need completion of mysql database php assignment

profilenightmare
projectfile.zip

projectfile/addcomment.php

<?php session_start(); require('user.php'); $user = new User('270kimmgill'); $user->loginCheck('loginform.php'); ?><!DOCTYPE html> <html> <head> <title>IST270</title> </head> <body> <h1>Welcome, <?php echo $user->getFirstname(), " ", $user->getLastname(); ?>! Add a comment.</h1> <h2> <form action="savecomment.php" method="post"> <textarea rows="6" cols="30" name="comment"> </textarea> <br> <button>Save</button> </form> </h2> <p><a href="logout.php">Log out</a></p> </body> </html>

projectfile/confirm.php

<?php session_start(); ?><!DOCTYPE html> <html> <head> <title>Please Confirm</title> <?php function formfield($key,$label){ echo "<input type='hidden' name='$key' value='{$_POST[$key]}'>"; echo "$label: $_POST[$key]<br>"; } ?> </head> <body> <h2> <form action="insert.php" method="post"> <?php formfield('first','First name'); formfield('last','Last name'); formfield('phone','Phone'); formfield('age','Age'); formfield('address','Address'); formfield('city','City'); formfield('state','State'); formfield('zip','Zip code'); formfield('username','User name'); formfield('password','Password'); echo "<input type='hidden' name='access' value='registered'>"; ?> <button>save this record</button> </form> <button onclick="history.back()">make corrections</a> </h2> </body> </html>

projectfile/db.php

<?php class Database { private $hostname = "dev.mtc-ist.com"; private $username = "270kimmgill"; private $password = "270kimmgill"; private $database = NULL; private $connection = NULL; public function __construct($dbname) { $this->database = $dbname; $this->connection = new mysqli($this->hostname, $this->username, $this->password, $this->database); if ($this->connection->connect_error) { die('Connect Error: ' . $this->connection->connect_error); } } public function getConnection() { return $this->connection; } public function getDBName() { return $this->database; } public function sanitize($data,$type){ if ($type=='int') { if (is_numeric($data)) return intval($data); else die ("Error: " . $data . " is not a number."); } if ($type=='double') { if (is_numeric($data)) return floatval($data); else die ("Error: " . $data . " is not a number."); } if ($type=='string'){ $data = stripslashes($data); $data = filter_var($data,FILTER_SANITIZE_STRING); $data = $this->connection->real_escape_string($data); return $data; } return null; } public function getColumnNames($result) { $colnames = array(); foreach($result->fetch_fields() as $fieldName) $colnames[] = $fieldName->name; return $colnames; } }

projectfile/error_log

[07-Dec-2016 10:23:16 America/New_York] PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so' - /usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so: cannot open shared object file: No such file or directory in Unknown on line 0 [07-Dec-2016 13:15:44 America/New_York] PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so' - /usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so: cannot open shared object file: No such file or directory in Unknown on line 0 [07-Dec-2016 13:16:13 America/New_York] PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so' - /usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so: cannot open shared object file: No such file or directory in Unknown on line 0 [07-Dec-2016 13:16:16 America/New_York] PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so' - /usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so: cannot open shared object file: No such file or directory in Unknown on line 0 [07-Dec-2016 13:16:16 America/New_York] PHP Warning: require_once(db.php): failed to open stream: No such file or directory in /home/kimmgillie/public_html/projectfile/insert.php on line 8 [07-Dec-2016 13:16:16 America/New_York] PHP Fatal error: require_once(): Failed opening required 'db.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/kimmgillie/public_html/projectfile/insert.php on line 8 [07-Dec-2016 14:21:35 America/New_York] PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so' - /usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so: cannot open shared object file: No such file or directory in Unknown on line 0 [07-Dec-2016 14:21:38 America/New_York] PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so' - /usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so: cannot open shared object file: No such file or directory in Unknown on line 0 [07-Dec-2016 14:21:49 America/New_York] PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so' - /usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so: cannot open shared object file: No such file or directory in Unknown on line 0 [07-Dec-2016 14:21:56 America/New_York] PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so' - /usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so: cannot open shared object file: No such file or directory in Unknown on line 0 [07-Dec-2016 14:21:56 America/New_York] PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so' - /usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so: cannot open shared object file: No such file or directory in Unknown on line 0 [07-Dec-2016 17:54:46 America/New_York] PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so' - /usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so: cannot open shared object file: No such file or directory in Unknown on line 0 [07-Dec-2016 17:55:01 America/New_York] PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so' - /usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so: cannot open shared object file: No such file or directory in Unknown on line 0 [07-Dec-2016 17:55:01 America/New_York] PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so' - /usr/local/lib/php/extensions/no-debug-non-zts-20131226/mysqli.so: cannot open shared object file: No such file or directory in Unknown on line 0

