Introduction
Error Management
To control PHP’s error message display, you can use either the function error_reporting() or ini_set(). The latter takes two argument strings, the name of the option to change (error_reporting) and a numerical string that tells what level of error reporting you want (such as '0' to turn error reporting off). The advantage of using error_reporting() is that it takes just one argument, and you can use the symbolic constants, such as E_ALL to get all errors displayed instead of having to look up what numerical value to use (which changes from version to version of PHP). But you still have to use the number 0 instead of a symbolic constant to turn error reporting off.
error_reporting(0); // Now PHP will not display error messages. … // code where the program checks for errors by itself. error_reporting( E_ALL ); // Now PHP displays errors if they occur.
A predefiend variable that can be used for generating error messages is $php_errormsg:
$php_errormsg is a variable containing the text of the last error message generated by PHP. This variable will only be available within the scope in which the error occurred, and only if the track_errors configuration option is turned on (it defaults to off).
You can use ini_set() to turn on track_errors:
ini_set('track_errors', 'On');
Finally, there is a function named pg_last_error() that you can use to get a string that tells you the most recent database SQL problem. This function works only after you have successfully gotten a “connection resource” to pass to it by calling pg_connect(). If there have been no SQL problems, this function returns an empty string.
The Assignment
Create a table named users in your database, and add columns for id (primary key), last_name, first_name, email, password, and is_registered, as demonstrated in class.
Populate your table with three users: you, me, and someone else. You and I should be “registered,” but the other user should not be.
Alter the form on your site’s home page so the user can log in by supplying their email address and password. That is, the text on the submit button should be “Login”.
When the user submits the form, still validate the email address and password as before, but alter login.php so that it displays a greeting to the user if the password and email address match an entry in the database. The greeting message is to use the person’s full name and is to include a statement saying whether the person has registered yet or not. If the email address is in the database but the password is wrong, display a message saying that the email/password combination is not recognized. If the email address is not in the database, issue a message saying so. (Note that in a real system you would not want to differentiate between the latter two cases because it gives hackers too much information.)
Store passwords in the database in plain text form. Do not do anything about SQL injection yet.
Submit The Assignment
When your assignment is working, log out and be sure your profile is copied back to the server. Send me an email message telling me that you have completed the assignment, and I will get a copy of it from your account on Oak for testing. If your roaming profile does not work, mention that in your email, and I will copy your My Website directory from your home directory instead of your profile directory on Oak.
- Be sure to put your name in your email message!
- The Subject line must be CS-90.3 Assignment 6 to avoid my spam filters.
- Send your email to either Christopher.VickeryATqc.cuny.edu or vickeryATbabbage.cs.qc.cuny.edu — but not to both.
- See the course syllabus for grading and late homework policies.