PHP-and-MySQL/C4/User-Registration-Part-2/English
From Script | Spoken-Tutorial
Revision as of 21:33, 1 December 2012 by Pravin1389 (Talk | contribs)
Time | Narration |
---|---|
0:00 | Welcome to the second part of the User registration tutorial. |
0:05 | In this part we will check the existence of these forms. Let us just get rid of these values in these fields that we've typed. |
0:12 | And we are going to do the encrypting of the password. |
0:16 | We are also going to move html tags. |
0:23 | Consider I am encrypting for my login part... Let me just open this file "login dot php".... And we will have to make a few adjustments to my page here. |
0:37 | We would be taking a password straight for our database. |
0:44 | So we need to change this "dbusername" value and our "dbpassword". |
0:50 | If you have not watched the 1st video you need to do so, to be able to write this code out. |
0:56 | Back to our "register dot php" and first of all we will check for "submit". |
1:02 | I don't have a "submit" variable at the moment. |
1:06 | So this will be equal to "dollar sign underscore POST" and now "submit". |
1:14 | This is because when the user clicks the submit button here, this will hold a value of "Register". |
1:23 | And this will say "if the user has clicked this button", then we can carry on with our code. |
1:31 | Now, the other values we need to get are the name of the user. So, the fullname of the user. I will just type "fullname = $ underscore POST" and "fullname". You can just see evidence of this here . |
1:51 | So, we are just mimicking the name given over here, once we have got fullname, username, password, repeat pasword, okay? |
1:59 | So, we have got "fullname" and now we have "username". |
2:09 | What I will do is, whenever I code, I copy and paste these down. |
2:12 | So "pasword" and "repeat password". Here is the "password" and "repeat password". I'm going to change these values. No need to type them out. |
2:26 | If you are new to php I would suggest that you type these out again and again just for practice. So you won't forget them. |
2:34 | So we have got all our values here. |
2:37 | So, if "submit". I'll just echo them out to show you that all these have been submitted correctly. |
2:49 | I suggest you do this for debugging. You might have spelt something wrong and its no good if you are trying to put data which is spelt wrong into your database. |
2:54 | Here I will say echo the "username" and forward slash and "password". Then "repeat password" and then "fullname" of the user followed by the line terminator. |
3:16 | So we have got all the data here that we have extracted from our form. |
3:21 | So I will just comment this as "form data". |
3:24 | You should now know how to do this by now. |
3:27 | If the form has been submitted, I am going to echo this out, to make sure it is there. |
3:32 | Here if I click "Register" nothing happens. I have been clicking and nothing is being done. |
3:40 | So here I will just type my full name and I can type my username and choose a password which will be "abc" for now. |
3:49 | Click on "Register" and nothings happened. |
3:52 | So "if submit", "POST submit". |
3:57 | This is why. In our "form action" we need to set a "method" which is going to be "POST". |
4:05 | I forgot to include that. |
4:07 | We need a method of "POST" otherwise it's default as "GET". Yes, you can see it all up here. |
4:13 | What I will do now is refresh this page and retype my data. |
4:21 | So that's "Alex Garrett" and username "alex". This will be "abc" and "abc". Click on "Register" and my data has been shown here. |
4:30 | We can check if its correct. My fullname was "Alex Garrett". My username chosen was "alex" and of course "abc" here and here. |
4:40 | Now I want to encrypt these passwords. |
4:43 | And if you read up on Google or any search engine about "MD5 encryption" that's "M D 5". Let me just write this down for you. It is a very useful way of encrypting data. |
4:54 | Let's just get rid of this. Now everything is right. Md5's function in php takes a string or numerical value, string value or just a data value. |
5:09 | And this is encrypted to MD5 encryption. |
5:13 | Lets say I encrypt "alex" to Md5. Let's echo it out and refresh. |
5:19 | Don't resend the data. So it should just come straight back from here and re-click on register. |
5:26 | Let's go here and see if "if submit" is ok. Let's take out this condition and refresh. |
5:34 | So that is my name encrypted in Md5. |
5:39 | It's always the same length and I believe its impossible to crack unless you encrypt a string and then you compare it to your two encrypted values. |
5:53 | If you don't understand this I have a tutorial on "MD5 encryption". So don't worry. Just go ahead and watch it. |
6:01 | Now I will say "if submit" and then our code. |
6:08 | My fullname, username and password are fine. |
6:10 | I will add this "MD5 encryption" around my submitted password and repeat password. |
6:21 | Don't forget that. |
6:23 | Then if I echo out, lets say, "password" and just have a break and "repeat password". |
6:32 | When I go to refresh or rather when I go to submit my form, I will say my password is "abc" and my repeat password is "abc". |
6:45 | Register that. |
6:46 | You can see that my 2 encrypted passwords are identical and both of them are ready to be put in the database. |
6:52 | Now if you say someone hacked into your database and finds out people's passwords which is typed in as abc, they will be able to get it easily. |
7:01 | Let me type it here. But now they won't be able to find what it is because that's encrypted. |
7;06 | Okay, we have got our passwords encrypted. Now we are going to strip any tags of our data and to do this we have strip tags. |
7:21 | "strip tags". This will strip HTML tags. |
7:25 | When I am using my password, I will not say "strip tags" before the "md5" function. |
7:36 | I will use the "md5" Function to encrypt the already striped version of my password. |
7:41 | So that should be fine. |
7:43 | Let me copy and past that down there. |
7:46 | Ok, that's done and lets go back and see that. |
7:54 | I type in "html" here and for my username I say "body" and just keep my password as "abc". |
8:02 | Lets go and echo out "username" and just add a break. |
8:12 | Fullname. Echoing out all that will be typed in here. |
8:19 | I will just type "test" after this and "test" after this. |
8:23 | Now this "strip tag" function must get rid of this "html" and this "body". |
8:27 | You should just have "test" and "test" given to us. |
8:31 | Oh! We have got an error. |
8:34 | Lets go back and check. Didn't use the line terminator. Refresh and Resend the data. |
8:38 | As you can see over here, we got "test" and "test". So whatever you type in here as tag or as html tag, its just blank. |
8:49 | So you know some people can be funny and say my username is going to be an "image". Register. That doesn't work ! |
8:59 | It isn't echoed up here. |
9:01 | But if we take say "alex" and we click "Register", its taken into account. |
9:05 | So that's it. In the next tutorial we will check if every single field is typed in as they are all required for registration. |
9:15 | Ok I'll see you in the next part. Bye. This is _________ dubbing for the Spoken Tutorial project. |