Commit 142cce75 by sopham

comment, delete unnescessary code

parent 53c6c4d7
<?php
session_start();
//include the database connection data
require_once "dbconnection.php";
//make the query
if ($stmt = $link->prepare('SELECT ID,password FROM users WHERE username= ?')) {
//bind user input to query
$stmt->bind_param('s', $_POST['username']);
//execute query
$stmt->execute();
//transfer a result set from last query
$stmt->store_result();
if ($stmt->num_rows > 0) {
//bind variables to a prepared statement for result storage
$stmt->bind_result($id, $password);
//fetch results from the prepared statement to bound variables
$stmt->fetch();
//if password is correct, establish session
if ($_POST['password'] === $password) {
session_regenerate_id();
$_SESSION['loggedin'] = TRUE;
......@@ -17,8 +33,13 @@ if ($stmt = $link->prepare('SELECT ID,password FROM users WHERE username= ?')) {
header('Location:index.php');
} else {
echo "Incorrect password";
}
}
}
//close the statement
$stmt->close();
}
//close the connection
$link->close();
?>
<?php
session_start();
//include database connection data
include_once "dbconnection.php";
//make the query
$query="SELECT image FROM users WHERE username=?";
//prepare the query with empty values as placeholder
$query = $link->prepare($query);
//bind value to the prepared query
$query->bind_param('s', $_SESSION['name']);
//execute the query
$query->execute();
//bind variable to the prepared query
$query->bind_result($location);
//fetch the result to variable
$query->fetch();
//return the location folder as response
echo $location;
//close the statement
$query->close();
//close the connection
$link->close();
?>
<?php
//include database connection data
include_once "dbconnection.php";
//make a query
$query = "TRUNCATE TABLE toDoList;";
//perform the query on the database
$result = $link -> query($query);
//check if there is any task deleted
if($result->num_rows <= 0) {
echo "No task was deleted";
}
//close the connection
$link -> close();
?>
<?php
//include database connection data
include_once "dbconnection.php";
//make the query
$query ="DELETE FROM toDoList WHERE ID=?";
//prepare empty values as placeholders
$query = $link->prepare($query);
//bind variable to the prepared query
$query->bind_param('s', $_GET['id']);
//execute the query
$query->execute();
//close the statement
$query->close();
//close the connection
$link->close();
?>
<?php
header('Content-type: application/json');
//include database connection data
include_once "dbconnection.php";
//make the query
$query = "SELECT ID,task FROM toDoList;";
$result = $link -> query($query);
//error handling
if (!$result) die ("Database access failed");
//define an array to store query results
$data = array();
//store id and task as key, value
for ($i = 0; $i < $result->num_rows; ++$i) {
//$task = array();
$row = $result->fetch_array(MYSQLI_NUM);
$data[$row[0]] = $row[1];
}
//return json data
header('Content-Type: application/json');
echo json_encode($data);
//close the connection
$link->close();
?>
......@@ -62,7 +62,7 @@ $(document).ready(function() {
type: "POST",
success: function(data) {
var e = document.getElementById("doList");
while(e.firstChild) {
while(e.firstChild) {
e.removeChild(e.firstChild);
}
}
......
<?php
session_start();
//if the user is not logged in, redirect to login page
//if the user is not logged in, delete the session cookie, redirect to login page
if(!isset($_SESSION['loggedin'])) {
session_destroy();
//delete the session cookie
$params = session_get_cookie_params();
setcookie(session_name(), '', 0, $params['path'], $params['domain'], $params['secure'], isset($params['httponly']));
header('Location: login_page.php');
exit();
//redirect to the login page
header('Location: login_page.html');
}
?>
<!DOCTYPE html>
......
<?php
session_start();
//include database connection data
include_once "dbconnection.php";
//$query = "INSERT INTO toDoList (task) VALUES (?) ";
$query1 = "INSERT INTO toDoList (task, userID) VALUES (?,?) ";
$query1 = $link->prepare($query1);
$query1 -> bind_param('si', $_POST['task'], $_SESSION['id']);
//$query -> bind_param('si', $_POST['task']);
$query1 -> execute();
//make the query
$query = "INSERT INTO toDoList (task, userID) VALUES (?,?) ";
//prepare empty values as placeholders
$query = $link->prepare($query1);
//bind variables to the prepared query
$query -> bind_param('si', $_POST['task'], $_SESSION['id']);
//execute the query
$query -> execute();
//return the last id task as response
$last_id = mysqli_insert_id($link);
echo $last_id;
$query1 -> close();
//close the statement
$query -> close();
//close the connection
$link -> close();
?>
<?php
session_start();
//unset all the session variables
session_unset();
//destroy session
session_destroy();
//delete the session cookie
$params = session_get_cookie_params();
setcookie(session_name(), '', 0, $params['path'], $params['domain'], $params['secure'], isset($params['httponly']));
header("Location: login_page.php");
//redirect to login page
header("Location: login_page.html");
?>
<?php
session_start();
//include database connection data
include_once 'dbconnection.php';
//check if the image is uploaded
if(is_uploaded_file($_FILES['file']['tmp_name'])) {
//save source and target to variables
$sourcePath = $_FILES['file']['tmp_name'];
$targetPath = "upload/".basename($_SESSION['name'].'.'.end((explode(".", $_FILES['file']['name']))));
//move uploaded file to target folder
if(move_uploaded_file($sourcePath, $targetPath)) {
//set session variable to the image location
$_SESSION['avatar'] = $targetPath;
//make a query to update database with image location
$query = "UPDATE users SET image=? WHERE username=?";
//prepare empty values as placeholders
$query = $link->prepare($query);
//bind variables to the prepared query
$query->bind_param('ss', $targetPath,$_SESSION['name']);
//execute the query
$query->execute();
//close the prepared statement
$query->close();
//close the connection
$link->close();
//return the image location as the response
echo $targetPath;
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment