Commit 142cce75 by sopham

comment, delete unnescessary code

parent 53c6c4d7
<?php <?php
session_start(); session_start();
//include the database connection data
require_once "dbconnection.php"; require_once "dbconnection.php";
//make the query
if ($stmt = $link->prepare('SELECT ID,password FROM users WHERE username= ?')) { if ($stmt = $link->prepare('SELECT ID,password FROM users WHERE username= ?')) {
//bind user input to query
$stmt->bind_param('s', $_POST['username']); $stmt->bind_param('s', $_POST['username']);
//execute query
$stmt->execute(); $stmt->execute();
//transfer a result set from last query
$stmt->store_result(); $stmt->store_result();
if ($stmt->num_rows > 0) { if ($stmt->num_rows > 0) {
//bind variables to a prepared statement for result storage
$stmt->bind_result($id, $password); $stmt->bind_result($id, $password);
//fetch results from the prepared statement to bound variables
$stmt->fetch(); $stmt->fetch();
//if password is correct, establish session
if ($_POST['password'] === $password) { if ($_POST['password'] === $password) {
session_regenerate_id(); session_regenerate_id();
$_SESSION['loggedin'] = TRUE; $_SESSION['loggedin'] = TRUE;
...@@ -17,8 +33,13 @@ if ($stmt = $link->prepare('SELECT ID,password FROM users WHERE username= ?')) { ...@@ -17,8 +33,13 @@ if ($stmt = $link->prepare('SELECT ID,password FROM users WHERE username= ?')) {
header('Location:index.php'); header('Location:index.php');
} else { } else {
echo "Incorrect password"; echo "Incorrect password";
} }
} }
//close the statement
$stmt->close(); $stmt->close();
} }
//close the connection
$link->close();
?> ?>
<?php
session_start();
//include database connection data
include_once "dbconnection.php";
//make the query
$query="SELECT image FROM users WHERE username=?";
//prepare the query with empty values as placeholder
$query = $link->prepare($query);
//bind value to the prepared query
$query->bind_param('s', $_SESSION['name']);
//execute the query
$query->execute();
//bind variable to the prepared query
$query->bind_result($location);
//fetch the result to variable
$query->fetch();
//return the location folder as response
echo $location;
//close the statement
$query->close();
//close the connection
$link->close();
?>
<?php <?php
//include database connection data
include_once "dbconnection.php"; include_once "dbconnection.php";
//make a query
$query = "TRUNCATE TABLE toDoList;"; $query = "TRUNCATE TABLE toDoList;";
//perform the query on the database
$result = $link -> query($query); $result = $link -> query($query);
//check if there is any task deleted
if($result->num_rows <= 0) { if($result->num_rows <= 0) {
echo "No task was deleted"; echo "No task was deleted";
} }
//close the connection
$link -> close(); $link -> close();
?> ?>
<?php <?php
//include database connection data
include_once "dbconnection.php"; include_once "dbconnection.php";
//make the query
$query ="DELETE FROM toDoList WHERE ID=?"; $query ="DELETE FROM toDoList WHERE ID=?";
//prepare empty values as placeholders
$query = $link->prepare($query); $query = $link->prepare($query);
//bind variable to the prepared query
$query->bind_param('s', $_GET['id']); $query->bind_param('s', $_GET['id']);
//execute the query
$query->execute(); $query->execute();
//close the statement
$query->close(); $query->close();
//close the connection
$link->close(); $link->close();
?> ?>
<?php <?php
header('Content-type: application/json'); //include database connection data
include_once "dbconnection.php"; include_once "dbconnection.php";
//make the query
$query = "SELECT ID,task FROM toDoList;"; $query = "SELECT ID,task FROM toDoList;";
$result = $link -> query($query); $result = $link -> query($query);
//error handling
if (!$result) die ("Database access failed"); if (!$result) die ("Database access failed");
//define an array to store query results
$data = array(); $data = array();
//store id and task as key, value
for ($i = 0; $i < $result->num_rows; ++$i) { for ($i = 0; $i < $result->num_rows; ++$i) {
//$task = array();
$row = $result->fetch_array(MYSQLI_NUM); $row = $result->fetch_array(MYSQLI_NUM);
$data[$row[0]] = $row[1]; $data[$row[0]] = $row[1];
} }
//return json data
header('Content-Type: application/json'); header('Content-Type: application/json');
echo json_encode($data); echo json_encode($data);
//close the connection
$link->close(); $link->close();
?> ?>
...@@ -62,7 +62,7 @@ $(document).ready(function() { ...@@ -62,7 +62,7 @@ $(document).ready(function() {
type: "POST", type: "POST",
success: function(data) { success: function(data) {
var e = document.getElementById("doList"); var e = document.getElementById("doList");
while(e.firstChild) { while(e.firstChild) {
e.removeChild(e.firstChild); e.removeChild(e.firstChild);
} }
} }
......
