Difference between revisions of "PHP-and-MySQL/C4/User-Registration-Part-2/English-timed"
From Script | Spoken-Tutorial
Sandhya.np14 (Talk | contribs) |
PoojaMoolya (Talk | contribs) |
||
| (One intermediate revision by one other user not shown) | |||
| Line 109: | Line 109: | ||
|- | |- | ||
|04:21 | |04:21 | ||
| − | |So that's "Alex Garrett" and username "alex". This will be "abc" and "abc". Click on | + | |So that's "Alex Garrett" and username "alex". This will be "abc" and "abc". Click on '''Register''' and my data has been shown here. |
|- | |- | ||
|04:30 | |04:30 | ||
| − | |We can check if | + | |We can check if it's correct. My 'fullname' was "Alex Garrett". My 'username' chosen was "alex" and of course "abc" here and here. |
|- | |- | ||
|04:40 | |04:40 | ||
| Line 118: | Line 118: | ||
|- | |- | ||
|04:43 | |04:43 | ||
| − | |And if you read up on Google or any search engine about "MD5 encryption" that's "M D 5". Let me just write this down for you. It is a very useful way of encrypting data. | + | |And if you read up on Google or any search engine about "MD5 encryption" that's "M D 5". Let's just get rid of this. Let me just write this down for you. It is a very useful way of encrypting data. |
|- | |- | ||
|04:54 | |04:54 | ||
| − | | | + | | Now everything is right. Md5's function in php takes a '''string''' or a numerical value, string value or just a data value. |
|- | |- | ||
|05:09 | |05:09 | ||
| Line 127: | Line 127: | ||
|- | |- | ||
|05:13 | |05:13 | ||
| − | | | + | |Let's say I encrypt "alex" to Md5. Let's '''echo''' it out and refresh. |
|- | |- | ||
|05:19 | |05:19 | ||
| − | |Don't resend the data. So it should just come straight back from here and re-click on | + | |Don't resend the data. So it should just come straight back from here and re-click on '''Register'''. |
|- | |- | ||
|05:26 | |05:26 | ||
| − | |Let's go here and see if | + | |Let's go here and see if '''if''' "$submit" is ok. Let's take out this condition and refresh. |
|- | |- | ||
|05:34 | |05:34 | ||
| − | |So that is my name encrypted in Md5. | + | |So, that is my name encrypted in Md5. |
|- | |- | ||
|05:39 | |05:39 | ||
| − | |It's always the same length and I believe its impossible to crack unless you encrypt a string and then you compare it to your two encrypted values. | + | |It's always the same length and I believe its impossible to crack unless you encrypt a '''string''' and then you compare it to your two encrypted values. |
|- | |- | ||
|05:53 | |05:53 | ||
| − | |If you don't understand this I have a tutorial on | + | |If you don't understand this I have a tutorial on '''MD5 encryption'''. So don't worry. Just go ahead and watch it. |
|- | |- | ||
|06:01 | |06:01 | ||
| − | |Now I will say | + | |Now I will say '''if''' "$submit" and then our code. |
|- | |- | ||
|06:08 | |06:08 | ||
| − | |My fullname, username and password are fine. | + | |My 'fullname', 'username' and 'password' are fine. |
|- | |- | ||
|06:10 | |06:10 | ||
| − | |I will add this "MD5 encryption" around my submitted password and repeat password. | + | |I will add this "MD5 encryption" around my submitted 'password' and 'repeat password'. |
|- | |- | ||
|06:21 | |06:21 | ||
| Line 157: | Line 157: | ||
|- | |- | ||
|06:23 | |06:23 | ||
| − | | | + | | If I '''echo''' out, let's say, "$password" and just have a '''break''' and "$repeat password", |
|- | |- | ||
|06:32 | |06:32 | ||
| − | | | + | |when I go to refresh or rather when I go to submit my form, I will say my 'password' is "abc" and my 'repeat password' is "abc". |
|- | |- | ||
|06:45 | |06:45 | ||
| − | |Register that. | + | |Register that. You can see that my 2 encrypted passwords are identical and both of them are ready to be put in the database. |
| − | + | ||
| − | + | ||
| − | + | ||
|- | |- | ||
|06:52 | |06:52 | ||
| − | |Now if you say someone hacked into your database and finds out people's passwords which is typed in as abc, they will be able to get it easily. | + | |Now if you say someone hacked into your database and finds out people's passwords which is typed in as "abc", they will be able to get it easily. |
|- | |- | ||
|07:01 | |07:01 | ||
|Let me type it here. But now they won't be able to find what it is because that's encrypted. | |Let me type it here. But now they won't be able to find what it is because that's encrypted. | ||
|- | |- | ||
| − | |07 | + | |07:06 |
| − | |Okay, we have got our passwords encrypted. Now we are going to strip any tags of our data and to do this we have | + | |Okay, we have got our passwords encrypted. Now we are going to strip any tags of our data and to do this we have 'strip_tags'. |
|- | |- | ||
|07:21 | |07:21 | ||
| − | |" | + | |"strip_tags". These will strip '''HTML tags'''. |
|- | |- | ||
|07:25 | |07:25 | ||
| Line 190: | Line 187: | ||
|- | |- | ||
|07:43 | |07:43 | ||
