Green University of Bangladesh
Department of Computer Science and Engineering (CSE)
Semester: (Fall, Year: 2022), B.Sc. in CSE (Day)
Lab Report 03
Course Title: Web Programming Lab
Course Code: CSE 302
Section: D21
Students Details
Name ID
Sourav Debnath 221902246
Submission Date: 24-06-2024
Course Teacher’s Name: Most. Rokeya Khatun
[For teachers use only: Don’t write anything inside this box]
Lab Project Status
Marks: Signature:
Comments: Date:
Contents
1 Lab Report 03 2
1.1 TITLE OF THE LAB REPORT EXPERIMENT . . . . . . . . . . . . . 2
1.2 OBJECTIVES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.3 Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.4 IMPLEMENTATION OUTPUT . . . . . . . . . . . . . . . . . . . . . 2
1.5 Taking Input . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.6 Implementation code . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.7 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1
Chapter 1
Lab Report 03
1.1 TITLE OF THE LAB REPORT EXPERIMENT
1. . Create a database, table and columns, value insertion according to your project
(Show connection of PHP with MySQL).
2. Apply rules when taking input from form
1.2 OBJECTIVES
• Database Design: Design schema and create database/tables.
• PHP-MySQL Connection: Establish secure connection.
• User Registration Form: Create HTML/CSS form.
• Input Validation: Sanitize inputs, validate email, enforce password strength.
• Unique Constraints: Ensure unique usernames/emails.
• Password Handling: Hash passwords securely.
• Data Insertion: Use prepared statements for secure data insertion.
• Error Handling: Provide user-friendly error messages.
• User Authentication: Implement login system.
• Session Management: Manage sessions securely.
1.3 Procedure
1.4 IMPLEMENTATION OUTPUT
Creating a Database and table for value Insertion with Maintain all rules:
2
Figure 1.1: Database and columns
1.5 Taking Input
Creating To do database and create table for task and users and this insertion should
take from login user interface.
Figure 1.2: Taking Input From User
1.6 Implementation code
Here, the php code with mySql:
<?php
$con = mysqli_connect("localhost","root","","hotel") or die(mysql_error());
?>
<?php
session_start();
3
if(isset($_SESSION["user"]))
{
header("location:home.php");
}
?>
<!DOCTYPE html>
<html >
<head>
<meta charset="UTF-8">
<title>SUN RISE ADMIN</title>
<link rel="stylesheet" href="css/style.css">
</head>
<body>
<div id="clouds">
<div class="cloud x1"></div>
<!-- Time for multiple clouds to dance around -->
<div class="cloud x2"></div>
<div class="cloud x3"></div>
<div class="cloud x4"></div>
<div class="cloud x5"></div>
</div>
<div class="container">
<div id="login">
<form method="post">
<fieldset class="clearfix">
<p><span class="fontawesome-user"></span><input type="text" name="user
<p><span class="fontawesome-lock"></span><input type="password" name="p
<p><input type="submit" name="sub" value="Login"></p>
</fieldset>
</form>
4
</div> <!-- end login -->
</div>
<div class="bottom"> <h3><a href="../index.php">SUN RISE HOMEPAGE</a></h3></di
</body>
</html>
<?php
include(’db.php’);
if($_SERVER["REQUEST_METHOD"] == "POST") {
// username and password sent from form
$myusername = mysqli_real_escape_string($con,$_POST[’user’]);
$mypassword = mysqli_real_escape_string($con,$_POST[’pass’]);
$sql = "SELECT id FROM login WHERE usname = ’$myusername’ and pass = ’$mypass
$result = mysqli_query($con,$sql);
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);
$active = $row[’active’];
$count = mysqli_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count == 1) {
$_SESSION[’user’] = $myusername;
header("location: home.php");
}else {
echo ’<script>alert("Your Login Name or Password is invalid") </script>’ ;
}
}
?>
1.7 Conclusion
To build a secure, user-friendly PHP and MySQL web application with user registration,
design an intuitive form and structure the database efficiently. Ensure a secure PHP-
MySQL connection, validate inputs to prevent SQL injection and XSS attacks, and
enforce unique usernames and emails.