موقع covoiturage ب php و mysql الجزء الأول
نظرة سريعة بالفيديو
1- إنشاء قاعدة البيانات
--
-- Structure de la table `carsharetrips`
--
CREATE TABLE `carsharetrips` (
`trip_id` int(4) NOT NULL,
`user_id` int(4) DEFAULT NULL,
`departure` varchar(230) DEFAULT NULL,
`departureLat` char(30) DEFAULT NULL,
`departLong` char(30) NOT NULL,
`destination` varchar(230) DEFAULT NULL,
`destinationLat` char(30) DEFAULT NULL,
`destLong` char(30) NOT NULL,
`price` char(10) DEFAULT NULL,
`seatsavailable` char(2) DEFAULT NULL,
`date` char(20) DEFAULT NULL,
`time` char(10) DEFAULT NULL,
`comments` text NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
--
-- Structure de la table `rememberme`
--
CREATE TABLE `rememberme` (
`id` int(11) NOT NULL,
`authentificator1` char(20) DEFAULT NULL,
`f2authentificator2` char(64) DEFAULT NULL,
`user_id` int(11) DEFAULT NULL,
`expires` datetime DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
--
-- Structure de la table `users`
--
CREATE TABLE `users` (
`user_id` int(11) NOT NULL,
`first_name` char(30) NOT NULL,
`last_name` char(30) NOT NULL,
`username` varchar(30) DEFAULT NULL,
`email` varchar(50) DEFAULT NULL,
`password` varchar(64) DEFAULT NULL,
`gender` char(6) DEFAULT NULL,
`phonenumber` char(15) DEFAULT NULL,
`moreinformation` varchar(300) DEFAULT NULL,
`photo` varchar(255) NOT NULL DEFAULT 'photo.png'
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
--
-- Index pour la table `carsharetrips`
--
ALTER TABLE `carsharetrips`
ADD PRIMARY KEY (`trip_id`);
--
-- Index pour la table `rememberme`
--
ALTER TABLE `rememberme`
ADD PRIMARY KEY (`id`);
--
-- Index pour la table `users`
--
ALTER TABLE `users`
ADD PRIMARY KEY (`user_id`);
--
-- AUTO_INCREMENT pour la table `carsharetrips`
--
ALTER TABLE `carsharetrips`
MODIFY `trip_id` int(4) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=0;
--
-- AUTO_INCREMENT pour la table `rememberme`
--
ALTER TABLE `rememberme`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=0;
--
-- AUTO_INCREMENT pour la table `users`
--
ALTER TABLE `users`
MODIFY `user_id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=0;
2- الإتصال بقاعدة البيانات
<?php
//mysqli_connect("127.0.0.1", "my_user", "my_password", "my_db")
$con = mysqli_connect("localhost", "root","","carsharing");
if(mysqli_connect_error()){
die('ERROR:' . mysqli_connect_error());
echo "<script>window.alert('Erreur!')</script>";
}
?>
3- الملف register.php
<?php include('includes/header.php');?>
<?php
if(isset($_SESSION['user_id'])){
header("location:index.php");
}
if(isset($_POST['signup'])){
$errors = "";
$username = filter_var($_POST["username"], FILTER_SANITIZE_STRING);
$firstname = filter_var($_POST["firstname"], FILTER_SANITIZE_STRING);
$lastname = filter_var($_POST["lastname"], FILTER_SANITIZE_STRING);
$email = filter_var($_POST["email"], FILTER_SANITIZE_EMAIL);
$gender = isset($_POST["gender"]) ? $_POST['gender'] : "";
$password = filter_var($_POST["password"], FILTER_SANITIZE_STRING);
$confirmation = filter_var($_POST["password2"], FILTER_SANITIZE_STRING);
$phonenumber = filter_var($_POST["tel"], FILTER_SANITIZE_STRING);
$moreinformation = filter_var($_POST["desc"], FILTER_SANITIZE_STRING);
if(empty($username)){
$errors.= '<div class="alert alert-danger">Veuillez entrer votre pseudo</div>';
}
if(empty($firstname)){
$errors.= '<div class="alert alert-danger">Veuillez entrer votre nom</div>';
}
if(empty($lastname)){
$errors.= '<div class="alert alert-danger">Veuillez entrer votre prénom</div>';
}
if(empty($email)){
$errors.= '<div class="alert alert-danger">Veuillez entrer votre email</div>';
}
if(empty($gender)){
$errors.= '<div class="alert alert-danger">Veuillez entrer votre sexe</div>';
}
if(empty($password)){
$errors.= '<div class="alert alert-danger">Veuillez entrer votre mot de passe</div>';
}
if(empty($phonenumber)){
$errors.= '<div class="alert alert-danger">Veuillez entrer votre téléphone</div>';
}
if(empty($moreinformation)){
$errors.= '<div class="alert alert-danger">Veuillez fournir des infos</div>';
}
if(!filter_var($email, FILTER_VALIDATE_EMAIL)){
$errors .= '<div class="alert alert-danger">Email invalide</div>';
}
if($password !== $confirmation){
$errors .= '<div class="alert alert-danger">Les mot de passes ne sont pas identiques!</div>';
}
$username = mysqli_real_escape_string($con, $username);
$email = mysqli_real_escape_string($con, $email);
