Jump to content

Tutorial Formular De Inregistrare

skyler_sdf

By +skyler_sdf,
in PHP

 Share

Recommended Posts

skyler_sdf Proficient

+skyler_sdf

Posted
Posted

Formular de inregistrare

register.php

<?php

require_once('register_funcs.inc');

if($submit=='Mail confirmation')

{

$feedback=user_register();

//in every case, successful or not, there will be the feedback

$feedback_str="<p class=\"errormess\">$feedback</p>";

}

else

{

//show form for thr first time

$feedback_str='';

}

//----------------------------------------------------------------

//DISPLAY THE FORM

//----------------------------------------------------------------

include_once('header_footer.php');

site_header('Registration');

//superglobals don t work with heredoc

$php_self=$_SERVER['PHP_SELF'];

$reg_str= <<< EOREGSTR

<table cellpadding=0 cellspacing=0 border=0 align=center width=621>

<tr>

//----------------

//<td rowspan=10>

//<img width=15 height=1 src="../images/spacer.gif"></td>

//----------------

<td width=606>

</td>

</tr>

<tr>

<td>

$feedback_str

<p class="left"><b>REGISTER</b>

<br>

Fill out this form and a confirmation email will be sent to you. Once out this click on the link in the email your account will be confirmed and you can begin to contribute to the community.</p>

<form action="$php_self" method="POST">

<p class="bold">First name<br>

<input type="text" name="first_name" value="$first_name" size="20" maxlength="25"></p>

<p class="bold">Last name<br>

<input type="text" name="last_name" value="$last_name" size="20" maxlength="25"></p>

<p class="bold">Username<br>

<input type="text" name="user_name" value="$user_name" size="10" maxlength="25"></p>

<p class="bold">Password<br>

<input type="password" name="password1" value=" " size="10" maxlength="25"></p>

<p class="left"><b>Password</b> (again)<br>

<input type="password" name="password2" value=" " size="10" maxlength="25"></p>

<p class="left"><b>Email</b> (required for confirmation)<br>

<input type="text" name="email" value="$email" size="30" maxlength="50">

</p>

<p><input type="submit" name="submit" value="Mail confirmation">

</p>

</form>

</td>

</tr>

EOREGSTR;

echo $reg_str;

site_footer();

?>
fis. register_funcs.inc 
<?php

//a file with the database host, user, password, and selected database

include_once("db_vars.inc");

//a string used for md5 encryption. You could move it to a file outside the web tree for more security

$supersecert_has_padding="A string that is used to pad out short strings for md5 encryption. ";



//this function will only work with superglobal arrays, because i'm not passing in any values or declaring globals

function user_register()

{


global $supersecret_hash_padding;

//are all vars present and password match?

if(strlen($_POST['user_name'])<=25 && strlen($_POST['password1'])<=25 &&  ($_POST['password1'] == $_POST['password2']) && strlen($_POST['email'])<=50 && validate_email($_POST['email']))

{

//validate username and password

if(account_namevalid($_POST['user_name']) || strlen($_POST['password1']>=6))

{

$user_name=strtolower($_POST['user_name']);

$user_name=trim($user_name);

//don't need to escape, because single quotes aren't allowed

$email=$_POST['email'];

//don't allow duplicate usernames or emails

$query=mysql_query($query);

if($result && mysql_num_rows($result)>0)

{

$feedback='ERROR --Username or email address already exists';

return feedback;

}

else{

$first_name=$_POST['first_name'];

$last_name=$_POST['last_name'];

$password=md5($_POST['password1']);

$user_ip=$_SERVER['REMOTE_ADDR'];

//create a new hash to insert into the db and the confirmation email

$hash=md5($email.$supersecret_hash_padding);

$query="INSERT INTO user (user_name, first_name, last_name, password, email, remote_addr, confirm_hash, is_confirmed, date_created) VALUES ('$user_name', '$first_name', '$last_name', '$password', '$email', '$user_ip', '$hash', '0', NOW())";

$result=mysql_query($query);

if(!$result)

{

$feedback='ERROR--Database error';

return $feedback;

}

else{

//send the confirmation email

$encoded_email=urlencode($_POST['email']);

$mail_body= <<< EOMAILBODY


Tahnk you for registering at Example.com Click this link to confirm your registration:

http://localhost/confirm.php?hash=$has$email=$encoded_email

Once you see a confirmation message, you will be logged into Example.com

EOMAILBODY;

mail($email, 'Example.com Registration Confirmation', $mail_body, 'From: noreply@example.com');

//Give a successful registration message

$feddback='YOU HAVE SUCCESSFULLY REGISTERED. You will receive a confirmation email soon';

return $feedback;

}

}

}

else

{

$feedback='ERROR--Username or password is invalid';

return $feedback;

}

}

else{

$feedback='ERROR--please fill in all fields correctly';

return $feedback;

}

}

function account_namevalid()

{

//parameter for use with strspan

$span_str="abcdefghijklmnopqrstuvxwyz" . "ABCDEFGHIJKLMNOPQRSTUVXWYZ0123456789-";

//must have at least one character

if(strspn($_POST['user_name'], $span_str)==0)

{

return false;

}

//must contain all legal characters

if(strspn($_POST['user_name'], $span_str)!=strlen($name))

{

return false;

}

//min and max length

if(strlen($_POST['user_name'])<5)

{

return false;

}

if(strlen($_POST['user_name'])>25)

{

return false;

}

//illegales names

if(eregi("^((root)|(bin)|(daemon)|(adm)|(lp)|(sync)|(shutdown)|(halt)|(mail)|(news)|(uucp)|(operator)|(games)|(mysql)|(httpd)|(nobody)|(dummy)|(www)|(cvs)|(shell)|(ftp)|(irc)|(debian)|(ns)|(download))$", $_POST['user_name']))

{

return false;

}

if(eregi("^(anoncvs_)", $_POST['user_name']))

{

return false;

}

return true;

}

function validate_email()

{

return (ereg('^[=!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+'. '@'. '[-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $_POST['email']));

}

function user_confirm()

{

//this function will only work with the superglobal arrays, because i'm not passing in any values or declaring globals

global $supersecret_hash_padding;

//verify that they didn't tamper with the email address

$new_hash=md5($_GET['email'].$supersecret_hash_padding);

if($new_hash && ($new_hash==$_GET['hash']))

{

$query="SELECT user_name FROM user WHERE confirm_hash='$new_hash'";

$result=mysql_query($query);

if(!result || mysql_num_rows($result)<1)

{

$feedback='ERROR--Hash not found';

return $feedback;

}

else{

//confirm the email and  set accout to active

$email=$_GET['email'];

$hash=$_GET['hash'];

$query="UPDATE user SET email='$email', is_confirmes='1' WHERE confirm_hash='$hash'";

$result=mysql_query($query);

return 1;

}

}

else

{

$feedback='ERROR--Values do not match';

return $feedback;

}

}

?>

  • Upvote 2
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept