PHP-and-MySQL/C4/User-Registration-Part-2/English-timed
From Script | Spoken-Tutorial
Time | Narration |
00:00 | Welcome to the second part of the User registration tutorial. |
00:05 | In this part, we will check the existence of these forms. Let us just get rid of these values in these fields that we've typed. |
00:12 | And we are going to do the encrypting of the password. |
00:16 | We are also going to move html tags. |
00:23 | Consider I am encrypting for my login part... Let me just open this file "login dot php".... and we will have to make a few adjustments to my page here. |
00:37 | We would be taking a password straight for our database. |
00:44 | So we need to change this "$dbusername" value and our "$dbpassword". |
00:50 | If you have not watched the 1st video you need to do so, to be able to write this code out. |
00:56 | Back to our "register dot php" and first of all we will check for "submit". |
01:02 | I don't have a "$submit" variable at the moment. |
01:06 | So, this will be equal to "dollar sign underscore POST" and now "submit". |
01:14 | This is because when the user clicks the 'submit' button here, this will hold a value of "Register". |
01:23 | And this will say- "if the user has clicked this button" then we can carry on with our code. |
01:31 | Now, the other values we need to get are the name of the user. So, the fullname of the user. I will just type "$fullname = $ underscore POST" and "fullname". You can just see evidence of this here . |
01:51 | So, we are just mimicking the name given over here, once we have got 'fullname', 'username', 'password', 'repeat pasword' okay? |
01:59 | So, we have got "$fullname" and now we have "$username". |
02:09 | What I will do is, whenever I code, I copy and paste these down. |
02:12 | So "pasword" and "repeat password". Here is the "$password" and "$repeat password". I'm going to change these values. No need to type them out. |
02:26 | If you are new to php, I would suggest that you type these out again and again just for practice. So you won't forget them. |
02:34 | So, we have got all our values here. |
02:37 | So, if "$submit". I'll just echo them out to show you that all these have been submitted correctly. |
02:49 | I suggest you do this for debugging. You might have spelt something wrong and it's no good if you are trying to put data which is spelt wrong into your database. |
02:54 | Here, I will say echo the "$username" and forward slash and "$password". Then "$repeat password" and then "$fullname" of the user followed by the line terminator. |
03:16 | So we have got all the data here that we have extracted from our form. |
03:21 | So, I will just comment this as "form data". |
03:24 | You should now know how to do this by now. |
03:27 | If the form has been submitted, I am going to echo this out, to make sure it is there. |
03:32 | Here, if I click Register nothing happens. I have been clicking and nothing is being done. |
03:40 | So, here I will just type my full name and I can type my username and choose a password which will be "abc" for now. |
03:49 | Click on Register and nothing happened. |
03:52 | So if "submit", "POST submit". |
03:57 | This is why. In our form action, we need to set a method which is going to be "POST". |
04:05 | I forgot to include that. |
04:07 | We need a method of "POST" otherwise it's default as "GET". Yes, you can see it all up there. |
04:13 | What I will do now is refresh this page and retype my data. |
04:21 | So that's "Alex Garrett" and username "alex". This will be "abc" and "abc". Click on Register and my data has been shown here. |
04:30 | We can check if it's correct. My 'fullname' was "Alex Garrett". My 'username' chosen was "alex" and of course "abc" here and here. |
04:40 | Now I want to encrypt these passwords. |
04:43 | And if you read up on Google or any search engine about "MD5 encryption" that's "M D 5". Let's just get rid of this. Let me just write this down for you. It is a very useful way of encrypting data. |
04:54 | Now everything is right. Md5's function in php takes a string or a numerical value, string value or just a data value. |
05:09 | And this is encrypted to MD5 encryption. |
05:13 | Let's say I encrypt "alex" to Md5. Let's echo it out and refresh. |
05:19 | Don't resend the data. So it should just come straight back from here and re-click on Register. |
05:26 | Let's go here and see if if "$submit" is ok. Let's take out this condition and refresh. |
05:34 | So, that is my name encrypted in Md5. |
05:39 | It's always the same length and I believe its impossible to crack unless you encrypt a string and then you compare it to your two encrypted values. |
05:53 | If you don't understand this I have a tutorial on MD5 encryption. So don't worry. Just go ahead and watch it. |
06:01 | Now I will say if "$submit" and then our code. |
06:08 | My 'fullname', 'username' and 'password' are fine. |
06:10 | I will add this "MD5 encryption" around my submitted 'password' and 'repeat password'. |
06:21 | Don't forget that. |
06:23 | If I echo out, let's say, "$password" and just have a break and "$repeat password", |
06:32 | when I go to refresh or rather when I go to submit my form, I will say my 'password' is "abc" and my 'repeat password' is "abc". |
06:45 | Register that. You can see that my 2 encrypted passwords are identical and both of them are ready to be put in the database. |
06:52 | Now if you say someone hacked into your database and finds out people's passwords which is typed in as "abc", they will be able to get it easily. |
07:01 | Let me type it here. But now they won't be able to find what it is because that's encrypted. |
07:06 | Okay, we have got our passwords encrypted. Now we are going to strip any tags of our data and to do this we have 'strip_tags'. |
07:21 | "strip_tags". These will strip HTML tags. |
07:25 | When I am using my password, I will not say "strip tags" before the "md5" function. |
07:36 | I will use the "md5" Function to encrypt the already striped version of my password. |
07:41 | So that should be fine. |
07:43 | Let me copy and paste that down there. |
07:46 | Ok, that's done and let's go back and see that. |
07:54 | I type in "html" here and for my username I say "body" and just keep my password as "abc". |
08:02 | Let's go and echo out "username" and just add a break. |
08:12 | '$fullname'. Echoing out all that will be typed in here. |
08:19 | I will just type "test" after this and "test" after this. |
08:23 | Now this "strip tag" function must get rid of this "html" and this "body". |
08:27 | You should just have "test" and "test" given to us. |
08:31 | Oh! We have got an error. |
08:34 | Let's go back and check. Didn't use the line terminator. Refresh and Resend the data. |
08:38 | As you can see over here, we got "test" and "test". So, whatever you type in here as tag or as html tag, it's just blank. |
08:49 | So, you know some people can be funny and say my username is going to be an "image". Register. That doesn't work ! |
08:59 | It isn't echoed up here. |
09:01 | But if we take say "alex" and we click Register, it's taken into account. |
09:05 | So that's it. In the next tutorial, we will check if every single field is typed in as they are all required for registration. |
09:15 | Ok I'll see you in the next part. Bye. This is _________, dubbing for the Spoken Tutorial project. |