login-page-/insert.php at main · VedPrakash36/login-page- · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>insert</title>
    <link rel="stylesheet" href="style1.css">

</head>
<body>
    <div class="sq2">
    <?php
    if(isset($_POST['submit'])){
        echo " SUBMIT BUTTON PRESSED ";
        echo "<br>";
        $username=$_POST['username'];
        $password=$_POST['password'];
        $id=$_POST['id'];
        echo " WELCOME TO THIS SITE " . $username . " YOUR PASSWORD IS " . $password . " YOUR ID IS " . $id;
        $conn=mysqli_connect("localhost","root","","SNAPBASE");
        if($conn){
            echo " connected successfully ";
        }
        else{
            echo " not connected successfully ";
        }

       /* $sql="CREATE DATABASE SNAPBASE";
        $result=mysqli_query($conn,$sql);
        if($result){
            echo " created database successfully ";
        }
        else{
            echo " not created database ";
        }
        */
       /* $sql="CREATE TABLE SNAPTABLE(ID INT(10) , USERNAME VARCHAR(15) , PASSWORD VARCHAR(15))";
        $result=mysqli_query($conn,$sql);
        if($result){
            echo " created table successfully ";
        }
        else{
            echo " not created table ";

        }
        */

        //dicourageing sql injaction
        /*$username=mysqli_real_escape_string($conn,$username);
        $password=mysqli_real_escape_string($conn,$password);

        //Encrypt our password
        $hashformat="$2y$10$";
        $salt= "hghggsgvbgbhbhsfddns22";

        $hash_and_salt = $hashformat . $salt;


        $password=crypt($password,$hash_and_salt);
*/


        //query to data base
       $sql="INSERT INTO SNAPTABLE(ID,USERNAME,PASSWORD) VALUES ('$id','$username','$password')";
        $result=mysqli_query($conn,$sql);
        if($result){
            echo " inserted table successfully ";
        }
        else{
            echo " not inserted table ";
        }

    }
?>
</div>
     <div class="container">
    <div class="box">
    <form action="insert.php" method="post">
    <h1>Enter your username</h1>
    <input type="text" name="username" placeholder="enter your username">
    <h1>Enter your password</h1>
    <input type="password" name="password" placeholder="enter your password">
    <h1>Enter your id</h1>
    <input type="text" name="id" palceholder="enter your id">
    <br>
    <br>
    <input class="sb" type="submit" name="submit" class="s1">
    </form>
</div>
</div>
</body>
</html>