PHP-and-MySQL/C4/User-Registration-Part-2/English-timed

From Script | Spoken-Tutorial
Jump to: navigation, search
Time Narration
00:00 Welcome to the second part of the User registration tutorial.
00:05 In this part, we will check the existence of these forms. Let us just get rid of these values in these fields that we've typed.
00:12 And we are going to do the encrypting of the password.
00:16 We are also going to move html tags.
00:23 Consider I am encrypting for my login part... Let me just open this file "login dot php".... and we will have to make a few adjustments to my page here.
00:37 We would be taking a password straight for our database.
00:44 So we need to change this "$dbusername" value and our "$dbpassword".
00:50 If you have not watched the 1st video you need to do so, to be able to write this code out.
00:56 Back to our "register dot php" and first of all we will check for "submit".
01:02 I don't have a "$submit" variable at the moment.
01:06 So, this will be equal to "dollar sign underscore POST" and now "submit".
01:14 This is because when the user clicks the 'submit' button here, this will hold a value of "Register".
01:23 And this will say- "if the user has clicked this button" then we can carry on with our code.
01:31 Now, the other values we need to get are the name of the user. So, the fullname of the user. I will just type "$fullname = $ underscore POST" and "fullname". You can just see evidence of this here .
01:51 So, we are just mimicking the name given over here, once we have got 'fullname', 'username', 'password', 'repeat pasword' okay?
01:59 So, we have got "$fullname" and now we have "$username".
02:09 What I will do is, whenever I code, I copy and paste these down.
02:12 So "pasword" and "repeat password". Here is the "$password" and "$repeat password". I'm going to change these values. No need to type them out.
02:26 If you are new to php, I would suggest that you type these out again and again just for practice. So you won't forget them.
02:34 So, we have got all our values here.
02:37 So, if "$submit". I'll just echo them out to show you that all these have been submitted correctly.
02:49 I suggest you do this for debugging. You might have spelt something wrong and it's no good if you are trying to put data which is spelt wrong into your database.
02:54 Here, I will say echo the "$username" and forward slash and "$password". Then "$repeat password" and then "$fullname" of the user followed by the line terminator.
03:16 So we have got all the data here that we have extracted from our form.
03:21 So, I will just comment this as "form data".
03:24 You should now know how to do this by now.
03:27 If the form has been submitted, I am going to echo this out, to make sure it is there.
03:32 Here, if I click Register nothing happens. I have been clicking and nothing is being done.
03:40 So, here I will just type my full name and I can type my username and choose a password which will be "abc" for now.
03:49 Click on Register and nothing happened.
03:52 So if "submit", "POST submit".
03:57 This is why. In our form action, we need to set a method which is going to be "POST".
04:05 I forgot to include that.
04:07 We need a method of "POST" otherwise it's default as "GET". Yes, you can see it all up there.
04:13 What I will do now is refresh this page and retype my data.
04:21 So that's "Alex Garrett" and username "alex". This will be "abc" and "abc". Click on Register and my data has been shown here.
04:30 We can check if it's correct. My 'fullname' was "Alex Garrett". My 'username' chosen was "alex" and of course "abc" here and here.
04:40 Now I want to encrypt these passwords.
04:43 And if you read up on Google or any search engine about "MD5 encryption" that's "M D 5". Let's just get rid of this. Let me just write this down for you. It is a very useful way of encrypting data.
04:54 Now everything is right. Md5's function in php takes a string or a numerical value, string value or just a data value.
05:09 And this is encrypted to MD5 encryption.
05:13 Let's say I encrypt "alex" to Md5. Let's echo it out and refresh.
05:19 Don't resend the data. So it should just come straight back from here and re-click on Register.
05:26 Let's go here and see if if "$submit" is ok. Let's take out this condition and refresh.
05:34 So, that is my name encrypted in Md5.
05:39 It's always the same length and I believe its impossible to crack unless you encrypt a string and then you compare it to your two encrypted values.
05:53 If you don't understand this I have a tutorial on MD5 encryption. So don't worry. Just go ahead and watch it.
06:01 Now I will say if "$submit" and then our code.
06:08 My 'fullname', 'username' and 'password' are fine.
06:10 I will add this "MD5 encryption" around my submitted 'password' and 'repeat password'.
06:21 Don't forget that.
06:23 If I echo out, let's say, "$password" and just have a break and "$repeat password",
06:32 when I go to refresh or rather when I go to submit my form, I will say my 'password' is "abc" and my 'repeat password' is "abc".
06:45 Register that. You can see that my 2 encrypted passwords are identical and both of them are ready to be put in the database.
06:52 Now if you say someone hacked into your database and finds out people's passwords which is typed in as "abc", they will be able to get it easily.
07:01 Let me type it here. But now they won't be able to find what it is because that's encrypted.
07:06 Okay, we have got our passwords encrypted. Now we are going to strip any tags of our data and to do this we have 'strip_tags'.
07:21 "strip_tags". These will strip HTML tags.
07:25 When I am using my password, I will not say "strip tags" before the "md5" function.
07:36 I will use the "md5" Function to encrypt the already striped version of my password.
07:41 So that should be fine.
07:43 Let me copy and paste that down there.
07:46 Ok, that's done and let's go back and see that.
07:54 I type in "html" here and for my username I say "body" and just keep my password as "abc".
08:02 Let's go and echo out "username" and just add a break.
08:12 '$fullname'. Echoing out all that will be typed in here.
08:19 I will just type "test" after this and "test" after this.
08:23 Now this "strip tag" function must get rid of this "html" and this "body".
08:27 You should just have "test" and "test" given to us.
08:31 Oh! We have got an error.
08:34 Let's go back and check. Didn't use the line terminator. Refresh and Resend the data.
08:38 As you can see over here, we got "test" and "test". So, whatever you type in here as tag or as html tag, it's just blank.
08:49 So, you know some people can be funny and say my username is going to be an "image". Register. That doesn't work !
08:59 It isn't echoed up here.
09:01 But if we take say "alex" and we click Register, it's taken into account.
09:05 So that's it. In the next tutorial, we will check if every single field is typed in as they are all required for registration.
09:15 Ok I'll see you in the next part. Bye. This is _________, dubbing for the Spoken Tutorial project.

Contributors and Content Editors

Gaurav, Gyan, PoojaMoolya, Pratik kamble, Sandhya.np14