| − | |Let me copy and | + | |Let me copy and paste that down there. |
|- | |- | ||
|07:46 | |07:46 | ||
| − | |Ok, that's done and | + | |Ok, that's done and let's go back and see that. |
|- | |- | ||
|07:54 | |07:54 | ||
| − | |I type in "html" here and for my username I say "body" and just keep my password as "abc". | + | |I type in "html" here and for my '''username''' I say "body" and just keep my '''password''' as "abc". |
|- | |- | ||
|08:02 | |08:02 | ||
| − | | | + | |Let's go and '''echo''' out "username" and just add a '''break'''. |
|- | |- | ||
|08:12 | |08:12 | ||
| − | | | + | |'$fullname'. Echoing out all that will be typed in here. |
|- | |- | ||
|08:19 | |08:19 | ||
| Line 217: | Line 214: | ||
|- | |- | ||
|08:34 | |08:34 | ||
| − | | | + | |Let's go back and check. Didn't use the line terminator. '''Refresh''' and '''Resend''' the data. |
|- | |- | ||
|08:38 | |08:38 | ||
| − | |As you can see over here, we got "test" and "test". So whatever you type in here as tag or as html tag, | + | |As you can see over here, we got "test" and "test". So, whatever you type in here as '''tag''' or as '''html tag''', it's just blank. |
|- | |- | ||
|08:49 | |08:49 | ||
| − | |So you know some people can be funny and say my username is going to be an "image". Register. That doesn't work ! | + | |So, you know some people can be funny and say my username is going to be an "image". '''Register'''. That doesn't work ! |
|- | |- | ||
|08:59 | |08:59 | ||
| Line 229: | Line 226: | ||
|- | |- | ||
|09:01 | |09:01 | ||
| − | |But if we take say "alex" and we click | + | |But if we take say "alex" and we click '''Register''', it's taken into account. |
|- | |- | ||
|09:05 | |09:05 | ||
| − | |So that's it. In the next tutorial we will check if every single field is typed in as they are all required for registration. | + | |So that's it. In the next tutorial, we will check if every single '''field''' is typed in as they are all required for registration. |
|- | |- | ||
|09:15 | |09:15 | ||
| − | |Ok I'll see you in the next part. Bye. This is _________ dubbing for the Spoken Tutorial project. | + | |Ok I'll see you in the next part. Bye. This is _________, dubbing for the Spoken Tutorial project. |
Latest revision as of 17:55, 24 March 2017
| Time | Narration |
| 00:00 | Welcome to the second part of the User registration tutorial. |
| 00:05 | In this part, we will check the existence of these forms. Let us just get rid of these values in these fields that we've typed. |
| 00:12 | And we are going to do the encrypting of the password. |
| 00:16 | We are also going to move html tags. |
| 00:23 | Consider I am encrypting for my login part... Let me just open this file "login dot php".... and we will have to make a few adjustments to my page here. |
| 00:37 | We would be taking a password straight for our database. |
| 00:44 | So we need to change this "$dbusername" value and our "$dbpassword". |
| 00:50 | If you have not watched the 1st video you need to do so, to be able to write this code out. |
| 00:56 | Back to our "register dot php" and first of all we will check for "submit". |
| 01:02 | I don't have a "$submit" variable at the moment. |
| 01:06 | So, this will be equal to "dollar sign underscore POST" and now "submit". |
| 01:14 | This is because when the user clicks the 'submit' button here, this will hold a value of "Register". |
| 01:23 | And this will say- "if the user has clicked this button" then we can carry on with our code. |
| 01:31 | Now, the other values we need to get are the name of the user. So, the fullname of the user. I will just type "$fullname = $ underscore POST" and "fullname". You can just see evidence of this here . |
| 01:51 | So, we are just mimicking the name given over here, once we have got 'fullname', 'username', 'password', 'repeat pasword' okay? |
| 01:59 | So, we have got "$fullname" and now we have "$username". |
| 02:09 | What I will do is, whenever I code, I copy and paste these down. |
| 02:12 | So "pasword" and "repeat password". Here is the "$password" and "$repeat password". I'm going to change these values. No need to type them out. |
| 02:26 | If you are new to php, I would suggest that you type these out again and again just for practice. So you won't forget them. |
| 02:34 | So, we have got all our values here. |
| 02:37 | So, if "$submit". I'll just echo them out to show you that all these have been submitted correctly. |
| 02:49 | I suggest you do this for debugging. You might have spelt something wrong and it's no good if you are trying to put data which is spelt wrong into your database. |
| 02:54 | Here, I will say echo the "$username" and forward slash and "$password". Then "$repeat password" and then "$fullname" of the user followed by the line terminator. |
| 03:16 | So we have got all the data here that we have extracted from our form. |
