PHP/PostgreSQL tutorial
Authors:
Created 2014 by Arnold Rosenbloom
Updated 2016 by Larry Zhang
- First a definition (from the Apache website)...
- Authentication
- Authentication is any process by which
you verify that someone is who they claim they are.
- Authorization
- Authorization is any process by which
someone is allowed to be where they want to go, or to have information that
they want to have.
- Your job is to modify your guessGame so that only authenticated users are
authorized to play the game. To do this, create and populate an
appuser
postgresql table. This should contain
usernames
and passwords
. Next, create a login page
which authenticates users and then allows (or not) users to play your guess
game. Only authenticated
users are authorized
to
play your guess game. If a non-authenticated user attempts to access protected
content, they should be immediately sent to the login page.
PostgreSQL database credentials:
utorid/last 7 digits of your TCard barcode.
So for 2176101241391200 ... the password is 13912i00
ssh -Y UTORID@cs.utm.utoronto.ca
psql
drop table appuser;
create table appuser (
username varchar(20) primary key,
password varchar(20),
otherinfo varchar(20)
);
select * from appuser;
insert into appuser (username, password, otherinfo) values('arnold', 'terminator', 'something');
insert into appuser (username, password, otherinfo) values('jane', 'wonderwoman', 'another thing');
select * from appuser;
select otherinfo from appuser where username='arnold';
select * from appuser where username='arnold' and password='zzzz';
select count(*) from appuser where username='arnold' and password='spiderman';
to quit
schema.sql
Connect to PostgreSQL database using PHP: example code
phppsql.php (save it to your own web space, modify it to make it work)