Hello, I’ve just created a brand new category called Complete Scripts. In this one you will find complete solutions of applications.
The first tutorial is called how to create a membership script with user registration. I will write here a function which will do it! We will have database structure like this :
CREATE TABLE IF NOT EXISTS `users` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`user` varchar(255) NOT NULL,
`pass` varchar(255) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;
After this, here is the function to create new users and insert them into database: – first, create a .php page called functions.php
<?php //Membership Script - Users Registration Function function registerNewMember($user, $pass) { $tableUsers = "users"; if(empty($user) || empty($pass)) { exit(); }else{ $user = addslashes(mysql_real_escape_string($user)); $pass = addslashes(mysql_real_escape_string($pass)); $sql = "insert into $tableUsers values (null, '$user', '$pass')"; $rs = mysql_query($sql); if($rs) { $result = "ok"; }else{ $result = "fail"; } } ?>
Now we need to create a page with a form where users will type their desired user & pass (please note we need to include database connection file and functions one:
<?php //include database connection include('dbConnection.php'); //include functions.php include('functions.php'); //check if registration form was submitted if(isset($_POST['sb'])) { extract($_POST); if(registerNewMember($username, $password) == "ok")) { print "You are now registered"; }else{ print "Not able to add new member"; } } ?> <form action="" method="POST"> Pickup a new username : <input type="text" name="username"><br/> Pikcup a brand new password : <input type="password" name="password"><br/> <input type="submit" name="sb" id="sb" value="Register me!"> </form>
PS : For database connection please remember here
A few mistakes in this script that I must point out.
First of all, you’ve missed out the closing curly bracket in the first function.
Second of all, mysql will return an error when trying to insert the new row, because the script will be something like “insert into values(“. You declare the $tableUsers variable outside the function but don’t declare it as a global variable inside the function, so it will not be recognised.
Last, but very important (though it might not seem like it), you’re storing the passwords in the database in clear text. A fundamental error which I highly discourage at every chance I have. It’s one of the basic rules of website security. Encrypt the users’ passwords, at the very least with an md5 or sha1, if not using something more advanced.
Firstly of all,
Let me thank you for your time spent here and really analyzing my content.
We’re humans and we’re making mistakes : I am writing on this blog in a hurry because I got customers so not time for tests but this really helps
Also, here you’re learning basic php, not security techniques, if I will start and validate everything the newbie will run away from my blog in a NewYork Minute