Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

完成 week9 作業 #9

Merged
merged 1 commit into from Nov 1, 2020
Merged

完成 week9 作業 #9

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
9 changes: 9 additions & 0 deletions homeworks/week9/hw1/error_log
View file
Open in desktop
@@ -0,0 +1,9 @@
[28-Oct-2020 13:24:04 UTC] PHP Warning: mysqli::__construct(): (HY000/1045): Access denied for user 'mtr04group05'@'localhost' (using password: YES) in /home/gk0bzeoh7dod/public_html/mtr04group5/mily/week9/conn.php on line 7
[28-Oct-2020 13:24:55 UTC] PHP Warning: mysqli::__construct(): (HY000/1045): Access denied for user 'mtr04group05'@'localhost' (using password: YES) in /home/gk0bzeoh7dod/public_html/mtr04group5/mily/week9/conn.php on line 7
[28-Oct-2020 13:25:32 UTC] PHP Warning: mysqli::__construct(): (HY000/1045): Access denied for user 'mtr04group05'@'localhost' (using password: YES) in /home/gk0bzeoh7dod/public_html/mtr04group5/mily/week9/conn.php on line 7
[28-Oct-2020 13:25:33 UTC] PHP Warning: mysqli::__construct(): (HY000/1045): Access denied for user 'mtr04group05'@'localhost' (using password: YES) in /home/gk0bzeoh7dod/public_html/mtr04group5/mily/week9/conn.php on line 7
[28-Oct-2020 13:25:33 UTC] PHP Warning: mysqli::__construct(): (HY000/1045): Access denied for user 'mtr04group05'@'localhost' (using password: YES) in /home/gk0bzeoh7dod/public_html/mtr04group5/mily/week9/conn.php on line 7
[28-Oct-2020 13:25:34 UTC] PHP Warning: mysqli::__construct(): (HY000/1045): Access denied for user 'mtr04group05'@'localhost' (using password: YES) in /home/gk0bzeoh7dod/public_html/mtr04group5/mily/week9/conn.php on line 7
[28-Oct-2020 13:25:35 UTC] PHP Warning: mysqli::__construct(): (HY000/1045): Access denied for user 'mtr04group05'@'localhost' (using password: YES) in /home/gk0bzeoh7dod/public_html/mtr04group5/mily/week9/conn.php on line 7
[28-Oct-2020 13:25:37 UTC] PHP Warning: mysqli::__construct(): (HY000/1045): Access denied for user 'mtr04group05'@'localhost' (using password: YES) in /home/gk0bzeoh7dod/public_html/mtr04group5/mily/week9/conn.php on line 7
[28-Oct-2020 13:25:42 UTC] PHP Warning: mysqli::__construct(): (HY000/1045): Access denied for user 'mtr04group05'@'localhost' (using password: YES) in /home/gk0bzeoh7dod/public_html/mtr04group5/mily/week9/conn.php on line 7
31 changes: 31 additions & 0 deletions homeworks/week9/hw1/handle_add_comment.php
View file
Open in desktop
@@ -0,0 +1,31 @@
<?php
session_start();
require_once('conn.php');
require_once('utils.php');

if (
empty($_POST['content'])
) {
header("Location: index.php?errCode=1");
die('資料不齊全');
}

$user = getUserFromUsername($_SESSION['username']);
$nickname = $user['nickname'];

$content = $_POST['content'];
$sql = sprintf(
"INSERT INTO mily_comments(nickname, content) VALUES('%s', '%s')",
$nickname ,
$content
);

echo 'SQL' . $sql . '<>';
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

這行應該是 for debug 用的? 如果是的話記得刪掉或註解~

$result = $conn->query($sql);

if (!$result) {
die(print_r($conn->error));
}

header("Location: index.php");
?>
42 changes: 42 additions & 0 deletions homeworks/week9/hw1/handle_login.php
View file
Open in desktop
@@ -0,0 +1,42 @@
<?php
session_start();
require_once('conn.php');
require_once('utils.php');

if (
empty($_POST['username']) ||
empty($_POST['password'])
) {
header("Location: login.php?errCode=1");
die();
}

$username = $_POST['username'];
$password = $_POST['password'];

$sql = sprintf(
"SELECT * FROM mily_users WHERE username='%s' AND password='%s'",
$username,
$password
);

