PHP-and-MySQL/C4/User-Registration-Part-2/English-timed
From Script | Spoken-Tutorial
Revision as of 14:27, 10 July 2014 by Pratik kamble (Talk | contribs)
| Time | Narration |
| 00:00 | Welcome to the second part of the User registration tutorial. |
| 00:05 | In this part we will check the existence of these forms. Let us just get rid of these values in these fields that we've typed. |
| 00:12 | And we are going to do the encrypting of the password. |
| 00:16 | We are also going to move html tags. |
| 00:23 | Consider I am encrypting for my login part... Let me just open this file "login dot php".... And we will have to make a few adjustments to my page here. |
| 00:37 | We would be taking a password straight for our database. |
| 00:44 | So we need to change this "dbusername" value and our "dbpassword". |
| 00:50 | If you have not watched the 1st video you need to do so, to be able to write this code out. |
| 00:56 | Back to our "register dot php" and first of all we will check for "submit". |
| 01:02 | I don't have a "submit" variable at the moment. |
| 01:06 | So this will be equal to "dollar sign underscore POST" and now "submit". |
| 01:14 | This is because when the user clicks the submit button here, this will hold a value of "Register". |
| 01:23 | And this will say "if the user has clicked this button", then we can carry on with our code. |
| 01:31 | Now, the other values we need to get are the name of the user. So, the fullname of the user. I will just type "fullname = $ underscore POST" and "fullname". You can just see evidence of this here . |
| 01:51 | So, we are just mimicking the name given over here, once we have got fullname, username, password, repeat pasword, okay? |
| 01:59 | So, we have got "fullname" and now we have "username". |
| 02:09 | What I will do is, whenever I code, I copy and paste these down. |
| 02:12 | So "pasword" and "repeat password". Here is the "password" and "repeat password". I'm going to change these values. No need to type them out. |
| 02:26 | If you are new to php I would suggest that you type these out again and again just for practice. So you won't forget them. |
| 02:34 | So we have got all our values here. |
| 02:37 | So, if "submit". I'll just echo them out to show you that all these have been submitted correctly. |
| 02:49 | I suggest you do this for debugging. You might have spelt something wrong and its no good if you are trying to put data which is spelt wrong into your database. |
| 02:54 | Here I will say echo the "username" and forward slash and "password". Then "repeat password" and then "fullname" of the user followed by the line terminator. |
| 03:16 | So we have got all the data here that we have extracted from our form. |
| 03:21 | So I will just comment this as "form data". |
| 03:24 | You should now know how to do this by now. |
| 03:27 | If the form has been submitted, I am going to echo this out, to make sure it is there. |
| 03:32 | Here if I click "Register" nothing happens. I have been clicking and nothing is being done. |
| 03:40 | So here I will just type my full name and I can type my username and choose a password which will be "abc" for now. |
| 03:49 | Click on "Register" and nothings happened. |
| 03:52 | So "if submit", "POST submit". |
| 03:57 | This is why. In our "form action" we need to set a "method" which is going to be "POST". |
| 04:05 | I forgot to include that. |
| 04:07 | We need a method of "POST" otherwise it's default as "GET". Yes, you can see it all up here. |
| 4:13 | What I will do now is refresh this page and retype my data. |
| 04:21 | So that's "Alex Garrett" and username "alex". This will be "abc" and "abc". Click on "Register" and my data has been shown here. |
| 04:30 | We can check if its correct. My fullname was "Alex Garrett". My username chosen was "alex" and of course "abc" here and here. |
| 04:40 | Now I want to encrypt these passwords. |
| 04:43 | And if you read up on Google or any search engine about "MD5 encryption" that's "M D 5". Let me just write this down for you. It is a very useful way of encrypting data. |
| 04:54 | Let's just get rid of this. Now everything is right. Md5's function in php takes a string or numerical value, string value or just a data value. |
| 05:09 | And this is encrypted to MD5 encryption. |
| 05:13 | Lets say I encrypt "alex" to Md5. Let's echo it out and refresh. |
| 05:19 | Don't resend the data. So it should just come straight back from here and re-click on register. |
| 05:26 | Let's go here and see if "if submit" is ok. Let's take out this condition and refresh. |
| 05:34 | So that is my name encrypted in Md5. |
| 05:39 | It's always the same length and I believe its impossible to crack unless you encrypt a string and then you compare it to your two encrypted values. |
| 05:53 | If you don't understand this I have a tutorial on "MD5 encryption". So don't worry. Just go ahead and watch it. |
| 06:01 | Now I will say "if submit" and then our code. |
| 06:08 | My fullname, username and password are fine. |
| 06:10 | I will add this "MD5 encryption" around my submitted password and repeat password. |
| 06:21 | Don't forget that. |
| 06:23 | Then if I echo out, lets say, "password" and just have a break and "repeat password". |
| 06:32 | When I go to refresh or rather when I go to submit my form, I will say my password is "abc" and my repeat password is "abc". |
| 06:45 | Register that. |
| 06:46 | You can see that my 2 encrypted passwords are identical and both of them are ready to be put in the database. |
| 06:52 | Now if you say someone hacked into your database and finds out people's passwords which is typed in as abc, they will be able to get it easily. |
| 07:01 | Let me type it here. But now they won't be able to find what it is because that's encrypted. |
| 07;06 | Okay, we have got our passwords encrypted. Now we are going to strip any tags of our data and to do this we have strip tags. |
| 07:21 | "strip tags". This will strip HTML tags. |
| 07:25 | When I am using my password, I will not say "strip tags" before the "md5" function. |
| 07:36 | I will use the "md5" Function to encrypt the already striped version of my password. |
| 07:41 | So that should be fine. |
| 07:43 | Let me copy and past that down there. |
| 07:46 | Ok, that's done and lets go back and see that. |
| 07:54 | I type in "html" here and for my username I say "body" and just keep my password as "abc". |
| 08:02 | Lets go and echo out "username" and just add a break. |
| 08:12 | Fullname. Echoing out all that will be typed in here. |
| 08:19 | I will just type "test" after this and "test" after this. |
| 08:23 | Now this "strip tag" function must get rid of this "html" and this "body". |
| 08:27 | You should just have "test" and "test" given to us. |
| 08:31 | Oh! We have got an error. |
| 08:34 | Lets go back and check. Didn't use the line terminator. Refresh and Resend the data. |
| 08:38 | As you can see over here, we got "test" and "test". So whatever you type in here as tag or as html tag, its just blank. |
| 08:49 | So you know some people can be funny and say my username is going to be an "image". Register. That doesn't work ! |
| 08:59 | It isn't echoed up here. |
| 09:01 | But if we take say "alex" and we click "Register", its taken into account. |
| 09:05 | So that's it. In the next tutorial we will check if every single field is typed in as they are all required for registration. |
| 09:15 | Ok I'll see you in the next part. Bye. This is _________ dubbing for the Spoken Tutorial project. |