$password = mysqli_real_escape_string($con, $password);
//$password = md5($password);
$password = hash('sha256', $password);
//If username exists in the users table print error
$sql = "SELECT * FROM users WHERE username = '$username'";
$result = mysqli_query($con, $sql);
if(!$result){
$errors .= '<div class="alert alert-danger">Erreur réessayer!</div>';
}
$results = mysqli_num_rows($result);
if($results){
$errors .= '<div class="alert alert-danger">Pseudo existe déja!</div>';
}
//If email exists in the users table print error
$sql = "SELECT * FROM users WHERE email = '$email'";
$result = mysqli_query($con, $sql);
if(!$result){
$errors .= '<div class="alert alert-danger">Erreur réessayer!</div>';
}
$results = mysqli_num_rows($result);
if($results){
$errors .= '<div class="alert alert-danger">Email déja utilisé connectez vous</div>';
}
if(!$result){
$errors .= '<div class="alert alert-danger">Erreur réessayer!</div>';
}
if($errors){
echo '<div class="row"><div class="col-md-4 col-md-offset-4">'.$errors.'</div></div>';
}else{
//Insert user details and activation code in the users table
$sql = "INSERT INTO users (`username`, `email`, `password`, `first_name`, `last_name`, `phonenumber`, `gender`, `moreinformation`) VALUES ('$username', '$email', '$password','$firstname', '$lastname', '$phonenumber', '$gender', '$moreinformation')";
$result = mysqli_query($con, $sql);
echo '<div class="alert alert-success">Compte créé avec succés!</div>';
exit;
}
}
?>
<div class="container">
<div class="row">
<div class="col-md-6 col-md-offset-3">
<div class="panel panel-default">
<form method="post">
<h3 class="text-info">Inscription</h3>
<hr>
<div class="form-group">
<label for="username">Pseudo:</label>
<input class="form-control" type="text" name="username" id="username" placeholder="Pseudo" maxlength="30">
</div>
<div class="form-group">
<label for="firstname" class="">Nom:</label>
<input class="form-control" type="text" name="firstname" id="firstname" placeholder="Nom" maxlength="30">
</div>
<div class="form-group">
<label for="lastname" class="">Prénom:</label>
<input class="form-control" type="text" name="lastname" id="lastname" placeholder="Prénom" maxlength="30">
</div>
<div class="form-group">
<label for="email" class="">Email:</label>
<input class="form-control" type="email" name="email" id="email" placeholder="Email" maxlength="50">
</div>
<div class="form-group">
<label for="password" class="">Mot de passe:</label>
<input class="form-control" type="password" name="password" id="password" placeholder="Mot de passe" maxlength="30">
</div>
<div class="form-group">
<label for="password2" class="">Confirmez le mot de passe</label>
<input class="form-control" type="password" name="password2" id="password2" placeholder="Confirmation" maxlength="30">
</div>
<div class="form-group">
<label for="tel" class="">Téléphone:</label>
<input class="form-control" type="text" name="tel" id="tel" placeholder="Téléphone" maxlength="15">
</div>
<div class="form-group">
<label><input type="radio" name="gender" id="male" value="male">Homme</label>
<label><input type="radio" name="gender" id="female" value="female">Femme</label>
</div>
<div class="form-group">
<label for="desc">Déscription: </label>
<textarea name="desc" class="form-control" rows="5" maxlength="300"></textarea>
</div>
<div class="form-group">
<input class="btn btn-success" name="signup" type="submit" value="Valider">
</div>
</form>
</div>
</div>
</div>
</div>
<?php include('includes/footer.php');?>
4- الملف login.php
<?php include('includes/header.php');?>
<?php
if(isset($_SESSION['user_id'])){
header("location:index.php");
}
if(isset($_POST['login'])){
$errors = "";
$email = filter_var($_POST["email"], FILTER_SANITIZE_EMAIL);
$password = filter_var($_POST["passe"], FILTER_SANITIZE_STRING);
if(empty($email)){
$errors.= '<div class="alert alert-danger">Veuillez entrer votre email</div>';
}
if(empty($password)){
$errors.= '<div class="alert alert-danger">Veuillez entrer votre mot de passe</div>';
}
if(!filter_var($email, FILTER_VALIDATE_EMAIL)){
$errors .= '<div class="alert alert-danger">Email invalide</div>';
}
$email = mysqli_real_escape_string($con, $email);
$password = mysqli_real_escape_string($con, $password);
$password = hash('sha256', $password);
//check if user exists
