User Registration with Confirmation Email in OOP

https://plus.google.com/113677221098417166384/posts

The database will require a table to store the members, create a table called members:

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19

CREATE TABLE `members` (  `memberID` int(11) NOT NULL AUTO_INCREMENT,  `username` varchar(255) NOT NULL,  `password` varchar(60) NOT NULL,  `email` varchar(255) NOT NULL,  `active` varchar(255) NOT NULL,  `resetToken` varchar(255) DEFAULT NULL,  `resetComplete` varchar(3) DEFAULT 'No', PRIMERY KEY (`memberID`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1;

In the classes folder their are two files: password.php and user.php. password.php is used to provide the same hashing capability that exists within php 5.5 it uses the same function names so versions 5.3 - 5.5 can use the same functions.
user.php is a class that contains methods to return the users hash (hashed password) as well as logging in, checking if a logged in session already exists and logging the user out.
I'll be going through the user.php methods as they are put to use.

Config.php

Config.php will be included into all pages enable sessions and turn on output buffering this way headers can be used anywhere in the project.
Set the timezone and define the credentials for the database, next attempt to make a new PDO connection if the connection fails display the error and kill the page.
Next include the user class and make an instance of it, pass in the database object to the class to make use of the database.

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

<?php     ob_start();     session_start();                       //database credentials     define('DBHOST','localhost');     define('DBUSER','root');     define('DBPASS','');     define('DBNAME','login');            //application address     define('DIR','http://localhost/loginregister/');     define('SITEEMAIL','noreply@domain.com');            try {            //create PDO connection     $db = new PDO("mysql:host=".DBHOST.";port=80;dbname=".DBNAME, DBUSER, DBPASS);     $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);            } catch(PDOException $e) {     //show error     echo '<p class="bg-danger">'.$e->getMessage().'</p>';     exit;     }            //include the user class, pass in the database connection     include('classes/user.php');     $user = new User($db);     ?>

Next I have a folder called layout in there is a header.php and footer.php these will contain any layout code that will be used on every page, this saves having to include the stylesheet each time. header.php is a typical header file, notice the title expects a $title variable, this will be created in the pages and made available to this file, also making use of Bootstrap this is optional and is not required.

?

1 2 3 4 5 6 7 8 9

<!DOCTYPE html>     <html lang="en">     <head>     <meta charset="utf-8">     <title><?php if(isset($title)){ echo $title; }?></title>     <link href="//netdna.bootstrapcdn.com/bootstrap/3.1.0/css/bootstrap.min.css" rel="stylesheet">     <link rel="stylesheet" href="style/main.css">     </head>     <body>

Next footer.php this simply closed the body and html, that would be a good place for placing tracking code or any javascript includes.

?

1 2 3

</body> </html>

index.php

This is the root page the system loads by default, on this page their is a form for users to register to the site, along with links to the login page, if they are already a member. Also if the user is already logged in they will be redirect to the members page.
How these pages start is by including the config file then checking if the user should be redirected or not.
a call is made to the user object $user->is_logged_in() this will return true or false if the user is logged in.

?

1 2 3 4 5 6 7

<?php     //include config     require_once('includes/config.php');            //check if already logged in move to home page     //if logged in redirect to members page     if( $user->is_logged_in() ){ header('Location: memberpage.php'); }

The title and header.php file is also included on every page

?

1 2 3 4 5

//define page title $title = 'Demo'; //include header template require('layout/header.php');

For new registrations display a form consisting of username, email, password and confirm password

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

<form role="form" method="post" action="" autocomplete="off">            <div class="form-group">     <input type="text" name="username" id="username" class="form-control input-lg" placeholder="User Name" value="<?php if(isset($error)){ echo $_POST['username']; } ?>" tabindex="1">     </div>     <div class="form-group">     <input type="email" name="email" id="email" class="form-control input-lg" placeholder="Email Address" value="<?php if(isset($error)){ echo $_POST['email']; } ?>" tabindex="2">     </div>     <div class="row">     <div class="col-xs-6 col-sm-6 col-md-6">     <div class="form-group">     <input type="password" name="password" id="password" class="form-control input-lg" placeholder="Password" tabindex="3">     </div>     </div>     <div class="col-xs-6 col-sm-6 col-md-6">     <div class="form-group">     <input type="password" name="passwordConfirm" id="passwordConfirm" class="form-control input-lg" placeholder="Confirm Password" tabindex="4">     </div>     </div>     </div>     <div class="row">     <div class="col-xs-6 col-md-6"><input type="submit" name="submit" value="Register" class="btn btn-primary btn-block btn-lg" tabindex="5"></div>     </div>     </form>

This is a standard form, one thing to note I make use of sticky forms which means if their has been a validation error the fields that have been filled out will be populated again with the supplied data, except for passwords. Username and email would be restored.
This is done by doing an if statement, if the array $error is set meaning it exists then retrain the $_POST

?

1	value="<?php if(isset($error)){ echo $_POST['email']; } ?>"

If an error has been created it will be stored in an error array to display them loop through the array:

?

1 2 3 4 5 6

//check for any errors     if(isset($error)){     foreach($error as $error){     echo '<p class="bg-danger">'.$error.'</p>';     }     }

Once the new registration has been saved the form will post back to the same page appending a $_GET key on the end of the URL the key will be called action it will have a value of joined
(this technique is used through the project)

?

1 2 3

if(isset($_GET['action']) && $_GET['action'] == 'joined'){     echo "<h2 class='bg-success'>Registration successful, please check your email to activate your account.</h2>";     }

The form should only be processed if it has been submitted this can be checked by an if statement:

?

1 2	//if form has been submitted process it     if(isset($_POST['submit'])){

This way only if the form has been submitted does the validation start and database interactions commence.

Validation

The validation used is fairly basic and can be improved upon
This example checks the length of the username if it's less then 3 characters an error is created, if the first check passes the username is looked up to see if it already exists by passing the username to the database if a record is found an error is created.

?

1 2 3 4 5 6 7 8 9 10 11

if(strlen($_POST['username']) < 3){     $error[] = 'Username is too short.';     } else {     $stmt = $db->prepare('SELECT username FROM members WHERE username = :username');     $stmt->execute(array(':username' => $_POST['username']));     $row = $stmt->fetch(PDO::FETCH_ASSOC);            if(!empty($row['username'])){     $error[] = 'Username provided is already in use.';     }     }

These check the password to make sure the email has not been used, it's important the email address is only used once, in the event the user wants to reset their password a link will be emailed to that user.

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

if(strlen($_POST['password']) < 3){     $error[] = 'Password is too short.';     }           if(strlen($_POST['passwordConfirm']) < 3){     $error[] = 'Confirm password is too short.';     }           if($_POST['password'] != $_POST['passwordConfirm']){     $error[] = 'Passwords do not match.';     }           //email validation     if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)){     $error[] = 'Please enter a valid email address';     } else {     $stmt = $db->prepare('SELECT email FROM members WHERE email = :email');     $stmt->execute(array(':email' => $_POST['email']));     $row = $stmt->fetch(PDO::FETCH_ASSOC);           if(!empty($row['email'])){     $error[] = 'Email provided is already in use.';     }     }

After the validation if no errors have been created then carry on
The password provided cannot be stored as it is, that would be a huge security concern instead it's hashed by passing it to the user object inside a password_hash call this returns a hashed password which can then be stored in the database, this way no one can know what the password was apart from the user who entered it.
If your wondering how can the system login a user in without knowing the password; what happens when the user fills in the login form the password they enter is again hashed and then compared with the hash to see if its a match.
We also want to send an activation link to the user when they register to ensure their email address is active, for this we generate an activation code it will be sent in the emails and will form part of a url to validate the email address.

?

1 2 3 4 5 6 7 8

//if no errors have been created carry on     if(!isset($error)){            //hash the password     $hashedpassword = $user->password_hash($_POST['password'], PASSWORD_BCRYPT);            //create the activation code     $activasion = md5(uniqid(rand(),true));

Next the user's details are saved to the database using a prepared statement, the first page of the query tells MySQL what action to perform in this case to add a new row and the table,columns to insert into.
where their are columns starting with : like :username these are place holders that will be used to bind the username value to $stmt->execute call. This is done to avoid passing user provided data to the query directly and avoid chances of MySQL Injection.
calling lastInsertId followed by the primary key will return the id of the record just saved, this is needed for the next step.

?

1 2 3 4 5 6 7 8

$stmt = $db->prepare('INSERT INTO members (username,password,email,active) VALUES (:username, :password, :email, :active)');     $stmt->execute(array(     ':username' => $_POST['username'],     ':password' => $hashedpassword,     ':email' => $_POST['email'],     ':active' => $activasion     ));     $id = $db->lastInsertId('memberID');

Next send an email to the newly created user. Two constants defined in config.php will be used here
DIR - contains the full website address
SITEEMAIL - the email address used for emails
in the body of the email is a link activate.php?x=$id&y=$activasion this link is passing the id of the user $id and also the activation code when the user received this email, clicking the link will activate their account.

?

1 2 3 4 5 6

$to = $_POST['email'];     $subject = "Registration Confirmation";     $body = "Thank you for registering at demo site.nn To activate your account, please click on this link:nn ".DIR."activate.php?x=$id&y=$activasionnn Regards Site Admin nn";     $additionalheaders = "From: <".SITEEMAIL.">rn";     $additionalheaders .= "Reply-To: $".SITEEMAIL."";     mail($to, $subject, $body, $additionalheaders);

The last step is to redirect the page back to itself and adding an action with the value of joined so the page know if to show a success message.

?

1 2	header('Location: index.php?action=joined');     exit;

activate.php

This page checks for the id and activation code being passed from the url (this happens when the user clicks the link from their email)
once the data has been verified the users record is updated, the column active is changed from the token to hold 'Yes' to say they are active, this will only happen if the id and token passed match what's stored against that user.

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29

<?php     require('includes/config.php');            //collect values from the url     $memberID = trim($_GET['x']);     $active = trim($_GET['y']);            //if id is number and the active token is not empty carry on     if(is_numeric($memberID) && !empty($active)){            //update users record set the active column to Yes where the memberID and active value match the ones provided in the array     $stmt = $db->prepare("UPDATE members SET active = 'Yes' WHERE memberID = :memberID AND active = :active");     $stmt->execute(array(     ':memberID' => $memberID,     ':active' => $active     ));            //if the row was updated redirect the user     if($stmt->rowCount() == 1){            //redirect to login page     header('Location: login.php?action=active');     exit;            } else {     echo "Your account could not be activated.";     }     }     ?>

Login.php

Now users can register they need a way to login, start off with a form that expects their username and password

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19

<form role="form" method="post" action="" autocomplete="off">            <div class="form-group">     <input type="text" name="username" id="username" class="form-control input-lg" placeholder="User Name" value="<?php if(isset($error)){ echo $_POST['username']; } ?>" tabindex="1">     </div>            <div class="form-group">     <input type="password" name="password" id="password" class="form-control input-lg" placeholder="Password" tabindex="3">     </div>     <div class="row">     <div class="col-xs-9 col-sm-9 col-md-9">     <a href='reset.php'>Forgot your Password?</a>     </div>     </div>     <hr>     <div class="row">     <div class="col-xs-6 col-md-6"><input type="submit" name="submit" value="Login" class="btn btn-primary btn-block btn-lg" tabindex="5"></div>     </div>     </form>

The login page will be used to show messages if the users account has been activated or password has been changed, the page will know which message to show based on the value contained inside $_GET['action']

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

if(isset($_GET['action'])){ //check the action switch ($_GET['action']) { case 'active': echo "<h2 class='bg-success'>Your account is now active you may now log in.</h2>"; break; case 'reset': echo "<h2 class='bg-success'>Please check your inbox for a reset link.</h2>"; break; case 'resetAccount': echo "<h2 class='bg-success'>Password changed, you may now login.</h2>"; break; } }

Next attempt to log the user in. Collect the username and password from the form pass them to the users object in the login method this internally will fetch the users hash by looking for the username in the database once the hash is returned it's then passed to password_verify if the hash and user's hash match it returns true which in turns sets a session $_SESSION['loggedin'] to true otherwise false is returned.

