1

This is a concept question. Right now I have a registration/login and a profile page system built using php and mysql, but I have one question.

I want a user to be able to make their own specific todos. So when they login they can see their todo and create their todo for them selves. Only their login can access their todo. But I don't understand how to do that in php/mysql.

Here is my login page:

<?php
session_start();
require_once('PhpConsole.phar');
require_once('connection.php');
ob_start();
require('index.php');
$data = ob_get_clean();
ob_end_clean();
?>
<!DOCTYPE html>
<html lang="en-US">
<head>
  <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css">
  <link rel="stylesheet" href="https://rawgit.com/marcoceppi/bootstrap-glyphicons/master/css/bootstrap.icon-large.css">
  <link rel="stylesheet" href="main.css">
  <link rel="stylesheet" href="lib/sweetalert.css">
  <script src="lib/sweetalert-dev.js"></script>
</head>

<body>

    <div id="page">

    <form method = "post" role = "form" id = "form">
      <h1 style = "position:relative; left:60px; font-family: Impact;">Login </h1>
      <div class="col-xs-2">
          <div class="inner-addon left-addon">
            <i class="glyphicon glyphicon-envelope"></i>
            <input type="text" class="form-control" id = "email" name = "loginemail" placeholder="Email"  />
          </div>
        </div>
        <br>
          <div class="col-xs-2">
          <div class="inner-addon left-addon">
            <img src = "http://i.imgur.com/GqkLI3z.png" id = "imgLock"/>
            <input type="text" class="form-control" name = "loginpassword" placeholder="Password" id = "password" />

          </div>
        </div>

        <br>
        <br>
        <div id = "buttons">
        <div class="col-xs-2">
        <div class="inner-addon left-addon">
          <i class="glyphicon glyphicon-ok-sign" ></i>
          <input type = "submit" class="btn btn-info" name = "loginsubmit" id = "submit"/>
        </div>
        <div>
        </div>

    </form>
    </div>
<?php
  if(isset($_POST["loginsubmit"])){

  $loginEmail = $_POST["loginemail"];
  $loginPassword = $_POST["loginpassword"];
  if ($query = mysqli_query($connection, "SELECT * FROM `authe` WHERE Email = '".$loginEmail."' AND Password = '".$loginPassword."' ")) {

  $rows = mysqli_num_rows($query);

  if($rows>0){
      echo "<script> swal('Good job!', 'Sucessfully Authenticated', 'success')</script>";
      $_SESSION['email'] = $loginEmail;
      $_SESSION['password'] = $loginPassword;
      if(true){
        // header("Location: http://localhost:8012/phpForm/Profile.php");

        if ($queryTwo = mysqli_query($connection, "SELECT Username FROM `authe` WHERE Email = '".$loginEmail."'")) {
          $rowsTwo = mysqli_num_rows($queryTwo);
          if($rowsTwo>0){
            printf($rowsTwo);
            while($roww = mysqli_fetch_array($queryTwo))
              {
                $_SESSION["username"] =  $roww['Username'];
              }
          }
        }
       echo "<script> window.location.href = 'http://localhost:8012/phpForm/Profile.php' </script>";
      }

    }
   else {
     echo "<script>sweetAlert('Oops...', 'Authentication Failed', 'error');</script>";
   }
  }
 }
?>


</body>
  </html>

  <!-- <br>

<input  type = "text" class="form-control" name = "loginemail" style = "width = 20px;" id = "input" placeholder = "Enter Email" required/>
<i class="glyphicon glyphicon-user form-control-feedback"></i>
  <br> -->

And my profile page:

<?php
session_start();
require_once('PhpConsole.phar');
require_once('connection.php');
ob_start();
require('index.php');
$data = ob_get_clean();
ob_end_clean();

  ?>
<!DOCTYPE html>
<html lang="en-US">
<head>
  <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css">
  <link rel="stylesheet" href="https://rawgit.com/marcoceppi/bootstrap-glyphicons/master/css/bootstrap.icon-large.css">
  <link rel="stylesheet" href="main.css">
  <script src="https://code.angularjs.org/1.4.9/angular.js"></script>
  <link href='https://fonts.googleapis.com/css?family=Yanone+Kaffeesatz:700' rel='stylesheet' type='text/css'>
  <script src = "page.js"></script>
  <link rel="stylesheet" href="lib/sweetalert.css">
  <script src="lib/sweetalert-dev.js"></script>
  <style>
  #toDoButton {
    position: relative;
      color: rgba(255,255,255,1);
      text-decoration: none;
      background-color: rgba(219,87,5,1);
      font-family: 'Yanone Kaffeesatz';
      font-weight: 700;
      right:550px;
      bottom:70px;
      font-size: 3em;
      display: block;
      padding: 4px;
      -webkit-border-radius: 8px;
      -moz-border-radius: 8px;
      border-radius: 8px;
      -webkit-box-shadow: 0px 9px 0px rgba(219,31,5,1), 0px 9px 25px rgba(0,0,0,.7);
      -moz-box-shadow: 0px 9px 0px rgba(219,31,5,1), 0px 9px 25px rgba(0,0,0,.7);
      box-shadow: 0px 9px 0px rgba(219,31,5,1), 0px 9px 25px rgba(0,0,0,.7);
      margin: 100px auto;
    width: 160px;
    text-align: center;