<?php <?php
session_start(); session_start();
//if the user is not logged in, redirect to login page //if the user is not logged in, delete the session cookie, redirect to login page
if(!isset($_SESSION['loggedin'])) { if(!isset($_SESSION['loggedin'])) {
session_destroy();
//delete the session cookie
$params = session_get_cookie_params(); $params = session_get_cookie_params();
setcookie(session_name(), '', 0, $params['path'], $params['domain'], $params['secure'], isset($params['httponly'])); setcookie(session_name(), '', 0, $params['path'], $params['domain'], $params['secure'], isset($params['httponly']));
header('Location: login_page.php');
exit(); //redirect to the login page
header('Location: login_page.html');
} }
?> ?>
<!DOCTYPE html> <!DOCTYPE html>
......
<?php <?php
session_start(); session_start();
//include database connection data
include_once "dbconnection.php"; include_once "dbconnection.php";
//$query = "INSERT INTO toDoList (task) VALUES (?) ";
$query1 = "INSERT INTO toDoList (task, userID) VALUES (?,?) ";
$query1 = $link->prepare($query1);
$query1 -> bind_param('si', $_POST['task'], $_SESSION['id']);
//$query -> bind_param('si', $_POST['task']);
$query1 -> execute();
//make the query
$query = "INSERT INTO toDoList (task, userID) VALUES (?,?) ";
//prepare empty values as placeholders
$query = $link->prepare($query1);
//bind variables to the prepared query
$query -> bind_param('si', $_POST['task'], $_SESSION['id']);
//execute the query
$query -> execute();
//return the last id task as response
$last_id = mysqli_insert_id($link); $last_id = mysqli_insert_id($link);
echo $last_id; echo $last_id;
$query1 -> close();
//close the statement
$query -> close();
//close the connection
$link -> close(); $link -> close();
?> ?>
<?php <?php
session_start(); session_start();
//unset all the session variables
session_unset(); session_unset();
//destroy session
session_destroy(); session_destroy();
//delete the session cookie
$params = session_get_cookie_params(); $params = session_get_cookie_params();
setcookie(session_name(), '', 0, $params['path'], $params['domain'], $params['secure'], isset($params['httponly'])); setcookie(session_name(), '', 0, $params['path'], $params['domain'], $params['secure'], isset($params['httponly']));
header("Location: login_page.php");
//redirect to login page
header("Location: login_page.html");
?> ?>
<?php <?php
session_start(); session_start();
//include database connection data
include_once 'dbconnection.php'; include_once 'dbconnection.php';
//check if the image is uploaded
if(is_uploaded_file($_FILES['file']['tmp_name'])) { if(is_uploaded_file($_FILES['file']['tmp_name'])) {
//save source and target to variables
$sourcePath = $_FILES['file']['tmp_name']; $sourcePath = $_FILES['file']['tmp_name'];
$targetPath = "upload/".basename($_SESSION['name'].'.'.end((explode(".", $_FILES['file']['name'])))); $targetPath = "upload/".basename($_SESSION['name'].'.'.end((explode(".", $_FILES['file']['name']))));
//move uploaded file to target folder
if(move_uploaded_file($sourcePath, $targetPath)) { if(move_uploaded_file($sourcePath, $targetPath)) {
//set session variable to the image location
$_SESSION['avatar'] = $targetPath; $_SESSION['avatar'] = $targetPath;
//make a query to update database with image location
$query = "UPDATE users SET image=? WHERE username=?"; $query = "UPDATE users SET image=? WHERE username=?";
//prepare empty values as placeholders
$query = $link->prepare($query); $query = $link->prepare($query);
//bind variables to the prepared query
$query->bind_param('ss', $targetPath,$_SESSION['name']); $query->bind_param('ss', $targetPath,$_SESSION['name']);
//execute the query
$query->execute(); $query->execute();
//close the prepared statement
$query->close(); $query->close();
//close the connection
$link->close(); $link->close();
//return the image location as the response
echo $targetPath; echo $targetPath;
} }
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment