portfolio - PHP

[Code Files]

1. trim(), date().
2. Define your own function at the top of file called moments that takes in one parameter

1. A starter_kit.zip was provided by my instructor.
2. HTML, CSS, bootstrap, JavaScript were set up by my instructor.

[Code Files]

1. Refactor the code so that the moments() function is in a separate file named functions.php
2. require() this file in lab3.php
3. Modfiy the form so that it POSTs to itself – lab3.php
4. be sure to also add in the name attributes for the input elements
5. All input fields are required. If an input field is missing, display an error message
6. If all input fields are provided, display a thank you message with the authors full name and current time.
7. ie. this will do fine
   Thank you Gary Tong for posting! September 25th, 2017.

1. A starter_kit.zip was provided by my instructor.
2. HTML, CSS, bootstrap, JavaScript were set up by my instructor.

[Code Files]

1. Move the uploaded file to the uploads/ directory
2. After a successful POST, append the POST’d data to text file called posts.txt
3. separate each value by a ,
4. include the value of time() in your data
5. include the uploaded file name in your data
6. each POST will be on it’s own line
7. you may assume the user will never enter a , character
8. an example line may look like
   Gary,Tong,A Title,A comment,1,image.jpg,1481808630
9. On each page load, open the text file called posts.txt
10. loop through the lines in posts.txt, each line will represent a post
11. display each post in a panel, similar to the First Post! one that was done for you
12. [Challenge] display each post in a panel, similar to the First Post! Sort the display boxes by priority
13. [Challenge] Deal with users having , in their input

1. A starter_kit.zip was provided by my instructor.
2. HTML, CSS, bootstrap, JavaScript were set up by my instructor.

[Code Files]

1. All fields are required. If any one is missing, provide an error message
2. You must use regular expressions to validate the following fields
   1. First Name and Last Name – alphabetical only
   2. Password – check for at least a mix of digits and alphabets
   3. Phone Number – 7 or 10 digits only, with or without brackets for the area code, with or without dashes/spaces separating each grouping. ie.
   4. (604)1231234 is valid
   5. 604 123 1234
   6. 604-123-1234
   7. (604) 123 1234 is valid
   8. 6041231234 is valid
   9. 1231234 and 1231231234 is valid
   10. (6041231234 and 604)1231234 is not valid
   11. Date of Birth – in the format of MMM-DD-YYYY exactly. ie.
   12. JAN-01-1980 is valid
   13. 123-01-1980 is not valid
   14. ABC-01-1980 is not valid
   15. [Challenge] Save the input to a text file
   16. [Challenge] Create a login based on that text file. I’ve started this for you with login.php

1. A starter_kit.zip was provided by my instructor.
2. HTML, CSS, bootstrap, JavaScript were set up by my instructor.

[Code Files]

You will notice the login form now has a Remember Me checkbox.

1. On each POST request,
   1. if the Remember Me checkbox is checked, store the value of the phoneNumber input field in a cookie. Have the cookie expire in 20 days.
   2. if the Remember Me checkbox is unchecked, expire the cookie that stored the phoneNumber.
2. On each GET request, check if a cookie for phoneNumber was received
   1. if received, set the value of the phoneNumber input field to the value of cookie

1. On each POST request,
   1. set a cookie to remember the values the user entered for each field
   2. set the cookie regardless if the input fields met validation criteria
   3. do not set the password field
2. On each GET request,
   1. check if a cookie for each input field was received
   2. set the value of each corresponding input field to the value of the cookie

1. A starter_kit.zip was provided by my instructor.
2. HTML, CSS, bootstrap, JavaScript were set up by my instructor.

1. login.php
2. * It sets cookie on your machine.
3. If the Remember Me checkbox is checked with the Phone Number and Password, submitting the form, a cookie for the Phone Number will be set.
4. To confirm that, click on the address bar, and hit the Enter key. (GET Request)
5. The phone number you entered will be displayed in the Phone Number field.

1. signup.php
2. * It sets cookie on your machine.
3. Please fill up the form. Enter a First Name, a Last Name, (a Password), a Phone Number, and a Date of Birth.
4. Hit the Enter key to submit the form. (POST Request)
5. Cookie for those inputs will be set.
6. To confirm that, click on the address bar, and hit the Enter key. (GET Request)
7. The information you entered will be displayed in the form.

[Code Files]

The purpose of this lab is to work with sessions.

1. On each POST request,
   1. save the POST’d information in CSV format, into a logins.txt file on a new line.
   2. create a session variable to flag that the user is signed up aka logged in.
   3. redirect to lab7.php.

1. On each POST request,
   1. check if the POST’d credentials match the entries in logins.txt.
   2. if a match is found, create a session variable to flag that the user has had a successful login, then redirect to lab7.php.
   3. if a match was not found, display a simple error message.

1. Add a link to logout.php
2. On each page load, check if the session variable used to flag a logged in user exists.
   1. Only run the rest of the script if the session variable exists.
   2. if the session variable doesn’t exist, redirect the user to login.php.

1. Destroy the current session and redirect the user to login.php.

1. Store the passwords with a one way hash, such as MD5.
   1. Take it step further, store the passwords with a bcrypt library.
2. If a non-logged in user attempts to access lab7.php, not only redirect them to login.php, but provide an error message saying “Break in attempt detected!”
   1. Take it a step further, send proper HTTP redirect codes.
3. log the users IP address of break in attempts to unauthorized.txt
   1. Look into $_SERVER.

1. A starter_kit.zip was provided by my instructor.
2. HTML, CSS, bootstrap, JavaScript were set up by my instructor.

1. signup.php
2. * It sets session on your machine.
3. Fill out the form with First Name (alphabet only), Last Name (alphabet only), Password (alphanumeric only), Phone Number ((000) 000 0000), Date of Birth (MMM-DD-YYYY).
4. Click Sign Up! button.
5. To confirm the sign up, log in with the information you entered for the sign up.

1. login.php
2. * It sets session on your machine.
3. Enter the Phone Number and Password you chose for the sign up.
4. On a successful login, you are redirected to lab7.php page.
5. To log out, click the Logout button.

[Code Files]

The purpose of this lab is to work with headers and GD image functions. There is no starter kit.

1. Have a form that asks for a file upload type and for a text input type:
   1. POST to picture.php
   2. the upload destination location is up to you
   3. you may assume only JPEG pictures are uploaded; no need to enforce validation
2. On each POST request:
   1. write the submitted text on to the JPEG image
   2. the location of the text is up to you, top left corner is fine
   3. the color of the text is up to you, red is fine
   4. Save a new copy of this modified image
   5. Display this modified image within a element

1. On each GET request:
   1. the parameter name will be provided
   2. look to see if a file matching name exists
   3. if the file exists, send this image back to the client for rendering
   4. do not use any HTML; use proper HTTP headers
2. Hint: look up imagecreatefromjpeg(). This is in both your notes and in the PHP manual.

1. Challenge
2. Modify your lab 7 solution so that when a picture is uploaded, a thumbnail is created as well. You can store this in a separate folder.
3. For each panel, change the src attribute to grab from the thumbnail instead.

The purpose of this lab is to work with SQL and PHP. There is no starter kit.

1. Create a create.txt – put your SQL statements into a plain text file named create.txt. Provide SQL statements that will do the following
   1. Create a database named lesson09
   2. Create a table named books that has the following structure
   3. ID must auto increment
2. Create an insert.txt – put your SQL statements into a plain text file named insert.txt. Provide SQL statements that will do the following
3. Insert 3 rows of data into the books table you created
4. Your table should look similar to this
5. Create a table.php – this script will do the following
6. Connects to the local database server

[Code Files]

The purpose of this assignment is to cover material you’ve learned in lessons 1 - 5.

1. The assignment will be a basic input and output web application; messages will be posted and presented with a few PHP scripts. This should build off of the ideas from your labs.
2. index.php
3. This is the landing page that your visitors will start on when they visit your web application. All posts inside the provided posts.txt file will be displayed as a panel.
4. Modify this page so that on each GET request
   1. If posts.txt doesn’t exist or doesn’t have any valid lines, display an error
   2. Each line in posts.txt is displayed in a panel, similar to the sample panel
   3. Group posts top-down, by priority in the order of: Important (1), High (2), Normal (3)
   4. Each panel will have a color based on the priority. This is made easy with CSS
   5. Important priority will have the CSS class panel-danger
   6. High priority will have the CSS class panel-warning
   7. Normal priority will have the CSS class panel-info
5. And on each valid POST request
   1. Append a line to posts.txt
   2. Move uploaded files to uploads/. You can assume this directory always exists
   3. PHP should check that only JPEG is uploaded. An extension check is not enough!
   4. Add some uniqueness to the final file name
   5. Validate all input fields using regular expressions. All fields are required.
   6. First name, last name and title are alphabetical only. You may allow spaces.
   7. The comment can contain alphabets, digits, punctuation but not < or >
   8. Priority can only be digits
   9. Display a basic error message if any of the inputs, including the image, is invalid
6. posts.txt
7. This file is provided.
8. The format of each line aka each post is
9. FirstName|LastName|Title|Comment|Priority|image|post time
10. Some lines in posts.txt are missing fields. This is intentional – you are to ignore these lines as they are considered invalid entries
11. posts.txt is not , separated rather it’s | separated. This is intentional – this allows your users to use , in their comments
12. search.php
13. This page will display a basic search bar for your visitor to search the posts of the web application.
    1. Modify the form so that it GET’s to itself
    2. Validate input using regular expressions so that alphabet-only text is accepted
    3. A simple error message on invalid input is fine
    4. Do not include invalid lines/posts from the posts.txt file in your results
    5. Display each found result in a simple table
    6. Include the full name of the author, title of the post and a human readable version of the posted time
    7. Group results top-down, by priority in the order of: Important (1), High (2), Normal (3)
    8. Each result row will have a color based on the priority. This is made easy with CSS
    9. Important priority will have the CSS class danger
    10. High priority will have the CSS class warning
    11. Normal priority will have the CSS class info
    12. At the bottom of the page, display the total number of results found
    13. A search result is qualified if the input string is in the comment field of a post
14. includes/functions.php
15. There will be a folder called includes/ with a file named functions.php. This is simply a design choice to help you architect your code.
16. Any functions that you wish to define and assist your PHP pages should go into this file.
17. Careful design of functions can make this assignment much easier.
18. uploads/
19. You can assume this directory always exists. All uploaded, validated images will be placed here.

1. A starter_kit.zip was provided by my instructor.
2. HTML, CSS, bootstrap, JavaScript were set up by my instructor.

The purpose of this assignment is to cover material you’ve learned in lessons 6 - 9.

Start with the starter_kit.zip that your instructor will provide you. This is a combination of your assignment 1 solution and a few labs. You may use your own solution from assignment 1.

The assignment builds on top of the input and output of data. However in this assignment, you will not be persisting and reading data to/from a flat file. You will be using a MySQL database.

1. signup.php
2. This page allows visitors to create an account.
3. Modify this page so that on each POST request
1. insert the POST’d data to the database table logins
2. when inserting the valid phoneNumber field, filter out anything that isn’t a digit.
3. i.e. if 604-123-1234 was entered, save 6041231234.
4. this function may help - preg_replace()
5. it is intentional that this specific function has been left out of your notes; having to read the PHP documentation is intentional
6. if valid data was successfully inserted,
7. set a session variable to flag a valid login,
8. set a session variable for the first name,
9. set a session variable for the last name, and
10. redirect to index.php
4. login.php
5. This page will allow visitors to log in to the web application. It currently POST’s to itself and sets the cookies accordingly.
6. Modify this page so that
   1. it validates the phoneNumber field the same way as the signup.php page.
   2. it validates the phoneNumber field the same way as the signup.php page.
   3. it checks credentials against the database table logins
   4. if the credentials exist,
   5. set a session variable to flag a valid login,
   6. set a session variable for the first name,
   7. set a session variable for the last name, and
   8. redirect to index.php
7. index.php
8. This is the landing page that your visitors will start on when they visit your web application, after a successful login/signup.
9. Modify this page so that on each request
   1. if the client is not logged in, redirect to login.php
   2. instead of reading from posts.txt, read from the database table posts
   3. The starter kit makes use of the getPosts() function – modify this function to read from the database table posts
   4. using the session variables for first name and last name, pre-populate the firstName and lastName fields of the New Post modal
10. You will also notice a new button below every picture labeled Download. You will notice the current link is to download.php
    1. Modify this link so it tags on a GET parameter named filename
    2. the value of filename is the file name of the picture being displayed
11. And on each valid POST request
    1. insert the POST’d values into the database table posts
    2. The starter kit makes uses of the insertPost() function – modify this function to insert into the database
    3. There’s no need to change the existing validations, but also do not remove them.
    4. search.php
    5. This page will display a basic search bar for your visitor to search the posts of the web application.
    6. Modify this page so that on each request
       1. If the client is not logged in, redirect to login.php
       2. Instead of reading from posts.txt, read from the database table posts
       3. The starter kit makes use of the searchPosts() function – modify this function to read from the database table posts
       4. You can search at the database level by use the LIKE clause your query
          

          select * from tablename where a_field like "%phrase%"

