRole       = $_SESSION["userRole"];
}
?>
index.php

<?php
require ('sessionCheck.php');

?>
<!DOCTYPE html>
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Teddy Bear Website - Home</title>
<link href="css/teddybearsrus.css" rel="stylesheet" type="text/css">


</head>
<body>
<div id="app">
<header>
    <h1>Teddy Bears R Us</h1>
</header>
<?php require("nav.php"); ?>
<main>

    <h1>Teddy Bears Home</h1>
    <p>My wonderful teddy bear website</p>

</main>
<footer>
(c) Copyright 2020 - Mr Lai - All rights reserved
</footer>
</div>
</body>
</html>
logout.php

<?php
    session_start();
    session_unset(); 
    session_destroy();
    header("Location: login.php");
?>


login.php


<?php
session_start();

function dbConnect() {
$dbserver = $_SERVER["SERVER_NAME"];
$dbuser = "tbUser";
$dbpassword = "password";
$dbname = "teddyrusdb";
$conn = mysqli_connect($dbserver,$dbuser,$dbpassword,$dbname);
if (!$conn) {echo("fail dbconnect"); }
return $conn;
}
function doPost($conn) {
// initialise local variables
$message = "Login unsuccessfully attempted. Try Again";
$retCode = 0;

// The purpose of POST here is to get userName and pwd from screen fields
// and check against the database

//retrieve the content of the screen fields and store them in local variables
$userName = $_POST["userName"];
$pwd = $_POST["pwd"];
//construct and execute SQL
$sql = "SELECT u.firstName, u.lastName, u.role FROM users AS u WHERE u.userName = LOWER(?) AND u.pwd = LOWER(?)";
$stmt = mysqli_stmt_init($conn); // initialise statement area for execution
if (mysqli_stmt_prepare($stmt, $sql)) {
mysqli_stmt_bind_param($stmt,"ss",$userName, $pwd); //replace $ with actual value
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $userFirstName, $userLastName, $userRole); //db fields are stored here
mysqli_stmt_store_result($stmt);

$rows = mysqli_stmt_num_rows($stmt);
if ($rows>0) { // if the user is found in database
mysqli_stmt_fetch($stmt);
//store fields into $_SESSION for reuse later
$_SESSION["userName"] = $userName;
$_SESSION["userFirstName"] = $userFirstName;
$_SESSION["userLastName"] = $userLastName;
$_SESSION["userRole"] = $userRole;
// format return message
$message = "Welcome ".$userFirstName." ".$userLastName.". You have the role: ".$userRole;
}
mysqli_stmt_close($stmt); //////////////////////////// tell students to add this
} else {
echo ("db failed");
$retCode = -9;
}

return array('retCode' => $retCode, 'message' => $message);
}
// ////////////////////////////////////////////////////////////////////////////////////////////////////////
$method = $_SERVER["REQUEST_METHOD"];
$message = "Please enter username and password and submit to Login";
if ($method == "POST") {
$conn = dbConnect(); // connect to database first
//$db = new dbConnect();
//$conn = $db->getConn();
if (isset($conn)) {
$dbarray = doPost($conn); // pass the connection into the POST processing - messages returned
$retCode = $dbarray["retCode"];
$message = $dbarray["message"];

if ($retCode != 0) {
$message = "Error: ".$message;
}
} else {echo ("DB error: No connection");}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Teddy Bear Website - Login</title>
<link href="css/teddybearsrus.css" rel="stylesheet" type="text/css">
</head>
<body>
<div id="app">
<header>
<h1>Teddy Bears R Us</h1>
</header>
<?php require("nav.php"); ?>
<main>
<h1>Teddy Bears Login Page</h1>
<p>Please login</p>
<div>
<form name="login" action="" method="post" class="loginform">
<div class="LUname"><label for "userName">Username</label></div>
<div class="TUname"><input name="userName" type="text" required></input></div>
<div class="LPwd">Password</div>
<div class="TPwd"><input name="pwd" type="password" required></input></div>
<div class="ResetBtn"><button type="reset">Restart</button></div>
<div class="SubmitBtn"><button type="submit">Open Sesame!</button></div>
</form>
</div>
<div><h3><?php echo($message); ?></h3></div>
</main>
<footer>
(c) Copyright 2020 - Mr Lai - All rights reserved
</footer>
</div>
</body>
</html>
feedback.php

