← Projects — CIS 241

PHP To-Do List Application

A dynamic PHP web application with user authentication and personal task management, backed by a MySQL database and a front-controller routing pattern.

PHPMySQLPDOHTMLCSSSessionsCookies
Demo ↗

Overview

PHP To-Do List is a multi-user task management application built with PHP and MySQL. Users register for an account, log in securely, and manage a personal list of tasks — each with a title and due date. The application follows a front-controller architecture where all requests route through a single index.php entry point, which dispatches to dedicated controllers and views based on an action query parameter.

Features

  • User registration with username, email, and password validation
  • Secure login using password_hash / password_verify with PDO prepared statements
  • Session-based authentication guarding the dashboard from unauthenticated access
  • Cookie-based login visit counter displayed on the dashboard
  • Add new tasks with a title and a required future due date
  • Edit existing task title and due date with server-side date validation
  • Mark tasks complete (deletes the record) with success/error feedback
  • Tasks displayed in ascending due-date order per user
  • Flash messaging system via URL query parameters for all success and error states

Screenshots

Login page Login Page

Dashboard Dashboard

Code Highlights

// authentication_logic/login_logic.php — PDO login with session + cookie tracking
$query = "SELECT * FROM users WHERE email = :email";
$statement = $pdo->prepare($query);
$statement->bindValue(':email', $email);
$statement->execute();
$user = $statement->fetch();

if ($user && password_verify($password, $user['password_hash'])) {
    $_SESSION['user_id']   = $user['user_id'];
    $_SESSION['user_name'] = $user['username'];

    // Persist a login visit counter across sessions via cookie (3-year expiry)
    $visits = $_COOKIE['login_visits'] ?? 0;
    setcookie('login_visits', ++$visits, time() + 94608000, "/");

    header("Location: /CIS-241-Unit-2-Project/to-do-list/index.php?action=dashboard_view");
    exit;
} else {
    header("Location: /CIS-241-Unit-2-Project/to-do-list/index.php?action=login_view&error=invalid_credentials");
    exit;
}

Challenges & Solutions

Challenge: Preventing duplicate usernames and emails during registration without exposing which field conflicted.
Solution: A single SELECT query checks both email and username in one round-trip; the result is then inspected independently to produce a field-specific error redirect.

Challenge: Enforcing that task due dates cannot be set in the past on both add and update flows.
Solution: Both add_task.php and update_task.php compare the submitted date string against date('Y-m-d') server-side before any database operation, redirecting with an invalid_due_date error if the check fails.

Live Demo

Visit the live demo of the project: Live Demo

Live Demo Instructions

To test the application, follow these steps:

  1. Register a new account by clicking the “Register” in the Navbar and filling out the form with a unique username, valid email, and password.
  2. After registering, login.
  3. Now, you can add new tasks!