First commit

Upload files

README.md

@@ -0,0 +1,48 @@
+
+# Login and CRUD project
+=======================================
+
+developed from scratch by Carolina Tronci
+
+* * *
+
+This is my first elaborated project in PHP and it's a crud with a login form to access.
+The application allows you to show the list of users, create a new one, modify and delete it.
+To access these features it is necessary to be registered and to login. It is possible to register yourself on the appropriate page.
+
+### List of features
+
+*   Login
+*   Registration
+*   Create
+*   Read
+*   Update
+*   Delete
+
+### Demo project
+
+[Show demo](http://crud-carolina-tronci.42web.io) 
+
+
+### screenshot
+
+![screenshot show users](/img/show.png "table users")
+![screenshot login page](/img/login.png "login page")
+
+
+### What I learned
+
+I have learned to develop this application by putting into practice the theory learned in the last few weeks.
+The biggest difficulties were in the editing part, for example in the blindvalues part, but this allowed me to better understand how to manipulate the data received from a user through a form and how to avoid external attacks.
+After implementing the first part of the CRUD, I decided to add the login functionality and it was a bit tricky but I enjoyed it. I learned the basics of cryptography and in particular how to send encrypted data to the database and retrieve it to verify correspondence.
+For the graphic part I decided to use bootstrap and for the forms I started from an existing template found on the web and I modified it for my needs.
+The project was very interesting and I will continue to work on it to improve it further.
+
+
+### Author
+
+*   Carolina Tronci
+
+### License
+
+This project is licensed under the MIT License

create_privilege.php

@@ -0,0 +1,68 @@
+<?php
+$title = 'create new privilege user';
+$link_css = "'css/form.css'";
+
+include("./partials/db.php");
+
+$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+
+$name = "";
+$privilege = "";
+
+$error = false;
+
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
+    $name = $_POST['name'];
+    $privilege = $_POST['privilege'];
+
+    if (!empty($name) && !empty($privilege)) {
+
+        $statement = $pdo->prepare("INSERT INTO type (name_privilege, privilege) VALUES (:name, :privilege)");
+        $statement->bindValue(':name', $name);
+        $statement->bindValue(':privilege', $privilege);
+        $statement->execute();
+        header("location:show.php");
+    } else $error = true;
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<?php include("./partials/head.php");
+?>
+
+<body>
+    <header class="blue">
+        <?php include("./partials/nav.php") ?>
+    </header>
+
+    <body>
+        <div class="container">
+        <?php if ($error) : ?>
+            <div class="alert alert-danger alert-width" role="alert">
+                <p>Insert all the imputs</p>
+            </div>
+            <?php endif ?>
+            <div class="form">
+
+                <form method="POST" enctype="multipart/form-data">
+                    <h2 class="title">Create privilege</h2>
+
+                    <div class="input-container ic2">
+
+                        <input type="text" name="name" id="name" class="input" placeholder=" " required>
+                        <div class="cut"></div><label for="nome" class="placeholder">privilege name</label>
+                    </div>
+                    <div class="input-container ic2">
+
+                        <input type="number" name="privilege" id="privilege" class="input" placeholder="privilege level " min="1" required> <label for="surname"></label>
+                    </div>
+
+                    <button type="text" class="submit">submit</button>
+                </form>
+            </div>
+        </div>
+        <?php include("partials/js-bs.html"); ?>
+
+    </body>
+
+</html>

