Xa y dng ng du ng login va a ng
k tha nh vie n theo mo hnh hng oi
tng va mvc
Nghim nh Mng
Contents
Ci t project ......................................................................................................................................... 2
Config.php ............................................................................................................................................... 2
To c s d liu:.................................................................................................................................... 3
Connect.php ............................................................................................................................................ 3
Views/user/signup.phtml........................................................................................................................ 4
User/signup.php ..................................................................................................................................... 5
Models/user/model_user.php ................................................................................................................ 6
Update li file User/signup.php .............................................................................................................. 7
Views/user/login.phtml .......................................................................................................................... 7
Update user/login.php ............................................................................................................................ 8
Bo mt thng tin ................................................................................................................................... 9
Qun l phin ng nhp ca ngi dng ............................................................................................ 10
Trangchu/Index.php.............................................................................................................................. 10
Views/index/index.phtml...................................................................................................................... 11
Redirect link .......................................................................................................................................... 11
Chuyn t trang index.php sang trang /trangchu/index.php ........................................................... 12
Nu ngi dng cha ng nhp th khi vo trang ch s chuyn sang trang ng nhp: ............. 12
Khi ng nhp ng th chuyn sang trang ch................................................................................ 12
Khi ng k xong chuyn sang trang ng nhp ............................................................................... 12
Vn x l d liu gi n t ngi dng: ........................................................................................ 13
Ci t project
Cc bn to project mi, v d myweb v t th mc htdocs vi h thng file nh sau:
Config.php
File config.php l file chng ta cu hnh ng dng. V d nh c s d liu, cc hng s... By gi
cc bn m file config.php v code ni dung sau (gi tr ca cc hng s cc bn c th thay i cho
ph hp):
To c s d liu:
u tin chng ta to c s d liu v d myweb trong phpmyadmin
Connect.php
File ny dng kt ni c s d liu, cc bn m file nn v code ni dung sau:
Views/user/signup.phtml
y l file view ca controller signup.php dng hin th form ng k ngi dng.
User/signup.php
By gi chng ta to controller cho view signup.phtml .
u tin chng ta phi x l nu ngi dng nht nt submit th tin hnh x l form bng lnh
isset(), sau kim tra xem ngi dng nhp thng tin cha, nu cha th bo li, nu y
thng tin th x l thm thnh vin.
Lu cc bn c th kim tra tng form input thng bo ng nhp thiu. Minh ch minh ha
nn gp chung li lm mt.
Sau khi x l xong th chng ta phi include view ca controller bng lnh include_once();
Models/user/model_user.php
y l file cha cc hm tng tc vi c s d liu ca controller user. u tin phi include file
connect.php c th kt ni vi c s d liu.
Cc bn ch sau ny gii thch cho mnh ti sao li dng lnh:
include "../models/connect.php";
m khng phi l
include "../user/connect.php"
Trong class user c hai phng thc l signup dng ng k thnh vin mi vi u vo l mt
mng thng tin user. Cn phng thc th hai l get_user_by_username dng ly ra user khi bit
tn ng nhp ca user .
Sau ta kim tra xem tn ngi dng c b trng lp hay khng v cui cng l thm thnh vin mi
vo c s d liu.
n y coi nh xong phn chnh ca vic ng k thnh vin, gi n lm trang ng nhp:
Views/user/login.phtml
File ny tng t file singup.phtml dng hin th form ng nhp:
Update user/login.php
Ta tin hnh x l ng nhp
Tng t nh ng k thnh vin.
u tin chng ta phi kim tra khi no c ngi dng ng nhp x l.
Khi c ng nhp th phi kim tra xem y thng tin cha.
Khi y ri th ta kim tra xem ngi dng c tn ti hay khng
Nu c th kim tra xem mt khu ngi dng c ng hay khng
Sau y l ton b code login.php
Bo mt thng tin
Gi s khi hacker c th ly c d liu c s d liu ca ta th c th thy c ti khon v mt
khu. Cu hi t ra l lm th no m ha mt khu hacker khng th bit
Rt may l php h tr chng ta phng th md5() m ha theo kiu md5, do vy trc khi chn
vo c s d liu cc bn sa :
Sau khi ngi dng ng nhp th chng ta dng mt bin session lu tr thng tin ngi dng,
kim tra ngi dng c ng nhp hay khng ta ch cn kim tra xem bin ny c tn ti hay khng
Trangchu/Index.php
Ti trang ch khi ngi dng ng nhp vo th s c li cho n ngi dng . Nh vy ta phi
da vo bin session ly thng tin ngi dng, truy vn c s d liu v hin th tn ngi dng
.
Views/index/index.phtml
Index.phtm l view ca index.php hin th ni dung trang ch cc bn phi code vo view ny:
Kt qu:
Redirect link
Chuyn trang l vn thng gp trong website. Php c h tr hm header(tham s); gip ta
lm vic ny.
Hoc nu nguy him hn l ngi dng ng k h tn kiu DELETE.user khi truy vn c s d liu
c th gy xa ton b d liu trong bng ( tn cng SQL injection). C th khc phc bng cch
chuyn thnh xu v loi b k t c bit trc khi truy vn c s d liu, v d: select user
thnhselect \ user ri mi truy vn c s d liu.
Vn t ra cho cc bn l xy dng cc hm x l cc vn trn.