Class 9 – In-Class Assignment

Posted: April 4th, 2009 | Author: amos | Filed under: assignments, php | Tags: class 9 | No Comments »

Your job today and for homework this week is to make an image-uploading service. Registered users of the service can upload images that then show up on the site home page for everyone to see.  The home page should show the latest 50 images that have been uploaded.

REGISTRATION PAGE

Users must be able to register for your site by entering in their desired username and password.  Let’s name this file “register.php”

• If a user is already “logged in”, they should be automatically redirected from this page to the HOME PAGE.  You can determine whether a user is logged in by checking the value of a cookie called “logged_in” you set when they successfully log in.
• Otherwise, if they are not already logged in, this page has a form with two fields: a username and a password
• This form submits data to a script, “process_register.php” that is specified in the <form> tag’s “action” attribute.

PROCESS REGISTRATION SCRIPT

The registration username/password entered by the user on the REGISTER PAGE submits that data to this script, which actually does the dirty work of registering the user by storing their username/password into the database.

• This script registers the user by entering a new row into a database table that holds a list of all registered users and their usernames and passwords.   Once the script has successfully completed, it should redirect the user to the HOME PAGE
• You must make sure (validate) that the user has actually entered something into the username and password fields before trying to store that information in the database.  Hint: you can use PHP’s built-in empty() function to determine whether or not any PHP variable is an empty string.
• If you determine that a user has not entered in a username or password in the form fields, you should redirect them to the REGISTRATION PAGE with an error message displayed.

LOGIN PAGE

Once a user is registered, they have to log in to see your site. If they are not logged in, and they try to access any of the pages on the site, they should be redirected to the login page.  Name this file “login.php”.  This page has a form that the user fills in with their username and password.

PROCESS LOGIN SCRIPT

The LOGIN PAGE submits the data to this script, named “process_login.php”.  This is the page that processes the data that the user entered in on the LOGIN PAGE

• when a user tries to log in, you will compare the username and password that they enter in the log-in page to entries in the database table that holds a list of usernames and passwords for all registered users.
• If there is a match, meaning that the username and password they entered matches a row in the database table, you should set a cookie called “logged_in” and give it the value “true”.  The presence of this cookie will indicate that they have been “authenticated” and are now logged into the site.  All other pages on the site will check to see if that cookie exists, and if it is, the pages will “know” that the user has logged in.
• You want to also set a cookie called “username” and give it the value of the username for this user.  You will read this cookie when a user uploads an image and you want to store the username of the user who uploaded the image.
• if a user enters an incorrect username/password combination on the log-in page, you should redirect them back to the LOGIN PAGE, and show an error message at the top of the page indicating that they entered a wrong username/password combination.

HOME PAGE

The home page displays a list of the 50 latest images that were uploaded by any user.  Name this file “index.php”

• users can only see the home page if they are already logged in.  You can determine if they are logged in by checking for a “logged_in” cookie that is set only when they successfully log in… otherwise they should be redirected to the LOGIN PAGE
• all images on the page should show the image, a one-line caption, and the username of the user who uploaded it.
• all the data for the images, captions, etc comes from the database

UPLOAD PAGE
In order to upload images to the site, there must be a page that has a form where they can upload the images to the server.  Let’s call this page “upload.php”

• users must be logged in to see this page, otherwise they are redirected to the LOGIN PAGE with a user-friendly error message
• this page must have a form with a file input field so the user can submit the file they want to upload
• this page also has a text input for the caption
• the “action” parameter of the <form> tag on this page should be a file called “process_upload.php” that uploads the file to the server, stores the image information as a new row in the database table that holds all the information about all images that have been uploaded, and then redirects the user to the HOME PAGE.

PROCESS UPLOAD SCRIPT

The form on the UPLOAD PAGE submits the data to the script, called “process_upload.php”, which handles the dirty work of uploading the image to the server, writing the image information to a database table, and then redirecting the user back to the homepage.

• the script checks to make sure the user is logged in… if they’re not it redirects them to the HOME PAGE with a user-friendly error
• this script receives the data for the caption and image file that the user uploaded using the $_REQUEST variable
• this script uploads the image and moves that image file to a permanent directory, named “files”
• then the script stores the caption, image file path, and username of the user who uploaded it to a new row in the database table of images.
• if there is an error uploading the image, this page shows a nice user-friendly error message
• if the upload succeeds, the script redirects them to the HOME PAGE with a user-friendly error indicating that their upload succeeded and the image was successfully uploaded

No related posts.

---