ANGELO ASSAAD

&
JOE SEMAAN

INFORMATION SECURITY
WHAT IS INFORMATION SECURITY?

 Information security protects sensitive information from unauthorized

activities, including inspection, modification, recording, and any disruption or
destruction. The goal is to ensure the safety and privacy of critical data such as
customer account details, financial data or intellectual property.
 DEFINITION INFORMATION SECURITY

 Information confidentiality, integrity, and availability are all protected. Other qualities, such as
authenticity, accountability, non-repudiation, and reliability, may also be relevant.
 To provide confidentiality, integrity, and availability, information and information systems must
be protected from unauthorized access, use, disclosure, disruption, alteration, or destruction.
 When necessary, ensures that only authorized users (confidentiality) have access to accurate and
complete data (integrity) (availability).
 The process of safeguarding an organization's intellectual property is known as information
security.
 A well-informed feeling of security that information dangers and controls are in check.
 DEFINITION LOGIN PAGE

 A login page is a web page or an entry page to a

website that requires user identification and
authentication, regularly performed by entering a
username and password combination.
 It will ask you for (username,
password)
 LOGIN USER

 // LOGIN USER
 if (isset($_POST['login_user'])) {
 $username = mysqli_real_escape_string($db, $_POST['username']);
 $password = mysqli_real_escape_string($db, $_POST['password']);

 if (empty($username)) {
 array_push($errors, "Username is required");
 }
 if (empty($password)) {
 array_push($errors, "Password is required");
 }
 IF THE LOGIN IS NOT CORRECT
It will give you that the username or password
combination is incorrect by using an php error page.

// form validation: ensure that the form is correctly

filled ...
// by adding (array_push()) corresponding error
unto $errors array
if (empty($username)) { array_push($errors,
"Username is required"); }
if (empty($email)) { array_push($errors, "Email is
required"); }
if (empty($password_1)) { array_push($errors,
"Password is required"); }
if ($password_1 != $password_2) {
array_push($errors, "The two passwords do not
match");
}
 DEFINITION REGISTER (SIGN UP)

 The meaning of SIGN UP is to sign one's name (as to a contract) in

order to obtain, do, or join something.
 It will ask you for (username, email, password and to confirm
password)

 // REGISTER USER
 if (isset($_POST['reg_user'])) {
 // receive all input values from the form
 $username = mysqli_real_escape_string($db, $_POST['username']);
 $email = mysqli_real_escape_string($db, $_POST['email']);
 $password_1 = mysqli_real_escape_string($db,
$_POST['password_1']);
 $password_2 = mysqli_real_escape_string($db,
$_POST['password_2']);
REGISTER USER IF THERE ARE NO ERRORS IN THE FORM

// Finally, register user if there are no errors in the

form
if (count($errors) == 0) {
$password = md5($password_1);//encrypt the
password before saving in the database

$query = "INSERT INTO users (username,

email, password)
VALUES('$username', '$email',
'$password')";
mysqli_query($db, $query);
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged
in";
header('location: index.php');
}
}
 ENCRYPT PASSWORD

 if (count($errors) == 0) {
 $password = md5($password);
 $query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
 $results = mysqli_query($db, $query);
 if (mysqli_num_rows($results) == 1) {
 $_SESSION['username'] = $username;
 $_SESSION['success'] = "You are now logged in";
 header('location: index.php');
 }else {
 array_push($errors, "Wrong username/password combination");
 IF THE LOGIN IS CORRECT

It will give you a

correct page and
welcoming page
with your name
and you can logout
using index.php
page
 IF THE USERNAME AND EMAIL EXIST
// first check the database to make sure
// a user does not already exist with the same
username and/or email
$user_check_query = "SELECT * FROM users
WHERE username='$username' OR email='$email'
LIMIT 1";
$result = mysqli_query($db, $user_check_query);
$user = mysqli_fetch_assoc($result);

if ($user) { // if user exists

if ($user['username'] === $username) {
array_push($errors, "Username already exists");
}

if ($user['email'] === $email) {

array_push($errors, "email already exists");
}
}
 DATABASE USING XAMPP

Here we can add a username and email and // connect to the database
password by just go to register. php page and add $db = mysqli_connect('localhost', 'root',
to the database and it will be encrypted password "" , 'login page');
THE END