| 03:21 | So, I will just comment this as "form data". |
| 03:24 | You should now know how to do this by now. |
| 03:27 | If the form has been submitted, I am going to echo this out, to make sure it is there. |
| 03:32 | Here, if I click Register nothing happens. I have been clicking and nothing is being done. |
| 03:40 | So, here I will just type my full name and I can type my username and choose a password which will be "abc" for now. |
| 03:49 | Click on Register and nothing happened. |
| 03:52 | So if "submit", "POST submit". |
| 03:57 | This is why. In our form action, we need to set a method which is going to be "POST". |
| 04:05 | I forgot to include that. |
| 04:07 | We need a method of "POST" otherwise it's default as "GET". Yes, you can see it all up there. |
| 04:13 | What I will do now is refresh this page and retype my data. |
| 04:21 | So that's "Alex Garrett" and username "alex". This will be "abc" and "abc". Click on Register and my data has been shown here. |
| 04:30 | We can check if it's correct. My 'fullname' was "Alex Garrett". My 'username' chosen was "alex" and of course "abc" here and here. |
| 04:40 | Now I want to encrypt these passwords. |
| 04:43 | And if you read up on Google or any search engine about "MD5 encryption" that's "M D 5". Let's just get rid of this. Let me just write this down for you. It is a very useful way of encrypting data. |
| 04:54 | Now everything is right. Md5's function in php takes a string or a numerical value, string value or just a data value. |
| 05:09 | And this is encrypted to MD5 encryption. |
| 05:13 | Let's say I encrypt "alex" to Md5. Let's echo it out and refresh. |
| 05:19 | Don't resend the data. So it should just come straight back from here and re-click on Register. |
| 05:26 | Let's go here and see if if "$submit" is ok. Let's take out this condition and refresh. |
| 05:34 | So, that is my name encrypted in Md5. |
| 05:39 | It's always the same length and I believe its impossible to crack unless you encrypt a string and then you compare it to your two encrypted values. |
| 05:53 | If you don't understand this I have a tutorial on MD5 encryption. So don't worry. Just go ahead and watch it. |
| 06:01 | Now I will say if "$submit" and then our code. |
| 06:08 | My 'fullname', 'username' and 'password' are fine. |
| 06:10 | I will add this "MD5 encryption" around my submitted 'password' and 'repeat password'. |
| 06:21 | Don't forget that. |
| 06:23 | If I echo out, let's say, "$password" and just have a break and "$repeat password", |
| 06:32 | when I go to refresh or rather when I go to submit my form, I will say my 'password' is "abc" and my 'repeat password' is "abc". |
| 06:45 | Register that. You can see that my 2 encrypted passwords are identical and both of them are ready to be put in the database. |
| 06:52 | Now if you say someone hacked into your database and finds out people's passwords which is typed in as "abc", they will be able to get it easily. |
| 07:01 | Let me type it here. But now they won't be able to find what it is because that's encrypted. |
| 07:06 | Okay, we have got our passwords encrypted. Now we are going to strip any tags of our data and to do this we have 'strip_tags'. |
| 07:21 | "strip_tags". These will strip HTML tags. |
| 07:25 | When I am using my password, I will not say "strip tags" before the "md5" function. |
| 07:36 | I will use the "md5" Function to encrypt the already striped version of my password. |
| 07:41 | So that should be fine. |
| 07:43 | Let me copy and paste that down there. |
| 07:46 | Ok, that's done and let's go back and see that. |
| 07:54 | I type in "html" here and for my username I say "body" and just keep my password as "abc". |
| 08:02 | Let's go and echo out "username" and just add a break. |
| 08:12 | '$fullname'. Echoing out all that will be typed in here. |
| 08:19 | I will just type "test" after this and "test" after this. |
| 08:23 | Now this "strip tag" function must get rid of this "html" and this "body". |
| 08:27 | You should just have "test" and "test" given to us. |
| 08:31 | Oh! We have got an error. |
| 08:34 | Let's go back and check. Didn't use the line terminator. Refresh and Resend the data. |
| 08:38 | As you can see over here, we got "test" and "test". So, whatever you type in here as tag or as html tag, it's just blank. |
| 08:49 | So, you know some people can be funny and say my username is going to be an "image". Register. That doesn't work ! |
| 08:59 | It isn't echoed up here. |
| 09:01 | But if we take say "alex" and we click Register, it's taken into account. |
| 09:05 | So that's it. In the next tutorial, we will check if every single field is typed in as they are all required for registration. |
| 09:15 | Ok I'll see you in the next part. Bye. This is _________, dubbing for the Spoken Tutorial project. |