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

public function login($username,$password){            $hashed = $this->get_user_hash($username);     if($this->password_verify($password,$hashed) == 1){     $_SESSION['loggedin'] = true;     return true;     }     }            <pre lang="php">     //process login form if submitted     if(isset($_POST['submit'])){            $username = $_POST['username'];     $password = $_POST['password'];     if($user->login($username,$password)){            header('Location: memberpage.php');     exit;     } else {     $error[] = 'Wrong username or password or your account has not been activated.';     }            }//end if submit

Logout.php

To log a user out its very easy:

?

1 2	//logout $user->logout();

Once the user is logged out redirect them.

memberpage.php

Once the user is logged in redirect them to the members only page (optional). To ensure a user can only access the page if logged in do a check:

?

1 2	//if not logged in redirect to login page     if(!$user->is_logged_in()){ header('Location: login.php'); }

In this example their is not a lot to the members page namely:

?

1 2	<h2>Member only page</h2>     <p><a href='logout.php'>Logout</a></p>

reset.php

every system need the ability to reset a password in case it's forgotten, how this will work is a user enters their email address, a check is made to make sure its belongs to a user.
Next a token is created and saved to the users record, an email is sent to them containing a link to when clicked the token from the link is verified, if it passed the user is provided with a form to enter their new password, its then saved to the database.
This may seem like a long winded approach but it does prevent the password being sent by email which is not recommended.
To start with the form

?

1 2 3 4 5 6 7 8 9

<form role="form" method="post" action="" autocomplete="off">     <div class="form-group">     <input type="email" name="email" id="email" class="form-control input-lg" placeholder="Email" value="" tabindex="1">     </div>     <hr>     <div class="row">     <div class="col-xs-6 col-md-6"><input type="submit" name="submit" value="Sent Reset Link" class="btn btn-primary btn-block btn-lg" tabindex="2"></div>     </div>     </form>

If their is an $_GET['action'] show the correct message

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14

<?php     if(isset($_GET['action'])){            //check the action     switch ($_GET['action']) {     case 'active':     echo "<h2 class='bg-success'>Your account is now active you may now log in.</h2>";     break;     case 'reset':     echo "<h2 class='bg-success'>Please check your inbox for a reset link.</h2>";     break;     }     }     ?>

Next process the form ensure the email matches a user:

?

1 2 3 4 5 6 7 8 9 10 11 12

//email validation     if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)){     $error[] = 'Please enter a valid email address';     } else {     $stmt = $db->prepare('SELECT email FROM members WHERE email = :email');     $stmt->execute(array(':email' => $_POST['email']));     $row = $stmt->fetch(PDO::FETCH_ASSOC);            if(empty($row['email'])){     $error[] = 'Email provided is not on recognised.';     }     }

Create the token

?

1 2	//create the activation code     $token = md5(uniqid(rand(),true));

Next update the users record and set resetToken to the value of the token and resetComplete to No that will be needed if the link is clicked and password has been changed. Send an email to the user containing a link that points to resetPassword.php?key=$token passing the token.

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17

$stmt = $db->prepare("UPDATE members SET resetToken = :token, resetComplete='No' WHERE email = :email");     $stmt->execute(array(     ':email' => $row['email'],     ':token' => $token     ));            //send email     $to = $row['email'];     $subject = "Password Reset";     $body = "Someone requested that the password be reset. nnIf this was a mistake, just ignore this email and nothing will happen.nnTo reset your password, visit the following address: ".DIR."resetPassword.php?key=$token";     $additionalheaders = "From: <".SITEEMAIL.">rn";     $additionalheaders .= "Reply-To: $".SITEEMAIL."";     mail($to, $subject, $body, $additionalheaders);            //redirect to index page     header('Location: login.php?action=reset');     exit;

?

