Difference between revisions of "PHP-and-MySQL/C4/User-Registration-Part-2/English-timed"
From Script | Spoken-Tutorial
PoojaMoolya (Talk | contribs) |
|||
(3 intermediate revisions by 2 users not shown) | |||
Line 4: | Line 4: | ||
|- | |- | ||
|00:00 | |00:00 | ||
− | |Welcome to the second part of the User registration tutorial. | + | |Welcome to the second part of the '''User registration''' tutorial. |
|- | |- | ||
|00:05 | |00:05 | ||
− | |In this part we will check the existence of these forms. Let us just get rid of these values in these fields that we've typed. | + | |In this part, we will check the existence of these '''forms'''. Let us just get rid of these values in these '''fields''' that we've typed. |
|- | |- | ||
|00:12 | |00:12 | ||
Line 13: | Line 13: | ||
|- | |- | ||
|00:16 | |00:16 | ||
− | |We are also going to move html tags. | + | |We are also going to move '''html tags'''. |
|- | |- | ||
|00:23 | |00:23 | ||
− | |Consider I am encrypting for my login part... Let me just open this file "login dot php".... | + | |Consider I am encrypting for my login part... Let me just open this file "login dot php".... and we will have to make a few adjustments to my page here. |
|- | |- | ||
|00:37 | |00:37 | ||
Line 22: | Line 22: | ||
|- | |- | ||
|00:44 | |00:44 | ||
− | |So we need to change this "dbusername" value and our "dbpassword". | + | |So we need to change this "$dbusername" value and our "$dbpassword". |
|- | |- | ||
|00:50 | |00:50 | ||
Line 31: | Line 31: | ||
|- | |- | ||
|01:02 | |01:02 | ||
− | |I don't have a "submit" variable at the moment. | + | |I don't have a "$submit" variable at the moment. |
|- | |- | ||
|01:06 | |01:06 | ||
− | |So this will be equal to "dollar sign underscore POST" and now "submit". | + | |So, this will be equal to "dollar sign underscore POST" and now "submit". |
|- | |- | ||
|01:14 | |01:14 | ||
− | |This is because when the user clicks the submit button here, this will hold a value of "Register". | + | |This is because when the user clicks the 'submit' button here, this will hold a value of "Register". |
|- | |- | ||
|01:23 | |01:23 | ||
− | |And this will say "if the user has clicked this button" | + | |And this will say- "if the user has clicked this button" then we can carry on with our code. |
|- | |- | ||
|01:31 | |01:31 | ||
− | |Now, the other values we need to get are the name of the user. So, the fullname of the user. I will just type "fullname = $ underscore POST" and "fullname". You can just see evidence of this here . | + | |Now, the other values we need to get are the name of the user. So, the fullname of the user. I will just type "$fullname = $ underscore POST" and "fullname". You can just see evidence of this here . |
|- | |- | ||
|01:51 | |01:51 | ||
− | |So, we are just mimicking the name given over here, once we have got fullname, username, password, repeat pasword | + | |So, we are just mimicking the name given over here, once we have got 'fullname', 'username', 'password', 'repeat pasword' okay? |
|- | |- | ||
|01:59 | |01:59 | ||
− | |So, we have got "fullname" and now we have "username". | + | |So, we have got "$fullname" and now we have "$username". |
|- | |- | ||
|02:09 | |02:09 | ||
Line 55: | Line 55: | ||
|- | |- | ||
|02:12 | |02:12 | ||
− | |So "pasword" and "repeat password". Here is the "password" and "repeat password". I'm going to change these values. No need to type them out. | + | |So "pasword" and "repeat password". Here is the "$password" and "$repeat password". I'm going to change these values. No need to type them out. |
|- | |- | ||
|02:26 | |02:26 | ||
− | |If you are new to php I would suggest that you type these out again and again just for practice. So you won't forget them. | + | |If you are new to php, I would suggest that you type these out again and again just for practice. So you won't forget them. |
|- | |- | ||
|02:34 | |02:34 | ||
− | |So we have got all our values here. | + | |So, we have got all our values here. |
|- | |- | ||
|02:37 | |02:37 | ||
− | |So, if "submit". I'll just echo them out to show you that all these have been submitted correctly. | + | |So, if "$submit". I'll just '''echo''' them out to show you that all these have been submitted correctly. |
|- | |- | ||
|02:49 | |02:49 | ||
− | |I suggest you do this for debugging. You might have spelt something wrong and | + | |I suggest you do this for debugging. You might have spelt something wrong and it's no good if you are trying to put data which is spelt wrong into your database. |
|- | |- | ||
|02:54 | |02:54 | ||
− | |Here I will say echo the "username" and forward slash and "password". Then "repeat password" and then "fullname" of the user followed by the line terminator. | + | |Here, I will say '''echo''' the "$username" and forward slash and "$password". Then "$repeat password" and then "$fullname" of the user followed by the line terminator. |
|- | |- | ||
|03:16 | |03:16 | ||
− | |So we have got all the data here that we have extracted from our form. | + | |So we have got all the data here that we have extracted from our '''form'''. |
|- | |- | ||
|03:21 | |03:21 | ||
− | |So I will just comment this as "form data". | + | |So, I will just comment this as "form data". |
|- | |- | ||
|03:24 | |03:24 | ||
Line 82: | Line 82: | ||
|- | |- | ||
|03:27 | |03:27 | ||
− | |If the form has been submitted, I am going to echo this out, to make sure it is there. | + | |If the '''form''' has been submitted, I am going to '''echo''' this out, to make sure it is there. |
|- | |- | ||
|03:32 | |03:32 | ||
− | |Here if I click | + | |Here, if I click '''Register''' nothing happens. I have been clicking and nothing is being done. |
|- | |- | ||
|03:40 | |03:40 | ||
− | |So here I will just type my full name and I can type my username and choose a password which will be "abc" for now. | + | |So, here I will just type my full name and I can type my username and choose a password which will be "abc" for now. |
|- | |- | ||
|03:49 | |03:49 | ||
− | |Click on | + | |Click on '''Register''' and nothing happened. |
|- | |- | ||
|03:52 | |03:52 | ||
− | |So | + | |So '''if''' "submit", "POST submit". |
|- | |- | ||
|03:57 | |03:57 | ||
− | |This is why. In our | + | |This is why. In our '''form action''', we need to set a '''method''' which is going to be "POST". |
|- | |- | ||
|04:05 | |04:05 | ||
Line 103: | Line 103: | ||
|- | |- | ||
|04:07 | |04:07 | ||
− | |We need a method of "POST" otherwise it's default as "GET". Yes, you can see it all up | + | |We need a '''method''' of "POST" otherwise it's default as "GET". Yes, you can see it all up there. |
|- | |- | ||
− | | | + | |04:13 |
|What I will do now is refresh this page and retype my data. | |What I will do now is refresh this page and retype my data. | ||
|- | |- | ||
|04:21 | |04:21 | ||
− | |So that's "Alex Garrett" and username "alex". This will be "abc" and "abc". Click on | + | |So that's "Alex Garrett" and username "alex". This will be "abc" and "abc". Click on '''Register''' and my data has been shown here. |
|- | |- | ||
|04:30 | |04:30 | ||
− | |We can check if | + | |We can check if it's correct. My 'fullname' was "Alex Garrett". My 'username' chosen was "alex" and of course "abc" here and here. |
|- | |- | ||
|04:40 | |04:40 | ||
Line 118: | Line 118: | ||
|- | |- | ||
|04:43 | |04:43 | ||
− | |And if you read up on Google or any search engine about "MD5 encryption" that's "M D 5". Let me just write this down for you. It is a very useful way of encrypting data. | + | |And if you read up on Google or any search engine about "MD5 encryption" that's "M D 5". Let's just get rid of this. Let me just write this down for you. It is a very useful way of encrypting data. |
|- | |- | ||
|04:54 | |04:54 | ||
− | | | + | | Now everything is right. Md5's function in php takes a '''string''' or a numerical value, string value or just a data value. |
|- | |- | ||
|05:09 | |05:09 | ||
Line 127: | Line 127: | ||
|- | |- | ||
|05:13 | |05:13 | ||
− | | | + | |Let's say I encrypt "alex" to Md5. Let's '''echo''' it out and refresh. |
|- | |- | ||
|05:19 | |05:19 | ||
− | |Don't resend the data. So it should just come straight back from here and re-click on | + | |Don't resend the data. So it should just come straight back from here and re-click on '''Register'''. |
|- | |- | ||
|05:26 | |05:26 | ||
− | |Let's go here and see if | + | |Let's go here and see if '''if''' "$submit" is ok. Let's take out this condition and refresh. |
|- | |- | ||
|05:34 | |05:34 | ||
− | |So that is my name encrypted in Md5. | + | |So, that is my name encrypted in Md5. |
|- | |- | ||
|05:39 | |05:39 | ||
− | |It's always the same length and I believe its impossible to crack unless you encrypt a string and then you compare it to your two encrypted values. | + | |It's always the same length and I believe its impossible to crack unless you encrypt a '''string''' and then you compare it to your two encrypted values. |
|- | |- | ||
|05:53 | |05:53 | ||
− | |If you don't understand this I have a tutorial on | + | |If you don't understand this I have a tutorial on '''MD5 encryption'''. So don't worry. Just go ahead and watch it. |
|- | |- | ||
|06:01 | |06:01 | ||
− | |Now I will say | + | |Now I will say '''if''' "$submit" and then our code. |
|- | |- | ||
|06:08 | |06:08 | ||
− | |My fullname, username and password are fine. | + | |My 'fullname', 'username' and 'password' are fine. |
|- | |- | ||
|06:10 | |06:10 | ||
− | |I will add this "MD5 encryption" around my submitted password and repeat password. | + | |I will add this "MD5 encryption" around my submitted 'password' and 'repeat password'. |
|- | |- | ||
|06:21 | |06:21 | ||
Line 157: | Line 157: | ||
|- | |- | ||
|06:23 | |06:23 | ||
− | | | + | | If I '''echo''' out, let's say, "$password" and just have a '''break''' and "$repeat password", |
|- | |- | ||
|06:32 | |06:32 | ||
− | | | + | |when I go to refresh or rather when I go to submit my form, I will say my 'password' is "abc" and my 'repeat password' is "abc". |
|- | |- | ||
|06:45 | |06:45 | ||
− | |Register that. | + | |Register that. You can see that my 2 encrypted passwords are identical and both of them are ready to be put in the database. |
− | + | ||
− | + | ||
− | + | ||
|- | |- | ||
|06:52 | |06:52 | ||
− | |Now if you say someone hacked into your database and finds out people's passwords which is typed in as abc, they will be able to get it easily. | + | |Now if you say someone hacked into your database and finds out people's passwords which is typed in as "abc", they will be able to get it easily. |
|- | |- | ||
|07:01 | |07:01 | ||
|Let me type it here. But now they won't be able to find what it is because that's encrypted. | |Let me type it here. But now they won't be able to find what it is because that's encrypted. | ||
|- | |- | ||
− | |07 | + | |07:06 |
− | |Okay, we have got our passwords encrypted. Now we are going to strip any tags of our data and to do this we have | + | |Okay, we have got our passwords encrypted. Now we are going to strip any tags of our data and to do this we have 'strip_tags'. |
|- | |- | ||
|07:21 | |07:21 | ||
− | |" | + | |"strip_tags". These will strip '''HTML tags'''. |
|- | |- | ||
|07:25 | |07:25 | ||
Line 190: | Line 187: | ||
|- | |- | ||
|07:43 | |07:43 | ||
− | |Let me copy and | + | |Let me copy and paste that down there. |
|- | |- | ||
|07:46 | |07:46 | ||
− | |Ok, that's done and | + | |Ok, that's done and let's go back and see that. |
|- | |- | ||
|07:54 | |07:54 | ||
− | |I type in "html" here and for my username I say "body" and just keep my password as "abc". | + | |I type in "html" here and for my '''username''' I say "body" and just keep my '''password''' as "abc". |
|- | |- | ||
|08:02 | |08:02 | ||
− | | | + | |Let's go and '''echo''' out "username" and just add a '''break'''. |
|- | |- | ||
|08:12 | |08:12 | ||
− | | | + | |'$fullname'. Echoing out all that will be typed in here. |
|- | |- | ||
|08:19 | |08:19 | ||
Line 217: | Line 214: | ||
|- | |- | ||
|08:34 | |08:34 | ||
− | | | + | |Let's go back and check. Didn't use the line terminator. '''Refresh''' and '''Resend''' the data. |
|- | |- | ||
|08:38 | |08:38 | ||
− | |As you can see over here, we got "test" and "test". So whatever you type in here as tag or as html tag, | + | |As you can see over here, we got "test" and "test". So, whatever you type in here as '''tag''' or as '''html tag''', it's just blank. |
|- | |- | ||
|08:49 | |08:49 | ||
