Add exams from exam100 to exam150

2024-05-13 08:50:26 +02:00
parent 4fd956ddac
commit 56492d171c
13 changed files with 366 additions and 0 deletions
--- a/exam135/core.inc.php
+++ b/exam135/core.inc.php
@@ -0,0 +1,26 @@
+<?php
+ob_start();
+session_start();
+$current_file = $_SERVER['SCRIPT_FILENAME'];
+
+if(isset($_SERVER['HTTP_REFERER']) && !empty($_SERVER['HTTP_REFERER'])){
+    $http_referer = $_SERVER['HTTP_REFERER'];
+}
+
+function loggedin(){    
+    if (isset($_SESSION['user_id']) && !empty($_SESSION['user_id'])) {
+        return true;
+    } else {
+        return false;
+    }
+}
+
+function getuserfield($field){
+    global $con;
+    $query = "SELECT `$field` FROM `users` WHERE `id`= '" . $_SESSION['user_id']. "'";
+    if($query_run = mysqli_query($con,$query)){
+        $row = mysqli_fetch_assoc($query_run);
+        return $field = $row[$field];
+    }
+}
+?>
--- a/exam135/index.php
+++ b/exam135/index.php
@@ -0,0 +1,13 @@
+<?php 
+
+require '/var/www/nikola/practice/exam110/connect.inc.php';
+require 'core.inc.php';
+
+if (loggedin()) {
+    $firstname = getuserfield('firstname');
+    $surname = getuserfield('surname');
+    echo ' You are logged in '. $firstname. ' '.$surname.' <a href="logout.php">Log out</a><br>';
+} else {
+    include 'loginform.inc.php';
+}
+?> 
--- a/exam135/loginform.inc.php
+++ b/exam135/loginform.inc.php
@@ -0,0 +1,37 @@
+<?php
+
+
+
+if (isset($_POST['username']) && isset($_POST['password'])) {
+    $username = $_POST['username'];
+    $password = $_POST['password'];
+    $password_hash = md5($password);
+
+    if (!empty($username) && !empty($password)) {
+        $query = "SELECT `id` FROM `users` WHERE `username` ='" . mysqli_real_escape_string($con, $username) .
+                 "' AND `password` = '" .mysqli_real_escape_string($con, $password_hash )."'";
+        if ($query_run = mysqli_query($con, $query)) {
+            $query_num_rows = mysqli_num_rows($query_run);
+            if ($query_num_rows == 0) {
+                echo 'invalid username/password combination';
+            } else if ($query_num_rows == 1) {
+                //treba nam $user_id
+                $row = mysqli_fetch_assoc($query_run);
+                $user_id = $row['id'];
+
+                $_SESSION['user_id'] = $user_id;
+                header('Location: index.php');
+            }
+        } else {
+        }
+    } else {
+        echo 'You must suply username or password';
+    }
+}
+
+?>
+
+<form action="<?php $current_file; ?>" method="POST">
+    Username: <input type="text" name="username"> Password: <input type="password" name="password">
+    <input type="submit" value="Submit">
+</form>
--- a/exam135/logout.php
+++ b/exam135/logout.php
@@ -0,0 +1,8 @@
+<?php 
+
+require 'core.inc.php';
+
+session_destroy();
+header('Location: '. $http_referer);
+
+?>
--- a/exam135/register.php
+++ b/exam135/register.php
@@ -0,0 +1,69 @@
+<?php
+require '/var/www/nikola/practice/exam110/connect.inc.php';
+require 'core.inc.php';
+
+// Nece da doda id !!! to pogledaj u ponedeljak
+
+if (!loggedin()) {
+    if (
+        isset($_POST['username']) && isset($_POST['password']) && isset($_POST['password_again']) &&
+        isset($_POST['firstname']) && isset($_POST['surname'])
+    ) {
+        $username = $_POST['username'];
+
+        $password = $_POST['password'];
+        $password_again = $_POST['password_again'];
+        $password_hash = md5($password);
+
+        $firstname = $_POST['firstname'];
+        $surname = $_POST['surname'];
+
+        if (
+            !empty($username) && !empty($password) && !empty($password_again) &&
+            !empty($firstname) && !empty($surname)
+        ) {
+            if(strlen($username) > 30 || strlen($firstname) > 40 || strlen($surname) > 40){
+                echo 'Please ahear to maxlength of fields';
+            }else{
+                if ($password != $password_again) {
+                    echo 'Passwords do not match';
+                } else {
+                    $query = "SELECT `username` FROM `users` WHERE `username` ='$username'";
+                    $query_run = mysqli_query($con, $query);
+                    if (mysqli_num_rows($query_run) == 1) {
+                        echo 'The username ' . $username . 'already exists';
+                    } else {
+                        $query = "INSERT INTO `users` VALUES(NULL ,'" . mysqli_real_escape_string($con, $username) .
+                            "','" . mysqli_real_escape_string($con, $password_hash) . "','" . mysqli_real_escape_string($con, $firstname) .
+                            "','" . mysqli_real_escape_string($con, $surname) . "')";
+                        if($query_run = mysqli_query($con,$query)){
+                            header('Location: register_success.php');
+                        } else {
+                            echo 'We could not register you!';
+                        }
+                        
+                    }
+                }
+            }
+        } else {
+            echo 'All fields are required';
+        }
+    }
+?>
+
+    <form action="register.php" method="POST">
+        Username: <br> <input type="text" name="username" maxlength="30" value="<?php if(isset($username)) {echo $username; } ?>"><br><br>
+        Password: <br> <input type="password" name="password"><br><br>
+        Password again: <br> <input type="password" name="password_again"><br><br>
+        Firstname: <br> <input type="text" name="firstname" maxlength="40" value="<?php if(isset($firstname)) {echo $firstname; }  ?>"><br><br>
+        Surname: <br> <input type="text" name="surname" maxlength="40" value="<?php if(isset($surname)) {echo $surname; } ?>"><br><br>
+        <input type="submit" value="Register">
+    </form>
+
+<?php
+
+} else if (loggedin()) {
+    echo 'You are already registered and logged in !';
+}
+
+?>
--- a/exam135/register_success.php
+++ b/exam135/register_success.php
@@ -0,0 +1 @@
+<h1>You are registered ! </h1>