1

resetPassword.php

First check the token been passed to the page matches a user

?

1 2 3 4 5 6 7 8 9 10

$stmt = $db->prepare('SELECT resetToken, resetComplete FROM members WHERE resetToken = :token');     $stmt->execute(array(':token' => $_GET['key']));     $row = $stmt->fetch(PDO::FETCH_ASSOC);            //if no token from db then kill the page     if(empty($row['resetToken'])){     $stop = 'Invalid token provided, please use the link provided in the reset email.';     } elseif($row['resetComplete'] == 'Yes') {     $stop = 'Your password has already been changed!';     }

If $stop has been set then display that

?

1 2 3

if(isset($stop)){     echo "<p class='bg-danger'>$stop</p>";     }

If no errors have been created show a form to change the password

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18

<form role="form" method="post" action="" autocomplete="off">     <div class="row">     <div class="col-xs-6 col-sm-6 col-md-6">     <div class="form-group">     <input type="password" name="password" id="password" class="form-control input-lg" placeholder="Password" tabindex="1">     </div>     </div>     <div class="col-xs-6 col-sm-6 col-md-6">     <div class="form-group">     <input type="password" name="passwordConfirm" id="passwordConfirm" class="form-control input-lg" placeholder="Confirm Password" tabindex="1">     </div>     </div>     </div>     <hr>     <div class="row">     <div class="col-xs-6 col-md-6"><input type="submit" name="submit" value="Change Password" class="btn btn-primary btn-block btn-lg" tabindex="3"></div>     </div>     </form>

Once the form has been submitted validate the data then hash the password update the users row and set resetComplete to Yes to indicate the process is finished if the reset link is clicked again from email the process will be halted.