create_user.php

@@ -0,0 +1,121 @@
+<?php
+$title = 'create user';
+include("./partials/db.php");
+$link_css = "'css/form.css'";
+
+$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+
+$name = "";
+$surname = "";
+$adress = "";
+$citta = "";
+$type_id = "";
+
+$error = false;
+if ($_SERVER["REQUEST_METHOD"] == "GET") {
+  $query = $pdo->query("SELECT * FROM type");
+  $privileges = $query->fetchAll();
+}
+
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
+  $name = htmlspecialchars($_POST['name']);
+  $surname = htmlspecialchars($_POST['surname']);
+  $adress = htmlspecialchars($_POST['adress']);
+  $city = htmlspecialchars($_POST['city']);
+  $type_id = htmlspecialchars($_POST['type_id'], 0);
+
+  if (!empty($name) && !empty($surname) && !empty($adress) && !empty($city) && !empty($type_id)) {
+    $statement = $pdo->prepare("INSERT INTO users (name, surname, adress, city, type_id) VALUES (:name, :surname, :adress, :city, :type_id)");
+    $statement->bindValue(':name', $name);
+    $statement->bindValue(':surname', $surname);
+    $statement->bindValue(':adress', $adress);
+    $statement->bindValue(':city', $city);
+    $statement->bindValue(':type_id', $type_id);
+    $statement->execute();
+    header("location:show.php");
+  } else $error = true;
+}
+
+
+
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<?php include("./partials/head.php");
+?>
+
+<body>
+  <header class="blue">
+    <?php include("./partials/nav.php") ?>
+  </header>
+
+  <body>
+    <main>
+      <div class="container text-center">
+        <?php if ($error) : ?>
+          <div class="alert alert-danger alert-width" role="alert">
+            <p>Insert all the imputs</p>
+          </div>
+        <?php endif ?>
+        <div class="form">
+
+          <h2 class="title">Insert new user</h2>
+          <form method="POST">
+
+            <div class="input-container ic1">
+              <input id="name" class="input" type="text" placeholder=" " name="name" required />
+              <div class="cut"></div>
+              <label for="name" class="placeholder">name</label>
+            </div>
+
+            <div class="input-container ic2">
+              <input id="surname" class="input" type="text" placeholder=" " name="surname" required />
+              <div class="cut"></div>
+              <label for="surname" class="placeholder">Surname</label>
+            </div>
+
+            <div class="input-container ic2">
+              <input id="address" class="input" type="text" placeholder=" " name="adress" required />
+              <div class="cut cut-short"></div>
+              <label for="address" class="placeholder">address</>
+            </div>
+
+            <div class="input-container ic2">
+              <input id="city" class="input" type="text" placeholder=" " name="city" required />
+              <div class="cut cut-short"></div>
+              <label for="city" class="placeholder">citta</>
+            </div>
+
+            <div class="input-container ic2">
+              <select name="type_id" required>
+                <option value="">select privilege</option>
+                <?php foreach ($privileges as $privilege) : ?>
+                  <option value="<?php echo $privilege[0]; ?>">
+                    <?php echo $privilege[1]; ?>
+                  </option>
+                <?php endforeach ?>
+              </select>
+              <label for="city"></label>
+
+            </div>
+
+            <div class="">
+              <input type="submit" class="submit" value="Insert">
+            </div>
+          </form>
+        </div>
+      </div>
+    </main>
+    <?php include("partials/js-bs.html") ?>
+  </body>
+
+
+
+</html>
+<!-- Realizzare un sito in grado di permettere la registrazione di un utente, questo deve poter inserire: 1 tipo di utente, 2: nome, 3: cognome, 4: indirizzo, 5:citta’
+Creare una tabella user con le colonne richieste
+Creare una tabella type che rappresenti il tipo di utente, che deve avere name, privilege, created at
+Utente, 1
+Editor, 2
+Admin, 3 -->

css/form.css

@@ -0,0 +1,104 @@
+.alert-width {
+  width: 20em;
+  margin: 0 auto;
+}
+.blue {
+  background-color: #15172b !important;
+}
+.form {
+  background-color: #15172b;
+  border-radius: 20px;
+  box-sizing: border-box;
+  padding: 1.3em;
+  width: 20em;
+  margin: 2em auto;
+}
+
+.title {
+  color: #eee;
+  font-family: sans-serif;
+  font-size: 2.3em;
+  font-weight: 600;
+  margin-top: 0.3em;
+}
+
+.input-container {
+  height: 3em;
+  position: relative;
+  width: 100%;
+}
+
+.ic1,
+.ic2 {
+  margin-top: 1.5em;
+}
+
+.input,
+select {
+  background-color: #303245;
+  border-radius: 12px;
+  border: 0;
+  box-sizing: border-box;
+  color: #eee;
+  height: 100%;
+  padding-left: 1em;
+  width: 100%;
+  outline: 0;
+}
+
+.cut {
+  background-color: #15172b;
+  border-radius: 10px;
+  height: 20px;
+  left: 20px;
+  position: absolute;
+  top: -20px;
+  transform: translateY(0);
+  transition: transform 200ms;
+  width: 76px;
+}
+
+.cut-short {
+  width: 50px;
+}
+
+.input:focus ~ .cut,
+.input:not(:placeholder-shown) ~ .cut {
+  transform: translateY(8px);
+}
+
+.placeholder {
+  color: #65657b;
+  font-family: sans-serif;
+  left: 1em;
+  line-height: 14px;
+  pointer-events: none;
+  position: absolute;
+  transform-origin: 0 50%;
+  transition: transform 200ms, color 200ms;
+  top: 1.4em;
+  background-color: transparent;
+}
+
+.input:focus ~ .placeholder,
+.input:not(:placeholder-shown) ~ .placeholder {
+  transform: translateY(-30px) translateX(10px) scale(0.75);
+}
+
+.input:focus ~ .placeholder {
+  color: #dc2f55;
+}
+
+.submit {
+  background-color: rgb(18, 104, 157);
+  border-radius: 12px;
+  border: 0;
+  box-sizing: border-box;
+  color: #eee;
+  cursor: pointer;
+  font-size: 18px;
+  height: 50px;
+  margin-top: 1.5em;
+  text-align: center;
+  width: 100%;
+}

delete.php

@@ -0,0 +1,16 @@
+<?php
+include("./partials/db.php");
+
+$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+
+$id = $_POST['id'];
+$error = false;
+
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
+    if (!empty($id)) {
+        $statement = $pdo->prepare("DELETE FROM users WHERE users.id = $id");
+
+        $statement->execute();
+    } else echo $error = true;
+    header("location:show.php");
+}