1 / 14

Error handling

Error handling. Unit 27 Web Server Scripting Extended Diploma in ICT. Criteria M4 and D4. M4 implement an error log for a website using web server scripting. D2 create a web application to generate website statistics using web server scripting

bruis
Download Presentation

Error handling

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Error handling Unit 27 Web Server Scripting Extended Diploma in ICT

  2. Criteria M4 and D4 • M4 implement an error log for a website using web server scripting. • D2 create a web application to generate website statistics using web server scripting • We will create a function which will record errors in a log file • The function can be called when there is an error on logging in (M4) • We will record the IP address of who has logged in

  3. Modify the logon script Create a customised error handler which will • Log the date and time of the error in a file • Log the type of error and a message • Show the error on the screen • Inform the user that the error has been logged The error handler will be called if there is an invalid username and password

  4. logon.php 1 <?php $user = $_POST["username"]; $pass = $_POST["password"]; $validated = false; //error handler function customError($errno, $errstr) { echo "<b>Error:</b> [$errno] $errstr<br />"; echo "The error has been logged."; error_log(date (DATE_RSS)." Error: [$errno] $errstr".chr(13).chr(10),3, "invalidlogin.txt"); }

  5. logon.php 2 //set error handler set_error_handler("customError",E_USER_WARNING); session_start(); $_SESSION['login'] = ""; if($user!="" && $pass!="") { $conn = @mysql_connect ("studentnn.computing.hct.ac.uk", "studentnn", "pasword") or die ("Sorry - unable to connect to MySQL database."); $rs = @mysql_select_db ("database", $conn) or die ("error"); $sql = "SELECT * FROM user WHERE username = '$user' AND password = '$pass'"; $rs = mysql_query($sql,$conn); $result = mysql_num_rows($rs);

  6. logon.php 3 if ($result > 0) $validated = true; if($validated) { $_SESSION['login'] = "OK"; $_SESSION['username'] = $user; $_SESSION['password'] = $pass; header('Location: protected1.php'); } else { $_SESSION['login'] = ""; trigger_error("Invalid username or password\n", E_USER_WARNING); } } else $_SESSION['login'] = ""; ?>

  7. logon.php 4 <html> <body> <h1>Logon Page</h1> <p>Please enter your username and password:</p> <form action="logon.php" method="post"> <table> <tr> <td align="right">Username: </td> <td><input size=\"20\" type="text" size="20" maxlength="15" name="username"></td> </tr> <tr> <td align="right">Password: </td> <td><input size=\"20\" type="password" size="20" maxlength="15" name="password"></td> </tr>

  8. logon.php 5 • <tr> • <td> </td> • <td colspan="2" align="left"><input type="submit" value="Login"></td> • </tr> • </table> • </form> • </body> • </html>

  9. invalidlogin.txt Sun, 20 May 2012 22:58:01 +0100 Error: [512] Invalid username or password Tue, 29 May 2012 18:11:00 +0100 Error: [512] Invalid username or password

  10. Screen shot

  11. Logging the IP address • We need to capture the IP address and date • $ip = $_SERVER["REMOTE_ADDR"]; • $date = date(“d-m-Y H:i:s");

  12. Appending to a file • $file = 'login.txt'; • // Open the file to get existing content • $current = file_get_contents($file); • // Append login information to the file • $current .= "$user logged in from IP Address of $ip on $date"."\r\n"; • // Write the contents back to the file • file_put_contents($file, $current);

  13. Insert this code into login.php • if ($result > 0) $validated = true; • if($validated) • { • $_SESSION['login'] = "OK"; • $_SESSION['username'] = $user; • $_SESSION['password'] = $pass; • $ip = $_SERVER["REMOTE_ADDR"]; • $date = date(“d-m-Y H:i:s"); • $file = 'login.txt'; • // Open the file to get existing content • $current = file_get_contents($file); • // Append a new person to the file • $current .= "$user logged in from IP Address of $ip on $date"."\r\n"; • // Write the contents back to the file • file_put_contents($file, $current); • header('Location: protected1.php'); • }

  14. login.txt

More Related