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42

//if form has been submitted process it if(isset($_POST['submit'])){ //basic validation if(strlen($_POST['password']) < 3){ $error[] = 'Password is too short.'; } if(strlen($_POST['passwordConfirm']) < 3){ $error[] = 'Confirm password is too short.'; } if($_POST['password'] != $_POST['passwordConfirm']){ $error[] = 'Passwords do not match.'; } //if no errors have been created carry on if(!isset($error)){ //hash the password $hashedpassword = $user->password_hash($_POST['password'], PASSWORD_BCRYPT); try { $stmt = $db->prepare("UPDATE members SET password = :hashedpassword, resetComplete = 'Yes' WHERE resetToken = :token"); $stmt->execute(array( ':hashedpassword' => $hashedpassword, ':token' => $row['resetToken'] )); //redirect to index page header('Location: login.php?action=resetAccount'); exit; //else catch the exception and show the error. } catch(PDOException $e) { $error[] = $e->getMessage(); } } } ------------------------------------------------------ PHP (recursive acronym for "PHP: Hypertext Preprocessor") is a widely-used Open Source general purpose scripting language that is especially suited for Web development and can be embedded into HTML. This is the simple Code Example through which you can Add, Delete, View , Edit from MySql Database. Paste this code and save the file as written above. Create a database named test and create a table student as below structure. ? 1 2 3 4 5 6 7 8 9 CREATE TABLE `student` ( `roll` int(11) default NULL, `class` varchar(20) default NULL, `name`   varchar(40) default NULL, `f_name` varchar(40) default NULL, `sex` varchar(6) default NULL,   `addr1` varchar(20) default NULL, `addr2` varchar(20) default NULL, `addr3` varchar(20) default   NULL, `city` varchar(20) default NULL, `phone` varchar(12) default NULL, `email` varchar(100)   default NULL, `remarks` varchar(40) default NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; Index.php [Main or Home Page] ? 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 <html>   <head>   <meta name="description" content="Core php code for add, edit, view,delete" />   <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />   <title>Search Student Record</title>   </head>   <body>   <center><h1><u>Student Database</u></h1></center>   <form name="search" method="post" action="search.php">   <table style=" border:1px solid silver" cellpadding="10px" cellspacing="0px"   align="center">   <tr>   <td colspan="3" style="background:#0066FF; color:#FFFFFF; fontsize:   20px">Search</td></tr>   <tr>   <td>Enter Search Keyword</td>   <td><input type="text" name="search" size="40" /></td>   <td><input type="submit" value="Search" /></td>   </tr>   <tr>   <td colspan="3">&nbsp;</td></tr>   <tr bgcolor="#CCCCCC">   <th><a href="add.php">Add Record</a></th>   <th><a href="del.php">Delete Record</a></th>   <th><a href="del.php">Update Record</a></th>   </tr>   </table>   </form>   </body>   </html> Search.php ? 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 <?   mysql_connect("localhost");   mysql_select_db("test") or die("database could not connect ");   ?>   <html>   <head>   <meta name="description" content="Core php code for add, edit, view,delete" />   <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />   <title>Search Student Record</title>   </head>   <body>   <center><h1><u>Student Database</u></h1></center>   <form name="search" method="post" action="search.php">   <table style=" border:1px solid silver" cellpadding="5px" cellspacing="0px"   align="center" border="0">   <tr>   <td colspan="3" style="background:#0066FF; color:#FFFFFF; fontsize:   20px">Search</td></tr>   <tr>   <td>Enter Search Keyword</td>   <td><input type="text" name="search" size="40" /></td>   <td><input type="submit" value="Search" /></td>   </tr>   <tr bgcolor="#666666" style="color:#FFFFFF">   <td>Roll & class</td>   <td>Name & Father's Name</td>   <td>&nbsp;</td>   <?   $search=$_POST["search"];   $flag=0;   $query="select * from student where name like '%$search%' ";   $result=mysql_query($query);   while ($row = mysql_fetch_array($result)) {   $flag=1;   echo "<tr ><td>",$row[0],", ",$row[1],"</td><td><a   href='view.php?roll=",$row[0],"'>",$row[2],", ",$row[3],"</a></td><td><a   href='edit.php?roll=",$row[0],"'>Edit</a> | <a   href='del.php?roll=",$row[0],"'>Delete</a></td></tr>";   }   if($flag==0)   echo "<tr><td colspan='3' align='center' style='color:red'>Record not   found</td></tr>";   ?