<?php
require ('sessionCheck.php');

function dbConnect() {
$dbserver = $_SERVER["SERVER_NAME"];
$dbuser = "tbUser";
$dbpassword = "password";
$dbname = "teddyrusdb";
$conn = mysqli_connect($dbserver,$dbuser,$dbpassword,$dbname);
if (!$conn) {echo("fail dbconnect"); }
return $conn;
}

// getFeedbackList will get a list of feedback using SQL and format it with HTML
// to send back to browser in a variable
// that is echo'ed in the HTML
function getFeedbackList($conn) {
$sql = "SELECT fb.feedbackId, fb.username, fb.userFullName, fb.feedbackDate, fb.feedback FROM vwFeedback AS fb";

$fbl = "";
$result = mysqli_query($conn,$sql) or die(mysqli_error($conn)) ;

$fbl .= "<div class='feedbackList'><table>";
$fbl .= "<tr><th>Username</th><th>Full Name</th><th>Feedback Date</th><th>Feedback Comments</th></tr>";

if (mysqli_num_rows($result)>=1) {
while($row = mysqli_fetch_assoc($result)) {
$userName = $row["username"];
$userFullName = $row["userFullName"];
$feedbackDate = $row["feedbackDate"];
$feedback = nl2br($row["feedback"]);
$fbl .= "<tr><td width='15%'>$userName</td><td width='15%'>$userFullName</td><td width='15%'>$feedbackDate</td><td width='55%'>$feedback</td></tr>";
}
} else {
$fbl .= "<tr><td colspan='4' align='center'>".$_SESSION['userName'].", No feedback comments found</td></tr>";
}
$fbl .= "</table></div>";
return $fbl;
}

// addFeedback will get information from SESSION and from the FORM and INSERT them into database

function addFeedback($conn) {
$message = "Add Feedback failed - try again";

//Initialise variables to insert into the database
$userName = $_SESSION["userName"];
$userFirstName = $_SESSION["userFirstName"];
$userLastName = $_SESSION["userLastName"];
$userFullName = $_SESSION["userFirstName"].' '.$_SESSION["userLastName"];

$feedbackDate = DATE("Y-m-d");
$feedback = $_POST["feedback"]; //get feedback comments from the Form to put in DB

if (!isset($feedback)) {
$message = "Please fill in comments before submitting";
} else {
$sql = "INSERT INTO feedback (username, feedbackDate, feedback) VALUES (?,?,?)";
$stmt = mysqli_stmt_init($conn);
$message = $userFullName.", feedback unsuccessfully added";

if (mysqli_stmt_prepare($stmt, $sql)) {
mysqli_stmt_bind_param($stmt,"sss",$userName, $feedbackDate, $feedback);
if (mysqli_stmt_execute($stmt) or die(mysqli_stmt_error($conn))) {
$message =$userFullName.", feedback successfully added";
}
}
mysqli_stmt_close($stmt);
}
return $message;
}
// /////////////////////////////////////////////////////////////////////////////////
// Main line of code

$conn = dbConnect();
date_default_timezone_set("Australia/Sydney");
$userName = $_SESSION["userName"];
$userFullName = $_SESSION["userFirstName"].' '.$_SESSION["userLastName"];
$message = "Please enter feedback and submit";

$method = $_SERVER["REQUEST_METHOD"];

if ($method=="POST") {
if (isset($_POST["btnAdd"])) {
$message = addFeedback($conn);
} else {
$message = "Invalid function selected";
}
}

$feedbackList = getFeedbackList($conn)

// //////////////////////////////////////////////////////////////////////////////
?>
<!DOCTYPE html>
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Teddy Bear Website - Feedback</title>
<link href="css/teddybearsrus.css" rel="stylesheet" type="text/css">


</head>
<body>
<div id="app">
<header>
<h1>Teddy Bears R Us</h1>
</header>
<?php require("nav.php"); ?>
<main>