projectfile/insert.php

<?php session_start(); ?><!DOCTYPE html> <html><head><title>Register</title></head> <body> <?php function cleanup($key){ return filter_var($_POST[$key],FILTER_SANITIZE_STRING); } require_once('db.php'); require_once('user.php'); $db = new Database('270kimmgill'); $user = new User("270kimmgill"); $user->setFirstname(cleanup('first')); $user->setLastname(cleanup('last')); $user->setPhone(cleanup('phone')); $user->setAge((int)$_POST['age']); $user->setAddress(cleanup('address')); $user->setCity(cleanup('city')); $user->setState(cleanup('state')); $user->setZip(cleanup('zip')); $user->setAccess(cleanup('access')); $uname = cleanup('username'); if (!$user->setUsername($uname)) die ("Sorry, $uname is taken. Try <a href='userform.php'>another username</a>. "); // NB: setUsername must be called before setPassword $id = $user->setPassword($_POST['password']); if (!$user->insert($id)) die ("Cannot insert this user"); echo "<h1>Inserted {$user->getFirstname()} {$user->getLastname()} {$user->getPhone()} age:{$user->getAge()}<br>{$user->getAddress()} {$user->getState()} {$user->getZip()} </h1>"; ?> <a href="register.php">Insert another</a> <a href="loginform.php">Log in</a> </body></html>

projectfile/login.php

<?php session_start(); require_once('user.php'); $user = new User('270kimmgill'); $user->login($_POST['username'],$_POST['password'], 'showcomments.php','loginformagain.php',isset($_POST['save'])); ?> <h1>Should not see this</h1>

projectfile/loginform.php

<?php session_start(); ?><!DOCTYPE html> <html> <head> <title>IST270</title> </head> <body> <h2> <form method="post" action="login.php"> <label>Username: <input type="text" name="username"></label><br> <label>Password: <input type="text" name="password"></label><br> <label><input type="checkbox" name="save" value="save"> Remember me on this computer</label><br> <button>Log in</button> </form> <br>No account? <a href="register.php">Register</a> </h2> </body> </html>

projectfile/loginformagain.php

Those credentials were not correct. Try again.

Username: Password: Remember me on this computer Log in

projectfile/logout.php

<?php session_start(); $_SESSION = array(); if (isset($_COOKIE['save'])) { setcookie('save', '', time()-360000); } if (isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time()-360000); } session_destroy(); header("Location: loginform.php"); ?>

projectfile/register.php

$label: "; } ?>

"; ?> Save

projectfile/savecomment.php

<?php session_start(); require('user.php'); $user = new User('270kimmgill',''); $user->loginCheck('loginform.php'); $body = filter_var($_POST['comment'],FILTER_SANITIZE_STRING); $id = (int)$user->getId(); $query = "INSERT INTO Comment (userID, body) VALUES ($id,'$body');"; require_once('db.php'); $db = new Database('270kimmgill'); $cn = $db->getConnection(); if (!$rs = $cn->query($query)) die("error!!!"); header("Location: showcomments.php"); ?>

