PHP-and-MySQL/C4/User-Registration-Part-2/English-timed

From Script | Spoken-Tutorial
Revision as of 16:52, 2 September 2014 by Gaurav (Talk | contribs)

Jump to: navigation, search
Time Narration
00:00 Welcome to the second part of the User registration tutorial.
00:05 In this part we will check the existence of these forms. Let us just get rid of these values in these fields that we've typed.
00:12 And we are going to do the encrypting of the password.
00:16 We are also going to move html tags.
00:23 Consider I am encrypting for my login part... Let me just open this file "login dot php".... And we will have to make a few adjustments to my page here.
00:37 We would be taking a password straight for our database.
00:44 So we need to change this "dbusername" value and our "dbpassword".
00:50 If you have not watched the 1st video you need to do so, to be able to write this code out.
00:56 Back to our "register dot php" and first of all we will check for "submit".
01:02 I don't have a "submit" variable at the moment.
01:06 So this will be equal to "dollar sign underscore POST" and now "submit".
01:14 This is because when the user clicks the submit button here, this will hold a value of "Register".
01:23 And this will say "if the user has clicked this button", then we can carry on with our code.
01:31 Now, the other values we need to get are the name of the user. So, the fullname of the user. I will just type "fullname = $ underscore POST" and "fullname". You can just see evidence of this here .
01:51 So, we are just mimicking the name given over here, once we have got fullname, username, password, repeat pasword, okay?
01:59 So, we have got "fullname" and now we have "username".
02:09 What I will do is, whenever I code, I copy and paste these down.
02:12 So "pasword" and "repeat password". Here is the "password" and "repeat password". I'm going to change these values. No need to type them out.
02:26 If you are new to php I would suggest that you type these out again and again just for practice. So you won't forget them.
02:34 So we have got all our values here.
02:37 So, if "submit". I'll just echo them out to show you that all these have been submitted correctly.
02:49 I suggest you do this for debugging. You might have spelt something wrong and its no good if you are trying to put data which is spelt wrong into your database.
02:54 Here I will say echo the "username" and forward slash and "password". Then "repeat password" and then "fullname" of the user followed by the line terminator.
03:16 So we have got all the data here that we have extracted from our form.
03:21 So I will just comment this as "form data".
03:24 You should now know how to do this by now.
03:27 If the form has been submitted, I am going to echo this out, to make sure it is there.
03:32 Here if I click "Register" nothing happens. I have been clicking and nothing is being done.
03:40 So here I will just type my full name and I can type my username and choose a password which will be "abc" for now.
03:49 Click on "Register" and nothings happened.
03:52 So "if submit", "POST submit".
03:57 This is why. In our "form action" we need to set a "method" which is going to be "POST".
04:05 I forgot to include that.
04:07 We need a method of "POST" otherwise it's default as "GET". Yes, you can see it all up here.
04:13 What I will do now is refresh this page and retype my data.
04:21 So that's "Alex Garrett" and username "alex". This will be "abc" and "abc". Click on "Register" and my data has been shown here.
04:30 We can check if its correct. My fullname was "Alex Garrett". My username chosen was "alex" and of course "abc" here and here.
04:40 Now I want to encrypt these passwords.
04:43 And if you read up on Google or any search engine about "MD5 encryption" that's "M D 5". Let me just write this down for you. It is a very useful way of encrypting data.
04:54 Let's just get rid of this. Now everything is right. Md5's function in php takes a string or numerical value, string value or just a data value.
05:09 And this is encrypted to MD5 encryption.
05:13 Lets say I encrypt "alex" to Md5. Let's echo it out and refresh.
05:19 Don't resend the data. So it should just come straight back from here and re-click on register.
05:26 Let's go here and see if "if submit" is ok. Let's take out this condition and refresh.
05:34 So that is my name encrypted in Md5.
05:39 It's always the same length and I believe its impossible to crack unless you encrypt a string and then you compare it to your two encrypted values.
05:53 If you don't understand this I have a tutorial on "MD5 encryption". So don't worry. Just go ahead and watch it.
06:01 Now I will say "if submit" and then our code.
06:08 My fullname, username and password are fine.
06:10 I will add this "MD5 encryption" around my submitted password and repeat password.
06:21 Don't forget that.
06:23 Then if I echo out, lets say, "password" and just have a break and "repeat password".
06:32 When I go to refresh or rather when I go to submit my form, I will say my password is "abc" and my repeat password is "abc".
06:45 Register that.
06:46 You can see that my 2 encrypted passwords are identical and both of them are ready to be put in the database.
06:52 Now if you say someone hacked into your database and finds out people's passwords which is typed in as abc, they will be able to get it easily.
07:01 Let me type it here. But now they won't be able to find what it is because that's encrypted.
07;06 Okay, we have got our passwords encrypted. Now we are going to strip any tags of our data and to do this we have strip tags.
07:21 "strip tags". This will strip HTML tags.
07:25 When I am using my password, I will not say "strip tags" before the "md5" function.
07:36 I will use the "md5" Function to encrypt the already striped version of my password.
07:41 So that should be fine.
07:43 Let me copy and past that down there.
07:46 Ok, that's done and lets go back and see that.
07:54 I type in "html" here and for my username I say "body" and just keep my password as "abc".
08:02 Lets go and echo out "username" and just add a break.
08:12 Fullname. Echoing out all that will be typed in here.
08:19 I will just type "test" after this and "test" after this.
08:23 Now this "strip tag" function must get rid of this "html" and this "body".
08:27 You should just have "test" and "test" given to us.
08:31 Oh! We have got an error.
08:34 Lets go back and check. Didn't use the line terminator. Refresh and Resend the data.
08:38 As you can see over here, we got "test" and "test". So whatever you type in here as tag or as html tag, its just blank.
08:49 So you know some people can be funny and say my username is going to be an "image". Register. That doesn't work !
08:59 It isn't echoed up here.
09:01 But if we take say "alex" and we click "Register", its taken into account.
09:05 So that's it. In the next tutorial we will check if every single field is typed in as they are all required for registration.
09:15 Ok I'll see you in the next part. Bye. This is _________ dubbing for the Spoken Tutorial project.

Contributors and Content Editors

Gaurav, Gyan, PoojaMoolya, Pratik kamble, Sandhya.np14