$sql = "SELECT * FROM users WHERE email='$email' AND password='$password'";
$result = mysqli_query($con, $sql);
if(!$result){
$errors.= '<div class="alert alert-danger">Erreur réessayer!</div>';
}
//If email & password don't match print error
$count = mysqli_num_rows($result);
if($count !== 1){
$errors.= '<div class="alert alert-danger">Email ou mot de passe est incorrect!</div>';
}
if($errors){
echo '<div class="row"><div class="col-md-4 col-md-offset-4">'.$errors.'</div></div>';
}else {
//log the user in: Set session variables
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
$_SESSION['logged'] = true;
$_SESSION['user_id']=$row['user_id'];
$_SESSION['username']=$row['username'];
$_SESSION['email']=$row['email'];
if(empty($_POST['remember'])){
//If remember me is not checked
header("location:index.php");
}else{
//Create two variables $authentificator1 and $authentificator2
$auth1 = bin2hex(openssl_random_pseudo_bytes(10));
$auth2 = openssl_random_pseudo_bytes(20);
//Store them in a cookie
function f1($a, $b){
$c = $a . "," . bin2hex($b);
return $c;
}
$cookie = f1($auth1, $auth2);
setcookie(
"rememberme",
$cookie,
time() + 1296000
);
//Run query to store them in rememberme table
function f2($a){
$b = hash('sha256', $a);
return $b;
}
$fauth2 = f2($auth2);
$user_id = $_SESSION['user_id'];
$expiration = date('Y-m-d H:i:s', time() + 1296000);
$sql = "INSERT INTO rememberme
(`authentificator1`, `f2authentificator2`, `user_id`, `expires`)
VALUES
('$authentificator1', '$fauth2', '$user_id', '$expiration')";
$result = mysqli_query($con, $sql);
if(!$result){
echo '<div class="alert alert-danger">Erreur réessayer</div>';
}else{
header("location:index.php");
}
}
}
}
?>
<div class="container">
<div class="row">
<div class="col-md-6 col-md-offset-3">
<div class="panel panel-default">
<form method="post" action="login.php">
<h3 class="text-info">
Connexion:
</h3>
<hr>
<div class="form-group">
<label for="email" class="sr-only">Email:</label>
<input class="form-control" type="email" name="email" id="email" placeholder="Email" maxlength="50">
</div>
<div class="form-group">
<label for="loginpassword" class="sr-only">Mot de passe:</label>
<input class="form-control" type="password" name="passe" id="passe" placeholder="Mot de passe" maxlength="30">
</div>
<div class="form-group">
<div class="checkbox">
<label>
<input type="checkbox" name="remember">
Rester connecté
</label>
</div>
</div>
<div class="form-group">
<button type="submit" name="login" class="btn btn-info">
Connexion
</button>
</div>
<hr>
<a href="forgotpassword.php" class="btn btn-link">
Mot de passe oublié?
</a>
</form>
</div>
</div>
</div>
</div>
<?php include('includes/footer.php');?>
5- الملف profile.php
<?php
include('includes/header.php');
$user_id = $_SESSION['user_id'];
//get username and email
$sql = "SELECT * FROM users WHERE user_id='$user_id'";
$result = mysqli_query($con, $sql);
$count = mysqli_num_rows($result);
if($count == 1){
$row = mysqli_fetch_array($result, MYSQL_ASSOC);
$username = $row['username'];
$email = $row['email'];
$photo = $row['photo'];
}else{
echo "Erreur!";
}
?>
<div class="container">
<div class="row">
<div class="col-md-8 col-md-offset-2">
<table class="table preview">
<tr>
<th>Pseudo</th>
<th>Email</th>
<th>Photo</th>
</tr>
<tr>
<td><?php echo $username;?></td>
<td><?php echo $email;?></td>
<td><a href="#" data-toggle="modal" data-target="#updatePhoto"><img src="<?php echo $photo;?>" height="50px"></a></td>
</tr>
</table>
<div class="modal" id="updatePhoto" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<form method="post" id="updateprofileimage" enctype="multipart/form-data">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<button class="close" data-dismiss="modal">
×
</button>
<h4 id="myModalLabel">
Modifier la photo de profile:
</h4>
</div>
<div class="modal-body">
<p id="message">
</p>
<p>
<img src="<?php echo $photo; ?>" height="300px" id="preview"></a>
</p>
<div class="form-group">
<label for="username" >Séléctionner une image:</label>
<input class="form-control" type="file" name="photo" id="img">
</div>
</div>
<div class="modal-footer">
<input class="btn btn-success" name="updatephoto" type="submit" value="Valider">
<button type="button" class="btn btn-default" data-dismiss="modal">
Annuler
</button>
</div>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
<?php include('includes/footer.php');?>