PHP-and-MySQL/C4/User-Registration-Part-2/English

From Script | Spoken-Tutorial
Jump to: navigation, search
Time Narration
0:00 Welcome to the second part of the User registration tutorial.
0:05 In this part we will check the existence of these forms. Let us just get rid of these values in these fields that we've typed.
0:12 And we are going to do the encrypting of the password.
0:16 We are also going to move html tags.
0:23 Consider I am encrypting for my login part... Let me just open this file "login dot php".... And we will have to make a few adjustments to my page here.
0:37 We would be taking a password straight for our database.
0:44 So we need to change this "dbusername" value and our "dbpassword".
0:50 If you have not watched the 1st video you need to do so, to be able to write this code out.
0:56 Back to our "register dot php" and first of all we will check for "submit".
1:02 I don't have a "submit" variable at the moment.
1:06 So this will be equal to "dollar sign underscore POST" and now "submit".
1:14 This is because when the user clicks the submit button here, this will hold a value of "Register".
1:23 And this will say "if the user has clicked this button", then we can carry on with our code.
1:31 Now, the other values we need to get are the name of the user. So, the fullname of the user. I will just type "fullname = $ underscore POST" and "fullname". You can just see evidence of this here .
1:51 So, we are just mimicking the name given over here, once we have got fullname, username, password, repeat pasword, okay?
1:59 So, we have got "fullname" and now we have "username".
2:09 What I will do is, whenever I code, I copy and paste these down.
2:12 So "pasword" and "repeat password". Here is the "password" and "repeat password". I'm going to change these values. No need to type them out.
2:26 If you are new to php I would suggest that you type these out again and again just for practice. So you won't forget them.
2:34 So we have got all our values here.
2:37 So, if "submit". I'll just echo them out to show you that all these have been submitted correctly.
2:49 I suggest you do this for debugging. You might have spelt something wrong and its no good if you are trying to put data which is spelt wrong into your database.
2:54 Here I will say echo the "username" and forward slash and "password". Then "repeat password" and then "fullname" of the user followed by the line terminator.
3:16 So we have got all the data here that we have extracted from our form.
3:21 So I will just comment this as "form data".
3:24 You should now know how to do this by now.
3:27 If the form has been submitted, I am going to echo this out, to make sure it is there.
3:32 Here if I click "Register" nothing happens. I have been clicking and nothing is being done.
3:40 So here I will just type my full name and I can type my username and choose a password which will be "abc" for now.
3:49 Click on "Register" and nothings happened.
3:52 So "if submit", "POST submit".
3:57 This is why. In our "form action" we need to set a "method" which is going to be "POST".
4:05 I forgot to include that.
4:07 We need a method of "POST" otherwise it's default as "GET". Yes, you can see it all up here.
4:13 What I will do now is refresh this page and retype my data.
4:21 So that's "Alex Garrett" and username "alex". This will be "abc" and "abc". Click on "Register" and my data has been shown here.
4:30 We can check if its correct. My fullname was "Alex Garrett". My username chosen was "alex" and of course "abc" here and here.
4:40 Now I want to encrypt these passwords.
4:43 And if you read up on Google or any search engine about "MD5 encryption" that's "M D 5". Let me just write this down for you. It is a very useful way of encrypting data.
4:54 Let's just get rid of this. Now everything is right. Md5's function in php takes a string or numerical value, string value or just a data value.
5:09 And this is encrypted to MD5 encryption.
5:13 Lets say I encrypt "alex" to Md5. Let's echo it out and refresh.
5:19 Don't resend the data. So it should just come straight back from here and re-click on register.
5:26 Let's go here and see if "if submit" is ok. Let's take out this condition and refresh.
5:34 So that is my name encrypted in Md5.
5:39 It's always the same length and I believe its impossible to crack unless you encrypt a string and then you compare it to your two encrypted values.
5:53 If you don't understand this I have a tutorial on "MD5 encryption". So don't worry. Just go ahead and watch it.
6:01 Now I will say "if submit" and then our code.
6:08 My fullname, username and password are fine.
6:10 I will add this "MD5 encryption" around my submitted password and repeat password.
6:21 Don't forget that.
6:23 Then if I echo out, lets say, "password" and just have a break and "repeat password".
6:32 When I go to refresh or rather when I go to submit my form, I will say my password is "abc" and my repeat password is "abc".
6:45 Register that.
6:46 You can see that my 2 encrypted passwords are identical and both of them are ready to be put in the database.
6:52 Now if you say someone hacked into your database and finds out people's passwords which is typed in as abc, they will be able to get it easily.
7:01 Let me type it here. But now they won't be able to find what it is because that's encrypted.
7;06 Okay, we have got our passwords encrypted. Now we are going to strip any tags of our data and to do this we have strip tags.
7:21 "strip tags". This will strip HTML tags.
7:25 When I am using my password, I will not say "strip tags" before the "md5" function.
7:36 I will use the "md5" Function to encrypt the already striped version of my password.
7:41 So that should be fine.
7:43 Let me copy and past that down there.
7:46 Ok, that's done and lets go back and see that.
7:54 I type in "html" here and for my username I say "body" and just keep my password as "abc".
8:02 Lets go and echo out "username" and just add a break.
8:12 Fullname. Echoing out all that will be typed in here.
8:19 I will just type "test" after this and "test" after this.
8:23 Now this "strip tag" function must get rid of this "html" and this "body".
8:27 You should just have "test" and "test" given to us.
8:31 Oh! We have got an error.
8:34 Lets go back and check. Didn't use the line terminator. Refresh and Resend the data.
8:38 As you can see over here, we got "test" and "test". So whatever you type in here as tag or as html tag, its just blank.
8:49 So you know some people can be funny and say my username is going to be an "image". Register. That doesn't work !
8:59 It isn't echoed up here.
9:01 But if we take say "alex" and we click "Register", its taken into account.
9:05 So that's it. In the next tutorial we will check if every single field is typed in as they are all required for registration.
9:15 Ok I'll see you in the next part. Bye. This is _________ dubbing for the Spoken Tutorial project.

Contributors and Content Editors

Chandrika, Pravin1389