>   <tr>   <td colspan="3">&nbsp;</td></tr>   <tr bgcolor="#CCCCCC">   <th colspan="3" align="right"><a href="add.php">Add Record</a></th>   </tr>   </table>   </form>   </body>   </html> View.php ? 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 <?   mysql_connect("localhost");   mysql_select_db("test") or die("database could not connect ");   ?>   <html>   <head>   <meta name="description" content="Core php code for add, edit, view,delete" />   <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />   <title>View Student Record</title>   </head>   <body>   <center><h1><u>Student Database</u></h1></center>   <?   $roll=$_GET["roll"];   $query="select * from student where roll='$roll'";   $result=mysql_query($query);   while ($row = mysql_fetch_array($result)) {   ?>   <table style=" border:1px solid silver" cellpadding="5px" cellspacing="0px"   align="center" border="1">   <tr>   <td colspan="4" style="background:#0066FF; color:#FFFFFF; font-size:20px">VIEW   STUDENT DATABASE</td></tr>   <tr>   <td> Roll Number</td><td><? echo $row[0];?></td>   <td> Class</td><td><? echo $row[1];?></td>   </tr>   <tr>   <td> Name of Student</td><td><? echo $row[2];?></td>   <td> Father's Name</td><td><? echo $row[3];?></td>   </tr>   <tr>   <td>Sex</td><td><? echo $row[4];?></td>   <td>Address1</td><td><? echo $row[5];?></td></tr>   <tr>   <td>Address2</td><td><? echo $row[6];?></td>   <td>Address3</td><td><? echo $row[7];?></td></tr>   <tr>   <td>City</td><td><? echo $row[8];?></td>   <td>Phone</td><td><? echo $row[9];?></td></tr>   <tr>   <td>Email</td><td><? echo $row[10];?></td>   <td>Remarks</td><td><? echo $row[11];?></td></tr>   <tr>   </table>   <?   }   ?>   <p align="center"><a href="index.php">Go Back to Home</a></p>   </body>   </html> Add.php ? 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 <?   mysql_connect("localhost");   mysql_select_db("test") or die("database could not connect ");   ?>   <html>   <head>   <meta name="description" content="Core php code for add, edit, view,delete" />   <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />   <title>Add Student Record</title>   </head>   <body>   <center>   <h1><u>Student Database</u></h1>   </center>   <?   if($_POST["do"]=="store")   {   $roll=$_POST["roll"];   $class=$_POST["class"];   $name=$_POST["name"];   $fname=$_POST["fname"];   $sex=$_POST["sex"];   $addr1=$_POST["addr1"];   $addr2=$_POST["addr2"];   $addr3=$_POST["addr3"];   $city=$_POST["city"];   $phone=$_POST["phone"];   $email=$_POST["email"];   $remarks=$_POST["remarks"];   $query="insert into student   value($roll,'$class','$name','$fname','$sex','$addr1','$addr2','$addr3','$city','$phone','$   email','$remarks')";   mysql_query($query);   echo "<center>Successfully store in DATABASE</center>";   }   ?>   <form name="add" method="post" action="add.php">   <table style=" border:1px solid silver" cellpadding="5px" cellspacing="0px"   align="center" border="0">   <tr>   <td colspan="4" style="background:#0066FF; color:#FFFFFF; fontsize:   20px">ADD STUDENT RECORD</td>   </tr>   <tr>   <tr>   <td>Enter Roll Number</td>   <td><input type="text" name="roll" size="20"></td>   <td>Enter Class</td>   <td><input type="text" name="class" size="20"></td>   </tr>   <tr>   <td>Enter Name of Student</td>   <td><input type="text" name="name" size="20"></td>   <td>Enter Father's Name</td>   <td><input type="text" name="fname" size="20"></td>   </tr>   <tr>   <td>Sex</td>   <td><input type="radio" name="sex" value="Male">   Male   <input type="radio" name="sex" value="Female">   Female </td>   <td>Address1</td>   <td><input type="text" name="addr1" size="20"></td>   </tr>   <tr>   <td>Address2</td>   <td><input type="text" name="addr2" size="20"></td>   <td>Address3</td>   <td><input type="text" name="addr3" size="20"></td>   </tr>   <tr>   <td>City</td>   <td><input type="text" name="city" size="20"></td>   <td>Phone</td>   <td><input type="text" name="phone" size="20"></td>   </tr>   <tr>   <td>Email</td>   <td><input type="text" name="email" size="20"></td>   <td>Remarks</td>   <td><input type="text" name="remarks" size="20"></td>   </tr>   <tr>   <td colspan="4" align="center"><input type="hidden" name="do" value="store">   <input type="submit" value="ADD RECORD"></td>   </tr>   </table>   </form>   <p align="center"><a href="index.php">Go Back to Home</a></p>   <?   