− | |So you know some people can be funny and say my username is going to be an "image". Register. That doesn't work ! | + | |So, you know some people can be funny and say my username is going to be an "image". '''Register'''. That doesn't work ! |
|- | |- | ||
|08:59 | |08:59 | ||
Line 229: | Line 226: | ||
|- | |- | ||
|09:01 | |09:01 | ||
− | |But if we take say "alex" and we click | + | |But if we take say "alex" and we click '''Register''', it's taken into account. |
|- | |- | ||
|09:05 | |09:05 | ||
− | |So that's it. In the next tutorial we will check if every single field is typed in as they are all required for registration. | + | |So that's it. In the next tutorial, we will check if every single '''field''' is typed in as they are all required for registration. |
|- | |- | ||
|09:15 | |09:15 | ||
− | |Ok I'll see you in the next part. Bye. This is _________ dubbing for the Spoken Tutorial project. | + | |Ok I'll see you in the next part. Bye. This is _________, dubbing for the Spoken Tutorial project. |
Latest revision as of 17:55, 24 March 2017
Time | Narration |
00:00 | Welcome to the second part of the User registration tutorial. |
00:05 | In this part, we will check the existence of these forms. Let us just get rid of these values in these fields that we've typed. |
00:12 | And we are going to do the encrypting of the password. |
00:16 | We are also going to move html tags. |
00:23 | Consider I am encrypting for my login part... Let me just open this file "login dot php".... and we will have to make a few adjustments to my page here. |
00:37 | We would be taking a password straight for our database. |
00:44 | So we need to change this "$dbusername" value and our "$dbpassword". |
00:50 | If you have not watched the 1st video you need to do so, to be able to write this code out. |
00:56 | Back to our "register dot php" and first of all we will check for "submit". |
01:02 | I don't have a "$submit" variable at the moment. |
01:06 | So, this will be equal to "dollar sign underscore POST" and now "submit". |
01:14 | This is because when the user clicks the 'submit' button here, this will hold a value of "Register". |
01:23 | And this will say- "if the user has clicked this button" then we can carry on with our code. |
01:31 | Now, the other values we need to get are the name of the user. So, the fullname of the user. I will just type "$fullname = $ underscore POST" and "fullname". You can just see evidence of this here . |
01:51 | So, we are just mimicking the name given over here, once we have got 'fullname', 'username', 'password', 'repeat pasword' okay? |
01:59 | So, we have got "$fullname" and now we have "$username". |
02:09 | What I will do is, whenever I code, I copy and paste these down. |
02:12 | So "pasword" and "repeat password". Here is the "$password" and "$repeat password". I'm going to change these values. No need to type them out. |
02:26 | If you are new to php, I would suggest that you type these out again and again just for practice. So you won't forget them. |
02:34 | So, we have got all our values here. |
02:37 | So, if "$submit". I'll just echo them out to show you that all these have been submitted correctly. |
02:49 | I suggest you do this for debugging. You might have spelt something wrong and it's no good if you are trying to put data which is spelt wrong into your database. |
02:54 | Here, I will say echo the "$username" and forward slash and "$password". Then "$repeat password" and then "$fullname" of the user followed by the line terminator. |
03:16 | So we have got all the data here that we have extracted from our form. |
03:21 | So, I will just comment this as "form data". |
03:24 | You should now know how to do this by now. |
03:27 | If the form has been submitted, I am going to echo this out, to make sure it is there. |
03:32 | Here, if I click Register nothing happens. I have been clicking and nothing is being done. |
03:40 | So, here I will just type my full name and I can type my username and choose a password which will be "abc" for now. |
03:49 | Click on Register and nothing happened. |
03:52 | So if "submit", "POST submit". |
