PHP MySQL Data Transfer in secured way

Nazim Uddin

By this post we can learn the below thing in php

  1. Prevent refreshing
  2. Prevent Back button in browser
  3. separate configuration file creation (config.php)
  4. separate function file creation(functions.php)
  5. password encryption using md5 hash
  6. design in form validation

Pre requisite:

  1. Install xampp for Apache server, php & Mysql database

Step-1: create a file index.php and write the below code

<?php
include "functions.php";
include "config.php";

$a =  isset($_POST['uname']) ? $_POST['uname'] : null;
$b =  isset($_POST['pass']) ? $_POST['pass'] : null;

if ($a <> null || $b <> null){
$sql = "INSERT INTO user (uname, pass)
VALUES ('$a', md5('$b'))";

if ($conn->query($sql) === TRUE) {
  
  successinsert();
 
} else {
  echo "Error: " . $sql . "<br>" . $conn->error;
}
}
$conn->close();
?>

<script language="javascript" type="text/javascript">
        if ( window.history.replaceState ) {
            window.history.replaceState( null, null, window.location.href );
}
        window.history.forward();
        
 </script>
<html>
<body>

<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="post">
User Name: <input type="text" name="uname" required maxlength="30" size="30"><br><br>
Password: <input type="password" name="pass" pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,}" size="8"><br>
<input type="submit">
</form>

<div id="message">
  <h3>Password must contain the following:</h3>
  <p id="letter" class="invalid">A <b>lowercase</b> letter</p>
  <p id="capital" class="invalid">A <b>capital (uppercase)</b> letter</p>
  <p id="number" class="invalid">A <b>number</b></p>
  <p id="length" class="invalid">Minimum <b>8 characters</b></p>
</div>

</body>
</script>
</html>

Step-2: create config.php file for DB connection checking 

<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "testDB";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
  die("Connection failed: " . $conn->connect_error);
}
?>

3: Create functions.php file for keeping all function in separate file.

<?php

function successinsert(){
    echo '<script>alert("Data inserted Successfully");</script>';
}
?>

Leave a Reply

Your email address will not be published. Required fields are marked *