\n\n"; // array of transactions stored in $transactions $fields = array_keys($transactions[0]); reset($fields); //var_dump($fields); // First row with fields foreach ($fields as $key=>$curr) { if ($curr == "log") $formatted = "Date/Time"; else if ($curr == "cardnum") $formatted = "Card Number"; else if ($curr == "amt") $formatted = "Amount Charged"; else $formatted = $curr; $html = $html."".$formatted.""; next($fields); } $html = $html."\n"; foreach ($transactions as $record) { $html .= ""; foreach ($record as $value) { $html .= "$value"; } $html .= "\n"; } $html .= ""; return $html; } /********* END Functions ***************/ session_start(); // cheapo navigation scheme if (isset($_GET['s']) && $_GET['s'] == "about") $section = "about"; else $section = "home"; $DB_HOST = "localhost"; $DB_USER = "leehsueh_user"; $DB_NAME = "leehsueh_ee476"; //$DB_PW = "ee476"; $db = new DBInterface($DB_HOST, $DB_USER, $DB_NAME); $db->connectToDB(); // check if username exists if (isset($_POST['username']) && isset($_POST['pw'])) { $username = $_POST['username']; $pw = $_POST['pw']; //check for admin user if ($username == "admin" && $pw == "ee476admin") { $_SESSION['admin'] = true; $_SESSION['loggedIn'] = true; $_SESSION['firstname'] = "admin"; //TODO: get all records and store in htmlTable } else // check for normal user { // retrieve the row $userInfo = mysql_query("SELECT * FROM accounts WHERE username = '".$username."' and pw = '".$pw."' LIMIT 1"); if (mysql_num_rows($userInfo) == 0) { $_SESSION['loggedIn'] = false; $status = "Incorrect/Missing username/password. Try logging in again."; //echo $message; } else { $_SESSION['loggedIn'] = true; $userInfo = mysql_fetch_assoc($userInfo); $firstname= ucfirst(strtolower($userInfo['firstname'])); $lastname = ucfirst(strtolower($userInfo['lastname'])); $uid = $userInfo['uid']; // store in session variable (may not be necessary) $_SESSION['firstname'] = $firstname; $_SESSION['lastname'] = $lastname; $_SESSION['uid'] = $uid; // get/store transactions table in array $sql = "SELECT log,cardnum,amt FROM transactions WHERE uid = ".$uid." ORDER BY log DESC"; $transactions = $db->query($sql); $numTransactions = $db->getNumOfAffectedRows(); $_SESSION['numTransactions'] = $numTransactions; if ($numTransactions == -1) { // the query failed; safe behavior: do nothing for now echo "QUERY FAILED\n".$sql; } else { $tableHtml = dispTable($transactions); $_SESSION['tableHtml'] = $tableHtml; } } } } if (isset($_SESSION['loggedIn'])) { $loggedIn = $_SESSION['loggedIn']; } else { $loggedIn = false; $status = "You are not logged in. Log in using the form on the homepage."; } if ($loggedIn && isset($_POST['chgpw1']) && $_POST['chgpw1'] != "" && isset($_POST['chgpw2']) && $_POST['chgpw2'] != "") { if ($_POST['chgpw1'] == $_POST['chgpw2']) { $chgpwres = mysql_query("UPDATE accounts SET pw='".$_POST['chgpw1']."' WHERE uid='".$_SESSION['uid']."'"); if ($chgpwres) $status = "Password changed."; else $status = "Password NOT changed."; } else { $status = "Passwords do not match!"; } } // Clear session if ($_GET['logout'] == 1) { session_unset(); session_destroy(); $status = "Successfully logged out."; $loggedIn = false; } ?> ECE 4760 Final Project :: Digital Receipts

Welcome,

Logout"; echo "

\n"; echo <<Change password

New Password:
Confirm Password:

END; } if (isset($status)) { echo $status; } ?>

About This Project

Short description goes here. Link to project report page.

END; } else if ($loggedIn) { echo "

Transactions

\n

"; echo $_SESSION['tableHtml']; echo "

\n"; } else { //echo "You are not logged in. Log in using the form."; echo <<Login

Username:
Password:

If you have swiped your credit card in the prototype Digital Receipts system, then you have an account and can view your transactions online. Your username is the first letter of your first name followed by last name, all lowercase, with no spaces or non-alphabetical characters. Your password is automatically set to be your last name all in capital letters, but once you login you have the option to change your password. Please contact Hain-Lee by email or in person for your password if you don't remember it.

END; } ?>