Question

You need to implement a web application that is split in three parts, namely, Webpage, PHP and MySQL. Each of them will be used accordingly to solve a simple problem described below. Remember to implement the logic in the most secure way of your knowledge.
PHP

Implement a PHP function that reads in input a string from the user and store it in a table (e.g., in a field called "Content Name").
The function should be able to read the content of the file and store it in a table (e.g., in a field called "File Content").
The web application should be able to implement a logic to log in and sign up users.
Each user will have exclusive access to her/his uploaded material.
When a user logs in, all her/his private content will be displayed on the web page.
If no user has logged in yet, no information from the database are printed on the webpage.

Webpage

The user must be able to upload a text file (and nothing more!).
The user must be able to input a string, using a text box.
The webpage allows users to input their credentials for both logging in and signing up.
After a user logs in, the webpage prints in output her/his personal material from the database, that is, the content of each file with the specified name.
If there is no material yet, nothing is showed for that specific user.

MySQL

You need to create a database that contains at least two tables. One to store the information in input to the webpage, the other to store the users credentials.
The "credentials table" should contain at least these fields: email, username and password.
SUBMISSION

You need to submit your web application in a .php file, no other formats is allowed.
You don't need to submit your 'login.php' file.
No details about the database need to be submitted.

Answer 1

Answer:

Check the explanation

Explanation:

index.php

<!DOCTYPE html>

<!--[if lt IE 7]> <html class="lt-ie9 lt-ie8 lt-ie7" lang="en"> <![endif]-->

<!--[if IE 7]> <html class="lt-ie9 lt-ie8" lang="en"> <![endif]-->

<!--[if IE 8]> <html class="lt-ie9" lang="en"> <![endif]-->

<!--[if gt IE 8]><!--> <html lang="en"> <!--<![endif]-->

<head>

</head>

<body>

<section class="container">

   <div class="login">

     

Login Portal

     <form method="post" action="login.php" name="frm" onSubmit="return f1();">

       

<input type="email" name="email" value="" placeholder="Enail">

       

<input type="password" name="pwd" value="" placeholder="Password">

       <p class="submit"><input type="submit"   value="Login">

     </form>

       <p class="submi"><a href="admin_signup.php" > <input type="button"   value="Signup"></a>

   </div>

</section>

</body>

</html>

login.php

<?php

session_start();

$con=mysqli_connect("localhost","root","","storage");

if(!$con)

{

die("connection failed" .mysqli_connect_error());

}

$e=$_POST["email"];

$p=$_POST["pwd"];

$sql="select * from `account` where `email`='$e' and `password`='$p'";

$res=mysqli_query($con,$sql);

if(mysqli_num_rows($res)>0)

{

$_SESSION["email"]=$e;

include 'profile.php';

}

else {

echo "no such username";

include 'admin.php';

}

mysqli_close($con);

?>

admin_signup.php

<!DOCTYPE html>

<!--[if lt IE 7]> <html class="lt-ie9 lt-ie8 lt-ie7" lang="en"> <![endif]-->

<!--[if IE 7]> <html class="lt-ie9 lt-ie8" lang="en"> <![endif]-->

<!--[if IE 8]> <html class="lt-ie9" lang="en"> <![endif]-->

<!--[if gt IE 8]><!--> <html lang="en"> <!--<![endif]-->

<head>

</head>

<body>

<section class="container">

   <div class="login">

     

Signup Portal

     <form method="post" action="signup.php" name="frm" onSubmit="return f1();">

       

<input type="email" name="email" value="" placeholder="Email id">

       

<input type="text" name="uname" value="" placeholder="Admin name">

       

<input type="password" name="pwd" value="" placeholder="Password">

       <p class="submit"><input type="submit"   value="Signup">

     </form>

       <p class="submi"><a href="admin.php" > <input type="button"   value="Login"></a>

   </div>

</section>

</body>

</html>

signup.php

<?php

session_start();

$con=mysqli_connect("localhost","root","","storage");

if(!$con)

{

die("connection failed" .mysqli_connect_error());

}

$u=$_POST["uname"];

$e=$_POST["email"];

$p=$_POST["pwd"];

$sql="INSERT INTO `account`(`email`, `username`, `password`) VALUES ('$e','$u','$p')";

mysqli_query($con,$sql);

mysqli_close($con);

include 'admin.php';

?>

upload file (profile.php)

<!DOCTYPE html>

<!--[if lt IE 7]> <html class="lt-ie9 lt-ie8 lt-ie7" lang="en"> <![endif]-->

<!--[if IE 7]> <html class="lt-ie9 lt-ie8" lang="en"> <![endif]-->

<!--[if IE 8]> <html class="lt-ie9" lang="en"> <![endif]-->

<!--[if gt IE 8]><!--> <html lang="en"> <!--<![endif]-->

<head>

</head>

<body>

<section class="container">

   <div class="login">

     

Login Portal

     <form method="post" action="content.php" name="frm" onSubmit="return f1();" enctype="multipart/form-data" >

       

<input type="test" name="docname" value="" placeholder="docname">

       

<input type="file" name="filename" value="" placeholder="file path">

       <p class="submit"><input type="submit"   value="upload">

     </form>

     

<a href="view.php">to view your content , click here</a>

   </div>

</section>

</body>

</html>

content.php

<?php

session_start();

$con=mysqli_connect("localhost","root","","storage");

if(!$con)

{

die("connection failed" .mysqli_connect_error());

}

$handle = $_FILES['filename']['tmp_name'];

echo $handle;

$d=$_POST["docname"];

$e=$_SESSION["email"];

$c=file_get_contents($handle);

$sql="INSERT INTO `info`(`email`, `docname`, `content`) VALUES ('$e','$d','$c')";

mysqli_query($con,$sql);

mysqli_close($con);

include 'admin.php';

?>

to view content , view.php

<?php

session_start();

$con=mysqli_connect("localhost","root","","storage");

if(!$con)

{

die("connection failed" .mysqli_connect_error());

}

$e=$_SESSION["email"];

$sql="select * from `info` where `email`='$e' ";

$res=mysqli_query($con,$sql);

if(mysqli_num_rows($res)>0)

{

while($show=mysqli_fetch_assoc($res))

{

echo $show["docname"]."\n".$show["content"];

}

}

else {

echo "no content till now";

}

mysqli_close($con);

?>