$result = $conn->query($sql);
if (!$result) {
die($conn->error);
}

if ($result->num_rows) {
// 登入成功
/*
1. 產生 session id (token)
2. 把 username 寫入檔案
3. set-cookie:session-id
*/
$_SESSION['username'] = $username;

header("Location: index.php");
} else {
header("Location: login.php?errCode=2");
}

?>
34 changes: 34 additions & 0 deletions homeworks/week9/hw1/handle_register.php
View file
Open in desktop
@@ -0,0 +1,34 @@
<?php
require_once('conn.php');

if (
empty($_POST['username']) ||
empty($_POST['password']) ||
empty($_POST['nickname'])
) {
header("Location: register.php?errCode=1");
die();
}

$nickname = $_POST['nickname'];
$username = $_POST['username'];
$password = $_POST['password'];

$sql = sprintf(
"INSERT INTO mily_users(nickname, username, password) VALUES('%s', '%s', '%s')",
$nickname,
$username,
$password
);

$result = $conn->query($sql);
if (!$result) {
$code = $conn->errno;
if ($code === 1062) {
header("Location: register.php?errCode=2");
}
die(print_r($conn->error));
}

header("Location: register_done.php");
?>
Empty file removed homeworks/week9/hw1/index.html
View file
Open in desktop
Empty file.
85 changes: 85 additions & 0 deletions homeworks/week9/hw1/index.php
View file
Open in desktop
@@ -0,0 +1,85 @@
<?php
session_start();
require_once("conn.php");
require_once("utils.php");

/*
$username = $_SESSION['username']; 能做的事:
1. 從 cookie 裡面讀取 PHPSESSID(token)
2. 從檔案裡面讀取 session id 的內容
3. 放到 $_SESSION
*/
$username = NULL;
if(!empty($_SESSION['username'])) {
$username = $_SESSION['username'];
}