<h1>Teddy Bears Feedback</h1>
<p>Please give me feedback about my wonderful teddy bear website</p>

<h2>Feedback Comments</h2>
<?php echo($feedbackList); ?>
<p>
<div class="feedbackForm">
<form name="feedbackForm" action="" method="post">
<table>
<tr>
<td>Name</td>
<td><?php echo($userFullName." (".$userName.")"); ?>
</td>
</tr>
<tr>
<td>Date</td>
<td><?php echo(date('l, j M Y')); ?></td>
</tr>
<tr>
<td>Comment</td>
<td><textarea name="feedback" rows="4" cols="50" required></textarea></td>
</tr>
<tr>
<td><button type="reset">Start Again</button></td>
<td><input type="submit" name="btnAdd" value="Send my Comments"></input></td>
</tr>
</table>
</form>
</p>
</div>
<div><h3><?php echo($message); ?></h3></div>

</main>
<footer>
(c) Copyright 2020 - Mr Lai - All rights reserved
</footer>
</div>
</body>
</html>

quiz.php
<?php

$message = "Please answer the quiz...";
$method  = $_SERVER["REQUEST_METHOD"];

//Hit the submit button....process answering the quiz
IF ($method == "POST") {
$max = 3;
$correct = 0;

// Start from Q1 to MAX question and check that the Answer is correct, if it is add 1 to total correct
for ($x = 1; $x <= $max; $x++ ) {
if ($_POST["Q".$x] == "T") {
$correct = $correct + 1;
}
}

IF ($correct > 0) {
$message = "Congratulations you got ".$correct." right out of ".$max;
} ELSE {
$message = "Sorry, you got none correct! Try again!";
}
}
?>
<html>
<head>
<title>Teddy Bears R Us - Quiz </title>
<link rel="stylesheet" href="css/teddybears.css">
</head>
<body>
<?php
require("header.php");
require("nav.php"); ?>
<main>
<h1>Teddy Bears R Us Quiz</h1>
<form name="quiz" id="quiz" action="" method="post">
<table>
<tr><td><h3>Q1. Why did the teddy bears go into the woods?</h3></td></tr>
<tr><td><input type="radio" name="Q1" id="Q1A" value="F" required>A. To collect wood for the fire</input></td></tr>
<tr><td><input type="radio" name="Q1" id="Q1B" value="T" required>B. To have a picnic</input></td></tr>
<tr><td><input type="radio" name="Q1" id="Q1C" value="F" required>C. To visit little red riding hood</input></td></tr>
<tr><td><input type="radio" name="Q1" id="Q1D" value="F" required>D. To prepare for their Award Assembly</input></td></tr>

<tr><td><h3>Q2. Why did the teddy bears go into the woods?</h3></td></tr>
<tr><td><input type="radio" name="Q2" id="Q2A" value="F" required>A. To collect wood for the fire</input></td></tr>
<tr><td><input type="radio" name="Q2" id="Q2B" value="T" required>B. To have a picnic</input></td></tr>
<tr><td><input type="radio" name="Q2" id="Q2C" value="F" required>C. To visit little red riding hood</input></td></tr>
<tr><td><input type="radio" name="Q2" id="Q2D" value="F" required>D. To prepare for their Award Assembly</input></td></tr>

<tr><td><h3>Q3. Why did the teddy bears go into the woods?</h3></td></tr>
<tr><td><input type="radio" name="Q3" id="Q2A" value="F" required>A. To collect wood for the fire</input></td></tr>
<tr><td><input type="radio" name="Q3" id="Q2B" value="T" required>B. To have a picnic</input></td></tr>
<tr><td><input type="radio" name="Q3" id="Q2C" value="F" required>C. To visit little red riding hood</input></td></tr>
<tr><td><input type="radio" name="Q3" id="Q2D" value="F" required>D. To prepare for their Award Assembly</input></td></tr>

<tr><td><button type="submit" name="submit">Send Answer for Quiz</button></td></tr>
<tr><td><?php echo($message);?></td></tr>

</table>
</form>
</main>
<footer>
<p>(c) 2021 Mr Lai - All Rights Reserved</p>
</footer>
</body>
</html>








Comments