Exercises in Authentication and Sessions

  1. JavaScript in Authentication: (Similar to an exam exercise from exam E2001, 10 %)
    Consider the following HTML document, presenting a password change form

    Add the necesarry JavaScript code such that the form only can be submitted if
  2. Sessions: (Exam exercise from exam E2001, 10 %) Consider the PHP-script storytime.php below. It writes a line from a scary story, depending on the value of$page

    Extend the program with a PHP session such that the first line is written first time the script is requested by a user, and each time he request it subsequently the next line of the story is written. The story should start over after the last line "scary night." has been shown.

  3. Authentication using PHP and MySQL: Consider the Personal Phone Book example. Copy the code to your own folder, create your own PPhoneBook table (as in the PhoneBook database in the MySQL lectures) in your own database, and create a Users table and insert a number of users with MD5 hashed passwords (as in the Authentication lecture).
    Change (do one step at a time) the Personal Phone Book such that
    1. The edit link is not present if the user has not made a correct login
    2. New users can sign up, using a form with three fields: name, password and retypepassword. You should check that the same password has been given in the two password fields, using JavaScript as in the first exercise. You should make sure that two users are not allowed to have the same name. Remember to store the passwords hashed with MD5.
    3. It is recorded in the database for each entry, which user entered the entry. Start out with a fresh phonebook table, you may change the layout of your database.
    4. A user can only edit and delete his own entries.

    Optional Hand-In

    The News Example II: Add authentication to the news example and allow users who has made a correct login to:
    1. Add new articles (record the name of the author)
    2. Edit/delete (their own) articles
    use sessions as in the Phonebook exercise above.