projectfile/showcomments.php

<?php session_start(); require('user.php'); $user = new User('270kimmgill'); $user->loginCheck('loginform.php'); ?><!DOCTYPE html> <html> <head> <title>IST270</title> </head> <body> <h1>Welcome, <?php echo $user->getFirstname(), " ", $user->getLastname(); ?>!</h1> <h2><?php $query = "SELECT ID, userID, body from Comment order by ID desc;"; require_once('db.php'); //require_once('user.php'); $db = new Database('270kimmgill'); $cn = $db->getConnection(); if (!$rs=$cn->query($query)) die ("Could not get comments"); while($row = $rs->fetch_array(MYSQLI_ASSOC)) { $poster = new User('270kimmgill',$row['userID']); echo $poster->getFirstname(), " ", $poster->getLastname(), " says '", $row['body'], "'<br>"; } ?></h2> <p><a href="addcomment.php">Add a comment</a></p> <p><a href="logout.php">Log out</a></p> </body> </html>

projectfile/user.php

<?php class User { private $dbname; private $id; private $firstname; private $lastname; private $phone; private $age; private $address; private $city; private $state; private $zip; private $username; private $password; private $access; /* The constructor takes two parameters. If the second is a number, it uses that for the ID of the User object. If it is '', it uses the ID of the logged in user, if any. */ public function __construct($dbn,$uid='') { $this->dbname=$dbn; if(isset($_COOKIE['save'])) $_SESSION['userid'] = $_COOKIE['save']; if ($uid !== '') $id = $uid; else if (isset($_SESSION['userid'])) $id = $_SESSION['userid']; else return; $this->id = $id; require_once("db.php"); // check the path $db = new Database($dbn); $cn = $db->getConnection(); $query = "Select id,firstname,lastname,phone,age,address,city,state,zip,username,access from user WHERE id=$id;"; $rs = $cn->query($query); if (!$rs) die ('Error, could not retrieve user.'); $row = $rs->fetch_array(MYSQLI_ASSOC); $this->firstname = $row['firstname']; $this->lastname = $row['lastname']; $this->phone = $row['phone']; $this->age = $row['age']; $this->address = $row['address']; $this->city = $row['city']; $this->state = $row['state']; $this->zip = $row['zip']; $this->username = $row['username']; $this->access = $row['access']; } /* Accessor (getter) methods. */ public function getId() { return $this->id; } public function getFirstname() { return $this->firstname; } public function getLastname() { return $this->lastname; } public function getPhone() { return $this->phone; } public function getAge() { return $this->age; } public function getAddress() { return $this->address; } public function getCity() { return $this->city; } public function getState() { return $this->state; } public function getZip() { return $this->zip; } public function getUsername() { return $this->username; } public function getAccess() { return $this->access; } /* This returns an array of all of the useful fields of the object */ public function getAssoc() { $result=array(); $result['id'] = $this->id; $result['firstname'] = $this->firstname; $result['lastname'] = $this->lastname; $result['phone'] = $this->phone; $result['age'] = $this->age; $result['address'] = $this->address; $result['city'] = $this->city; $result['state'] = $this->state; $result['zip'] = $this->zip; $result['username'] = $this->username; $result['access'] = $this->access; return $result; } /* Mutator (setter) methods */ public function setFirstname($f) { $this->firstname=$f; } public function setLastname($l) { $this->lastname=$l; } public function setPhone($p) { $this->phone=$p; } public function setAge($a) { $this->age=$a; } public function setAddress($a) { $this->address=$a; } public function setCity($c) { $this->city=$c; } public function setState($s) { $this->state=$s; } public function setZip($z) { $this->zip=$z; } /* setUsername will first check for a duplicate username and return FALSE if it is, otherwise set the field and return TRUE */ public function setUsername($n) { require_once('db.php'); // check the path $db = new Database($this->dbname); $cn = $db->getConnection(); $n = $db->sanitize($n,'string'); $query = "SELECT id FROM user WHERE username='$n';"; if (!