$result = $conn->query("SELECT * FROM mily_comments ORDER BY id desc");
if (!$result) {
die('Error:' . $conn->error);
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>今天吃什麼 ლ(´ڡ`ლ)</title>
<link href="https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@400;700&display=swap" rel="stylesheet">
<link rel="stylesheet" href="style.css">
</head>
<body>
<nav class="nav">
<div class="nav__content">
<a href="index.php" class="logo">今天吃什麼<span>ლ(´ڡ`ლ)</span></a>
<div class="nav__list">
<?php if (!$username) { ?>
<a href="register.php" class="nav__item"><img class="nav__item-icon" src="images/signup.svg">註冊</a>
<a href="login.php" class="nav__item"><img class="nav__item-icon" src="images/signin.svg">登入</a>
<?php } else { ?>
<a href="logout.php" class="nav__item"><img class="nav__item-icon" src="images/signin.svg">登出</a>
<?php } ?>
</div>
</div>
</nav>
<main class="main">
<?php if ($username) { ?>
<form class="board" method="POST" action="handle_add_comment.php">
<?php
if (!empty($_GET['errCode'])) {
$code = $_GET['errCode'];
$msg = 'Error';
if ($code === '1') {
$msg = '資料不齊全...( ・ᴗ・̥̥̥ )';
}
echo '<h2 class="error">錯誤:' . $msg . '</h2>';
}
?>
<label class="board__input-tittle"><textarea name="content" rows="5" placeholder="聊聊吃了什麼"></textarea></label>
<button class="board__submit" type="submit">送出<img src="images/send.svg"></button>
</form>
<?php } else { ?>
<div class="board board-guest">
<p>立即登入發布留言</p>
<a class="board-guest__btn" href="login.php">登入</a>
</div>
<?php } ?>
<section class="comment">
<?php
while($row = $result->fetch_assoc()) {
?>
<div class="card">
<div class="card__info">
<div class="card__avatar"></div>
<div class="card__detail">
<p class="card__author"><?php echo $row['nickname']; ?></p>
<p class="card__time"><?php echo $row['created_at']; ?></p>
</div>
</div>
<p class="card__message"><?php echo $row['content']; ?></p>
</div>
<?php } ?>
</section>
</main>
</body>
</html>
42 changes: 42 additions & 0 deletions homeworks/week9/hw1/login.php
View file
Open in desktop
@@ -0,0 +1,42 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>今天吃什麼 ლ(´ڡ`ლ)</title>
<link href="https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@400;700&display=swap" rel="stylesheet">
<link rel="stylesheet" href="style.css">
</head>
<body>
<nav class="nav">
<div class="nav__content">
<a href="index.php" class="logo">今天吃什麼<span>ლ(´ڡ`ლ)</span></a>
<div class="nav__list">
<a href="register.php" class="nav__item"><img class="nav__item-icon" src="images/signup.svg">註冊</a>
<a href="login.php" class="nav__item"><img class="nav__item-icon" src="images/signin.svg">登入</a>
</div>
</div>
</nav>
<main class="main">
<form class="register" method="POST" action="handle_login.php">
<h1 class="register__tittle">登入會員</h1>
<?php
if (!empty($_GET['errCode'])) {
$code = $_GET['errCode'];
$msg = 'Error';
if ($code === '1') {
$msg = '資料不齊全 ( ・ᴗ・̥̥̥ )';
} else if ($code === '2') {
$msg = '帳號或密碼輸入錯誤';
}
echo '<h2 class="error-register">錯誤:' . $msg . '</h2>';
}
?>
<label class="board__input-tittle"><span>帳號</span><input type="text" name="username" /></label>
<label class="board__input-tittle"><span>密碼</span><input type="password" name="password" /></label>
<a href="register.php" class="login-signup-toggle">還沒有帳號嗎?按此註冊</a>
<button class="register__btn" type="submit">登入</button>
</form>
</main>
</body>
</html>
5 changes: 5 additions & 0 deletions homeworks/week9/hw1/logout.php
View file
Open in desktop
@@ -0,0 +1,5 @@
<?php
session_start();
session_destroy();
header("Location: index.php");
?>
44 changes: 44 additions & 0 deletions homeworks/week9/hw1/register.php
View file
Open in desktop
@@ -0,0 +1,44 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>今天吃什麼 ლ(´ڡ`ლ)</title>
<link href="https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@400;700&display=swap" rel="stylesheet">
<link rel="stylesheet" href="style.css">
</head>
<body>
<nav class="nav">
<div class="nav__content">
<a href="index.php" class="logo">今天吃什麼<span>ლ(´ڡ`ლ)</span></a>
<div class="nav__list">
<a href="register.php" class="nav__item"><img class="nav__item-icon" src="images/signup.svg">註冊</a>
<a href="login.php" class="nav__item"><img class="nav__item-icon" src="images/signin.svg">登入</a>
</div>
</div>
</nav>
<main class="main">
<form class="register" method="POST" action="handle_register.php">
<h1 class="register__tittle">註冊會員</h1>
<?php
if (!empty($_GET['errCode'])) {
$code = $_GET['errCode'];
$msg = 'Error';
if ($code === '1') {
$msg = '資料不齊全 ( ・ᴗ・̥̥̥ )';
} else if ($code === '2') {
$msg = '帳號已被註冊( ・ᴗ・̥̥̥ )';
}
echo '<h2 class="error-register">錯誤:' . $msg . '</h2>';
}
?>
<label class="board__input-tittle"><span>帳號</span><input type="text" name="username" /></label>
<label class="board__input-tittle"><span>密碼</span><input type="password" name="password" /></label>
<label class="board__input-tittle"><span>暱稱</span><input type="text" name="nickname" /></label>
<a href="login.php" class="login-signup-toggle">已經有帳號了?按此登入</a>
<button class="register__btn" type="submit">送出</button>
</form>
<div class="warning">注意!本站為練習用網站,因教學用途刻意忽略資安的實作,註冊時請勿使用任何真實的帳號或密碼。</div>
</main>
</body>
</html>
29 changes: 29 additions & 0 deletions homeworks/week9/hw1/register_done.php
View file
Open in desktop
@@ -0,0 +1,29 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>今天吃什麼 ლ(´ڡ`ლ)</title>
<link href="https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@400;700&display=swap" rel="stylesheet">
<link rel="stylesheet" href="style.css">
</head>
<body>
<nav class="nav">
<div class="nav__content">
<a href="index.php" class="logo">今天吃什麼<span>ლ(´ڡ`ლ)</span></a>
<div class="nav__list">
<a href="register.php" class="nav__item"><img class="nav__item-icon" src="images/signup.svg">註冊</a>
<a href="login.php" class="nav__item"><img class="nav__item-icon" src="images/signin.svg">登入</a>
</div>
</div>
</nav>
<main class="main">
<div class="register register-done">
<h1 class="register__tittle">註冊完成</h1>
<p>恭喜您,註冊成功!</p>
<p>快和大家一起交流吧 (*•̀ᴗ•́*)و </p>
<a href="login.php" class="register__btn">登入去</a>
</div>
</main>
</body>
</html>