       5. This will find all columns from the table tablename, where the a_field column contains the word phrase in it, with characters before and after phrase.
       6. download.php
       7. This page will be used to prompt the user to download a picture. This page isn’t meant to return any DOM elements for the client to render. However, this page will send the contents of a picture back to client, prompting the client to download the file.
       8. Setup this page so that
          1. it takes a GET parameter named filename
          2. based on the value of filename, check if a file in uploads/ has the same file name
          3. if so, send the contents to the client
          4. be sure to set the proper headers so that the client saves the file rather than rendering the file
          5. logout.php
          6. Simple page that clears all session data and redirects the client back to login.php.
          7. data/sql.txt and data/comp3015.sql
          8. sql.txt is simply a series of MySQL statements that you can copy and paste into your MySQL client to seed your database before starting the assignment.
          9. comp3015.sql is a database dump of the exact same data produced by sql.txt. This is for people who wishes to use import tools instead of copy and pasting the contents of sql.txt.
          10. includes/functions.php
          11. There will be a folder called includes/ with a file named functions.php. This is simply a design choice to help you architect your code.
          12. Any functions that you wish to define and assist your PHP pages should go into this file.
          13. Careful design of functions can make this assignment much easier.
          14. uploads/
          15. You can assume this directory always exists. All uploaded, validated images will be placed here.

The purpose of this assignment is to cover material you’ve learned in lessons 6 – 9.

This is a combination of your assignment 1 solution, assignment 2 solution, and a few labs. You may use your own solution from assignment 2.

The assignment builds on top of the database queries you’ve learned. Also, you’ll be dealing with session management.

1. signup.php, download.php, index.php, logout.php
2. There is no change required for these 4 pages – use them as is from your starter kit.
3. login.php
4. This page will allow visitors to log in to the web application. For assignment 3, it will check for an administrator login.
5. Modify this page so that
   1. it checks credentials against the database table logins
   2. if the credentials exist and they are a normal user,
   3. set a session variable to flag a valid login,
   4. set a session variable for the first name,
   5. set a session variable for the last name, and
   6. redirect to index.php
   7. if the credentials exist and they are an administrator user
   8. set all the session variables for a normal user
   9. set a flag that marks this user as an administrator
   10. to determine if a user is an administrator, there will be an admin flag added to the logins table. See the section on data/sql.txt.
6. search.php
7. This page will display a basic search bar for your visitor to search the posts of the web application.
8. Modify this page so that
   1. If the client is not logged in, redirect to login.php
   2. Based on the session variables, you’ll know if the user is an administrator or not
   3. if they are, each search result will have a link to edit.php and delete.php
   4. pass the posts’ id as a GET parameter to edit.php and delete.php
   5. if they are not an administrator, the links to edit.php and delete.php should be hidden
   6. Add a link to users.php
9. users.php
10. This page will display a basic user information for your administrators
11. Modify this page so that on each request
    1. If the client is not logged in as an administrator, redirect to login.php
    2. Simply display a list of all users of the system
    3. Include their first name, last name and date of birth
    4. This may feel useless – and it is – but if you have time and wish to take this assignment further, provide CRUD functionality for users. No bonus marks.
12. edit.php
13. This page will be used by the administrator to edit a specific post.
14. Setup this page so that
    1. if the client is not logged in as an administrator, redirect to login.php
    2. it takes a GET parameter named id
    3. be sure to sanitize the GET parameter
    4. based on the value of id, check if a post in the database indeed exists with that id number
    5. if so, populate the editable input fields with values from the database
    6. the editable form will POST to edit.php
    7. use the same input validation rules as with the index.php page
15. delete.php
16. This page will be used by an administrator to delete a specific post
17. Setup this page so that
    1. if the client is not logged in as an administrator, redirect to login.php
    2. it takes a GET parameter named id
    3. be sure to sanitize the GET parameter
    4. based on the value of id, find the post in the database with that id number and delete it
    5. if the post was deleted, display a message confirming so
    6. if the post was not found, display a message indicating so
18. data/sql.txt and data/comp3015.sql
19. sql.txt is simply a series of MySQL statements that you can copy and paste into your MySQL client to seed your database before starting the assignment.
20. comp3015.sql is a database dump of the exact same data produced by sql.txt. This is for people who wishes to use import tools instead of copy and pasting the contents of sql.txt.
21. What’s different about this set of SQL is that the logins table now has a new column admin to flag an administrator account.
22. Also, an administrator account has been inserted for you – verify administrator logins against this row. If you wish to massage the data, such as hashing the password, feel free to do so by dropping this row and inserting your own.
23. includes/functions.php
24. There will be a folder called includes/ with a file named functions.php. This is simply a design choice to help you architect your code.
25. Any functions that you wish to define and assist your PHP pages should go into this file.
26. Careful design of functions can make this assignment much easier.
27. uploads/
28. You can assume this directory always exists. All uploaded, validated images will be placed here.