$rs=$cn->query($query)) { return FALSE; } if ($row = $rs->fetch_array(MYSQLI_ASSOC)) { return FALSE; } $this->username=$n; return TRUE; } public function setAccess($a) { $this->access=$a; } /* setPassword assumes that the username field has been set already. If a row with the username field in it is in the user table, the id is fetched and used to hash the password. If no row with the current username is in the table, a row is added with the username and auto_increment id. In either case, the id is returned. */ public function setPassword($p) { require_once('db.php'); // check the path $db = new Database($this->dbname); $cn = $db->getConnection(); $query = "SELECT id FROM user WHERE username='{$this->username}';"; $rs = $cn->query($query); if (!$rs) die ("problem in setPassword after select"); if ($row = $rs->fetch_array(MYSQLI_ASSOC)) { $id = $row['id']; } else { $query2 = "INSERT INTO user (username) VALUES ('{$this->username}');"; $rs2 = $cn->query($query2); if (!$rs2) die ("Cannot insert a user in setPassword"); $rs = $cn->query($query); if (!$rs) die ("problem in setPassword after new row select"); if ($row = $rs->fetch_array(MYSQLI_ASSOC)) { $id = $row['id']; } } $this->password=$this->passhash($p,$id); return $id; } /* The user is sent to another URL if the session variable is not set. */ public function loginCheck($failpage){ if (!isset($_SESSION['userid'])) header("Location: $failpage"); } /* passhash hashes passwords, given the password and the user id. */ private function passhash($p,$i) { $salt = "81b2((&75e33044a"; $sitekey = "d91791c4bc5d9f3601c587f227aa57f6cf270482244eb41ed3380262bcd829ef"; return hash_hmac('sha512',$p . $i . $salt, $sitekey); } /* login takes the username, password, location for successful logins, location for failed logins, and a boolean representing whether the user wants to save their login as a cookie. If the username is not found, the login fails. If the (hashed) password for that username does not match the (hashed) password in the DB, the login fails. If the username and password match, a session variable is saved with the ID, and a cookie is set if the user wants to remain logged in. */ public function login($uname,$password,$passloc,$failloc,$wanttosave){ require_once('db.php'); // check the path $db = new Database($this->dbname); $cn = $db->getConnection(); $uname = $db->sanitize($uname,'string'); $query = "SELECT id FROM user WHERE username='$uname';"; $rs = $cn->query($query); if (!rs) header("Location: $failloc"); if ($row = $rs->fetch_array(MYSQLI_ASSOC)) $id = $row['id']; else header("Location: $failloc"); $pw = $this->passhash($password,$id); $query1 = "SELECT * FROM user WHERE username='$uname' and password='$pw';"; if ($rs=$cn->query($query1)){ $row = $rs->fetch_array(MYSQLI_ASSOC); if ($row){ if ($wanttosave) setcookie('save',$id,time()+365*24*60*60); $_SESSION['userid']=$id; header("Location: $passloc"); } else { header("Location: $failloc"); } } } /* insert assumes that a row with the new unique username has been inserted, and that the matching id is $id */ public function insert($id) { require_once('db.php'); // check the path $db = new Database($this->dbname); $cn = $db->getConnection(); $query = "UPDATE user SET firstname=?, lastname=?, phone=?, age=?, address=?, city=?, state=?, zip=?, username=?, password=?, access=? WHERE id=$id;"; $stmt = $cn->prepare($query); $stmt->bind_param("sssisssssss",$this->firstname,$this->lastname,$this->phone,$this->age,$this->address, $this->city,$this->state,$this->zip,$this->username,$this->password, $this->access); $rs = $stmt->execute(); if (!$rs) return FALSE; return TRUE; } }