    -webkit-transition: all .1s ease;
    -moz-transition: all .1s ease;
    -ms-transition: all .1s ease;
    -o-transition: all .1s ease;
    transition: all .1s ease;
  }

  #toDoButton:active {
      -webkit-box-shadow: 0px 3px 0px rgba(219,31,5,1), 0px 3px 6px rgba(0,0,0,.9);
      -moz-box-shadow: 0px 3px 0px rgba(219,31,5,1), 0px 3px 6px rgba(0,0,0,.9);
      box-shadow: 0px 3px 0px rgba(219,31,5,1), 0px 3px 6px rgba(0,0,0,.9);
  }

  </style>
</head>

<body>

    <div id="page" ng-app = "pageApp" ng-controller="pageController">
      <h1>Welcome <?php  echo $_SESSION['username']; ?></h1>
      <h5>Here is one cool feauture. Type in the box :)</h5>
      <div class = "coolFeauture" id = "CoolFeauture1">
      <input type = "text" ng-model = "CoolFeauture"/>
      <div ng-bind = "CoolFeauture"></div>
    </div>
<div class = "todoMain">
    <h4>Click on the button for a TODO App! Check it out!</h4>
      <a href="javascript:void(0);" id = "toDoButton">Todo</a>
    </div>
    </div>
  <?php
  ?>


</body>
  </html>

  <!-- <br>

<input  type = "text" class="form-control" name = "loginemail" style = "width = 20px;" id = "input" placeholder = "Enter Email" required/>
<i class="glyphicon glyphicon-user form-control-feedback"></i>
  <br> -->
Jason Aller
  • 3,541
  • 28
  • 38
  • 38
amanuel2
  • 4,508
  • 4
  • 36
  • 67
  • Two tables: a 'user' table and a 'todolist' table that has the userid as a foreign key. When logged in, a session variable can be set to the userid, so that the code queries only for the todolist with that userid. – TurtleTread Jan 31 '16 at 04:14
  • Ok @JoeS i already have a user table. But that todolist is availale for everyone.... I cant put multiple data in one single row.. I dont really understand what you are saying. – amanuel2 Jan 31 '16 at 04:16
  • todolist table columns: todoid, content, userid. Query: select ... where userid= {userid} – TurtleTread Jan 31 '16 at 04:19
  • Ok But what im asking is the content can only have one text. It cant hold multiple values. A Row cant hold multiple values @JoeS Or am i wrong? – amanuel2 Jan 31 '16 at 04:20
  • I dont understand yourlogic. Get an anwser – amanuel2 Jan 31 '16 at 04:23
  • 1
    A user would have multiple rows, 1 per todo, no? – Rasclatt Jan 31 '16 at 04:24
  • And an answer to your other question, yes you can have multiple values by using `json_encode()` or `serialize()` but there are very few instances where using those is a good idea in a database. – Rasclatt Jan 31 '16 at 04:32
  • http://stackoverflow.com/questions/5706437/whats-the-difference-between-inner-join-left-join-right-join-and-full-join/6188334#6188334 this will help you. and further to as @Rasclatt mentioned, you should have a user table, a todo table, the todo table should have a column like userid so you can join the 2 table together in your query. and you can have multiple rows in your todo table with the same userId, suggest you add another column as createdDate to sort by. – Mark Ng Jan 31 '16 at 04:37
  • @MarkNg mmm..there's probably no need to do a 'join' if we are not retrieving user info. – TurtleTread Jan 31 '16 at 04:44
  • @JoeS the op may probably need it as he mentioned it is a profile page... uhmm – Mark Ng Jan 31 '16 at 04:45

1 Answers1

1

Since it is a concept question, and you mentioned that the login / register system is already done, what you need to do is:

  • Log them in saving a unique $_SESSION['id'], or an expirable unique key.
    • Additionally you may save cookies to identify their account

In the todo.php page:

  • Make sure that they are logged in by checking $_SESSION['id'] (if it has been set, else redirect somewhere or pop up a message).
  • Query their current stored TODOs by something like SELECT * FROM todo WHERE user='id'
  • Display a <textarea> or similar to store new TODO (which you can do by a POST to the same page).
  • If the page gets a POST request:
    • Store new TODOs by INSERT INTO todo('id', 'sanitized $_POST["text"]')

Also, always make sure to sanitize variables before doing any of these queries.

zurfyx
  • 31,043
  • 20
  • 111
  • 145