include("search.php");?>   </body>   </html> Edit.php ? 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 <?   mysql_connect("localhost");   mysql_select_db("test") or die("database could not connect ");   ?>   <html>   <head>   <meta name="description" content="Core php code for add, edit, view,delete" />   <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />   <title>Update Student Record</title>   </head>   <body>   <?   if($_POST["do"]=="update")   {   $roll=$_POST["roll"];   $class=$_POST["class"];   $name=$_POST["name"];   $fname=$_POST["fname"];   $sex=$_POST["sex"];   $addr1=$_POST["addr1"];   $addr2=$_POST["addr2"];   $addr3=$_POST["addr3"];   $city=$_POST["city"];   $phone=$_POST["phone"];   $email=$_POST["email"];   $remarks=$_POST["remarks"];   $query="update student set   name='$name',f_name='$fname',sex='$sex',addr1='$addr1',addr2='$addr2',addr3='$ad   dr3',city='$city',phone='$phone',email='$email',remarks='$remarks' where roll=$roll";   mysql_query($query);   echo "<center>Successfully Updated in DATABASE</center>";   include("search.php");   }   ?>   <center>   <h1><u>Student Database</u></h1>   </center>   <?   $roll=$_GET["roll"];   $query="select * from student where roll='$roll'";   $result=mysql_query($query);   while ($row = mysql_fetch_array($result)) {   ?>   <form name="update" method="post" action="edit.php">   <table style=" border:1px solid silver" cellpadding="5px" cellspacing="0px"   align="center" border="0">   <tr>   <td colspan="4" style="background:#0066FF; color:#FFFFFF; fontsize:   20px">ADD STUDENT RECORD</td>   </tr>   <tr>   <tr>   <td>Enter Roll Number</td>   <td><? echo $row[0];?>   <input type="hidden" name="roll" size="20" value="<? echo $row[0];?>"></td>   <td>Enter Class</td>   <td><input type="text" name="class" size="20" value="<? echo $row[1];?>"   disabled="disabled"></td>   </tr>   <tr>   <td>Enter Name of Student</td>   <td><input type="text" name="name" size="20" value="<? echo $row[2];?>"></td>   <td>Enter Father's Name</td>   <td><input type="text" name="fname" size="20" value="<? echo   $row[3];?>"></td>   </tr>   <tr>   <td>Sex</td>   <td><input type="radio" name="sex" value="Male" checked="checked">   Male   <input type="radio" name="sex" value="Female">   Female </td>   <td>Address1</td>   <td><input type="text" name="addr1" size="20" value="<? echo $row[5];?>"></td>   </tr>   <tr>   <td>Address2</td>   <td><input type="text" name="addr2" size="20" value="<? echo $row[6];?>"></td>   <td>Address3</td>   <td><input type="text" name="addr3" size="20" value="<? echo $row[7];?>"></td>   </tr>   <tr>   <td>City</td>   <td><input type="text" name="city" size="20" value="<? echo $row[8];?>"></td>   <td>Phone</td>   <td><input type="text" name="phone" size="20" value="<? echo   $row[9];?>"></td>   </tr>   <tr>   <td>Email</td>   <td><input type="text" name="email" size="20" value="<? echo   $row[10];?>"></td>   <td>Remarks</td>   <td><input type="text" name="remarks" size="20" value="<? echo   $row[11];?>"></td>   </tr>   <tr>   <td colspan="4" align="center"><input type="hidden" name="do"   value="update">   <input type="submit" value="UPDATE RECORD"></td>   </tr>   </table>   </form>   <? } ?>   <p align="center"><a href="index.php">Go Back to Home</a></p>   </body>   </html> Del.php ? 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 <?   mysql_connect("localhost");   mysql_select_db("test") or die("database could not connect ");   ?>   <html>   <head>   <meta name="description" content="Php Code for View, Search, Edit and Delete   Record" />   <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />   <title>Add Student Record</title>   </head>   <body>   <?   $roll=$_GET["roll"];   $query="delete from student where roll=$roll";   mysql_query($query);   echo "<center>Successfully Deleted</center>";   include("search.php");   ?>   </body>   </html> Core php code for add, edit, view,delete PHP (recursive acronym for "PHP: Hypertext Preprocessor") is a widely-used Open Source general purpose scripting language that... \Blog Archive ▼  2014 (9) ►  November (2) ►  September (2) ►  June (2) ▼  March (3) PHP Coading Standard Core php code for add, edit, view,delete An Introduction to Object Oriented PHP