i dont know if i would call myself a programmer just yet but i am trying. tho i know the the languages for the markupn it seems i just cannot get the deign part of these jobs done iv done the php but it seems i just cant produce the pro quality looking sites i see out there provided i was never good at art any way any advice. and i was wondering if any of my php was atlest up to standard...
PHP Code:
<?php
session_start();
require ("config.php");
class processes
{
public $uid;
public $u_name;
protected $u_password;
protected $u_info;
protected $u_salt;
public function login ($u_name,$u_password)
{
$now=time();
global $conn;
$this->getsalt($u_name);
$stmnt=$conn->prepare("select*from users where name=:name and pass=:pass");
$stmnt->execute(array(":name"=>$u_name,":pass"=>sha1($u_password.$this->u_salt)));
$result=$stmnt->fetch(pdo::FETCH_OBJ);
if(!$result==null)
{
$this->uid=$result->id;
$this->u_name=$result->name;
$this->u_password=$result->pass;
$this->u_info=$result;
if($this->brute_check($result->id)=='!locked')
{
/* registers the sessions to be used on the next page*/
$_SESSION['info']=$this->u_info;
$_SESSION['name']=$this->u_name;
$_SESSION['id']=$this->uid;
//deletes the previously failed loggin attempts from table
$delete_prev_failed_attempts=$conn->prepare("delete from login_attempts where u_id=:id");
$delete_prev_failed_attempts->execute(array(":id"=>$this->uid));
header("location:check.php");
}
else
{
$this->error("user account locked for the next hour",$this->brute_check($this->uid),"locked");
}
}
else
{
$query=$conn->prepare("select*from users where name=:u_name");
$query->execute(array(":u_name"=>$u_name));
$name=$query->fetch(PDO::FETCH_OBJ);
if($name==null)
{
$this->error("Username or password is incorrect........ill bring you back to the login page or ask alex to register you",$name,"credentials wrong");
}
$id=$name->id;
$insert=$conn->prepare("insert into login_attempts(u_id,time) values(:id,:time)");
$insert->execute(array(":id"=>$id,":time"=>$now));
if($this->brute_check($id)=='locked')
{
$this->error("user account locked for the next hour",$this->brute_check($id),"locked");
}
else
{
$this->error("Username or Password is incorrect........ill bring you back to the login page or ask alex to register you",$name->id,"credentials wrong");
}
}
}
//function to check amount of login attempts with a hour time period refrence table login attemts
public function brute_check($id)
{
global $conn;
$now=time();
$hour_ago=$now-(1*60*60);
$stmnt=$conn->prepare("select time from login_attempts where u_id=:uid and time>=:past1_hour");
$stmnt->execute(array(":uid"=>$id,":past1_hour"=>$hour_ago));
$rows=$stmnt->rowcount();
if($rows>5)
return 'locked';
else
return '!locked';
}
/*this is the login function note to try create a new user ect. ect. via certain things being true*/
public function register($req_name,$req_pass)
{
global $conn;
$time=time();
$salt=$time;
$this->u_salt=$salt;
$pass=$this->hash_pass($req_pass,$salt);
$check=$conn->prepare("select*from users where name=:req_name");
$check->execute(array(":req_name"=>$req_name));
$rows_check=$check->rowcount();
if(!$rows_check==null)
{
$this->error("user name taken",$rows_check,"userexists");
return false;
}
else
{
try{
$insert=$conn->prepare("insert into users(name,pass,salt) values(:req_name,:req_pass,:salt)");
$insert->execute(array(":req_name"=>$req_name,":req_pass"=>$pass,":salt"=>$salt));
echo"user created you may now login";
return true;
}
catch(pdoexception $e)
{
$this->error("error",$e,"badrequest");
}
}
}
//function to hash passwords
public function hash_pass($req_pass,$salt)
{
$hashed_pass=sha1($req_pass.$salt);
return $hashed_pass;
}
/*im so soryy if this code is cumbersome the point of good code is to be easily understood
This function Gets the salt from the username and also varifies the user exists*/
public function getsalt($u_name)
{
try
{
global $conn;
$get_salt=$conn->prepare("select name,salt from users where name=:name");
$get_salt->execute(array(":name"=>$u_name));
$result=$get_salt->fetch(PDO::FETCH_OBJ);
if($get_salt->rowcount()>0)
{
$this->u_salt=$result->salt;
return true;
}
}
catch(pdoexception $e)
{
$this->error("couldnt get user salt",$e);
}
}
//this function does most of the error handling.
public function error($pub,$error,$status)
{
global $debug;
$msg=$pub;
if(debug==true)
{
exit("<p>".$msg." </p>".$error."<p> error</p>");
}
else
{
if($status=="locked")
{
echo"here i will redirect to a page that says acount locked for an hour";
//exit();
}
if($status=="badrequest")
{
echo"here i will redirect to a page that says request unknown and reload to index";
exit();
}
if($status=="credentials wrong")
{
echo"here is where i say the username and password are incorrect";
exit();
}
if($status=="userexists")
{
echo "user already exists";
exit();
}
if($status=="invalid")
{
echo"here is where i will rediirect you to login page as username or password contains invalid characters";
exit();
}
if($status=="sessionfail")
{
echo "please sign i or sighn up to acess this page";
exit();
}
}
}
}
//new class that deals with the packaging info
class info extends processes
{
public $packages;
public $invoices;
/*this function gets the packages belonig to the paticular invoice*/
public function get_invoice_packages($row)
{
global $conn;
$stmnt=$conn->prepare("select*from invoices inner join users on invoices.u_id=users.id inner join packages on invoices.invoice_id=packages.invoice_id inner join package_details on packages.pack_id=package_details.package_id where invoices.invoice_id=:id");
$stmnt->execute(array(":id"=>$row));
$result=$stmnt->fetchall(PDO::FETCH_BOTH);
$this->packages=$result;
return $result;
}
/* this function all invoices belong to the particular user*/
public function getinvoices()
{
global $conn;
$stmnt=$conn->prepare("select* from invoices inner join users on invoices.u_id=users.id where users.id=:id");
$stmnt->execute(array(":id"=>$_SESSION['id']));
$result=$stmnt->fetchall(PDO::FETCH_BOTH);
$this->invoices=$result;
}
/* this function retives the packaging info mostly for the purchases page but can be used where it is seen fit*/
public function getpackages()
{
global $conn;
$stmnt=$conn->prepare("select*from users inner join packages on users.id=packages.u_id inner join package_details on packages.pack_id=package_details.package_id where users.id=:id");
$stmnt->execute(array(":id"=>$_SESSION['id']));
$result=$stmnt->fetchall(PDO::FETCH_BOTH);
$this->packages=$result;
}
}
?>
the login script...
PHP Code:
<?php
//session_start();
require("classes1.php");
//require("config.php");
class user extends processes
{
public function filter($name,$pass)
{
if (!preg_match('/^[a-zA-Z0-9_]{1,60}$/',$name)||!preg_match('/^[a-zA-Z0-9_]{1,60}$/',$pass))
{
$this->error("username or pass or op has invalid character",$name,"invalid");
}
else
{
return true;
}
}
....a page that was to show the packages logged in db
PHP Code:
<style>
@charset "utf-8";
/* CSS Document */
nav{background-color:inherit; color:white; margin:0 auto; border:1px solid black;}
nav a{text-decoration:underline; color:red;}
nav ul ul {display:none; list-style-type:none;}
nav ul{list-style-type:none; padding:5px;}
nav li:hover ul{display:block;}
nav ul:after { content:"."; display:block; height:0; clear:both; visibility:hidden; }
nav ul li ul li{float:left; padding:5px; border:1px solid black;}
nav li a:hover {text-decoration:underline; color:black; }
</style>
<?php
include ("classes1.php");
if(!isset($_SESSION['name']))
{ /* should redirect--had to cut post shorter*/
thats a css template any design tips tricks ect i need to know or is it that those columbs layout is though the most seen the most pro looking?