03:57 | This is why. In our form action, we need to set a method which is going to be "POST". |
04:05 | I forgot to include that. |
04:07 | We need a method of "POST" otherwise it's default as "GET". Yes, you can see it all up there. |
04:13 | What I will do now is refresh this page and retype my data. |
04:21 | So that's "Alex Garrett" and username "alex". This will be "abc" and "abc". Click on Register and my data has been shown here. |
04:30 | We can check if it's correct. My 'fullname' was "Alex Garrett". My 'username' chosen was "alex" and of course "abc" here and here. |
04:40 | Now I want to encrypt these passwords. |
04:43 | And if you read up on Google or any search engine about "MD5 encryption" that's "M D 5". Let's just get rid of this. Let me just write this down for you. It is a very useful way of encrypting data. |
04:54 | Now everything is right. Md5's function in php takes a string or a numerical value, string value or just a data value. |
05:09 | And this is encrypted to MD5 encryption. |
05:13 | Let's say I encrypt "alex" to Md5. Let's echo it out and refresh. |
05:19 | Don't resend the data. So it should just come straight back from here and re-click on Register. |
05:26 | Let's go here and see if if "$submit" is ok. Let's take out this condition and refresh. |
05:34 | So, that is my name encrypted in Md5. |
05:39 | It's always the same length and I believe its impossible to crack unless you encrypt a string and then you compare it to your two encrypted values. |
05:53 | If you don't understand this I have a tutorial on MD5 encryption. So don't worry. Just go ahead and watch it. |
06:01 | Now I will say if "$submit" and then our code. |
06:08 | My 'fullname', 'username' and 'password' are fine. |
06:10 | I will add this "MD5 encryption" around my submitted 'password' and 'repeat password'. |
06:21 | Don't forget that. |
06:23 | If I echo out, let's say, "$password" and just have a break and "$repeat password", |
06:32 | when I go to refresh or rather when I go to submit my form, I will say my 'password' is "abc" and my 'repeat password' is "abc". |
06:45 | Register that. You can see that my 2 encrypted passwords are identical and both of them are ready to be put in the database. |
06:52 | Now if you say someone hacked into your database and finds out people's passwords which is typed in as "abc", they will be able to get it easily. |
07:01 | Let me type it here. But now they won't be able to find what it is because that's encrypted. |
07:06 | Okay, we have got our passwords encrypted. Now we are going to strip any tags of our data and to do this we have 'strip_tags'. |
07:21 | "strip_tags". These will strip HTML tags. |
07:25 | When I am using my password, I will not say "strip tags" before the "md5" function. |
07:36 | I will use the "md5" Function to encrypt the already striped version of my password. |
07:41 | So that should be fine. |
07:43 | Let me copy and paste that down there. |
07:46 | Ok, that's done and let's go back and see that. |
07:54 | I type in "html" here and for my username I say "body" and just keep my password as "abc". |
08:02 | Let's go and echo out "username" and just add a break. |
08:12 | '$fullname'. Echoing out all that will be typed in here. |
08:19 | I will just type "test" after this and "test" after this. |
08:23 | Now this "strip tag" function must get rid of this "html" and this "body". |
08:27 | You should just have "test" and "test" given to us. |
08:31 | Oh! We have got an error. |
08:34 | Let's go back and check. Didn't use the line terminator. Refresh and Resend the data. |
08:38 | As you can see over here, we got "test" and "test". So, whatever you type in here as tag or as html tag, it's just blank. |
08:49 | So, you know some people can be funny and say my username is going to be an "image". Register. That doesn't work ! |
08:59 | It isn't echoed up here. |
09:01 | But if we take say "alex" and we click Register, it's taken into account. |
09:05 | So that's it. In the next tutorial, we will check if every single field is typed in as they are all required for registration. |
09:15 | Ok I'll see you in the next part. Bye. This is _________, dubbing for the Spoken Tutorial project. |