Hello! Now we will try to implement the simplest registration on the site using PHP + MySQL. To do this, Apache must be installed on your computer. The working principle of our script is shown below.
1. Let's start by creating a users table in the database. It will contain user data (login and password). Let's go to phpmyadmin (if you are creating a database on your PC http://localhost/phpmyadmin/). We create a table users , it will have 3 fields.
I create it in the mysql database, you can create it in another database. Next, set the values as in the figure:
2. A connection to this table is required. Let's create a bd.php file. Its content:
In my case it looks like this:
Save bd.php .
Great! We have a table in the database and a connection to it. Now you can start creating a page on which users will leave their data.
3. Create a reg.php file with the contents (all comments inside):
Registration
Registration
Your login:
Your password:
4. Create a file that will enter data into the database and save the user. save_user.php (comments inside):
5. Now our users can register! Next, you need to create a “door” for already registered users to enter the site. index.php (comments inside) :
Home page
Home page
Your login:
Your password:
Register
OK it's all over Now! The lesson may be boring, but very useful. Only the idea of registration is shown here, then you can improve it: add security, design, data fields, loading avatars, logging out of your account (to do this, simply destroy variables from the session with the unset function) and so on. Good luck!
I checked everything, it works properly!
Good day, friends! Let's look at user registration in PHP. First, let's define the conditions for our user registration:
- The password is encrypted using the MD5 algorithm
- We will salt the password
- Checking if your login is busy
- User activation by letter.
- Recording and storing data in the MySQL DBMS
To write this script, we need to understand what user registration is. User registration means obtaining real user data, processing and storing data.
To explain in simple words, registration is just recording and storing certain data by which we can authorize the user in our case - this is Login and Password.
Authorization is the granting of rights to a certain person or group of persons to perform certain actions, as well as the process of verifying these rights when attempting to perform these actions. Simply put, with the help of authorization, we can limit access to certain content on our website.
Let's look at the structure of script directories for implementing our registration with authorization. We need to break the scripts into logical components. We placed the registration and authorization modules in a separate directory. We will also place the connection to the MySQL database, a file with user functions, a CSS style file and our HTML template in separate directories. This structure allows you to quickly navigate through scripts. Imagine that you have a large website with a bunch of modules, etc. and if there is no order, it will be very difficult to find something in such a mess.
Since we will store all the data in the MySQL DBMS, let's create a small table in which we will store registration data.
First you need to create a table in the database. Let's call the table bez_reg where bez is the table prefix, and reg is the name of the table.
Table structure: bez_reg -- -- Table structure `bez_reg` -- CREATE TABLE IF NOT EXISTS `bez_reg` (`id` int(11) NOT NULL AUTO_INCREMENT, `login` varchar(200) NOT NULL, `pass` varchar( 32) NOT NULL, `salt` varchar(32) NOT NULL, `active_hex` varchar(32) NOT NULL, `status` int(1) NOT NULL, PRIMARY KEY (`id`)) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; Now let's create the main scripts for further work. File INDEX.PHPCONFIG.PHP file
less/reg/?mode=auth">Login
When you click the reset button, all form elements will be set to the state that was specified in the default attributes, and the form will not be submitted.
No PHP script required.
Checkboxes present the user with a number of options, and allow arbitrary selection (none, one, or more of them).
White
Green
Blue
Red
Black
Example 2.
// first set of buttons
// second set of buttons
// third set of buttons
When creating a regular text field of size size and the maximum allowed length of maxlength characters, the type attribute takes on the value text . If the value parameter is specified, the field will display the value specified in the variable. When creating a field, do not forget to specify the field name, because... this attribute is required.
6. Password field
Exactly the same as a text field, except that the characters typed by the user will not be displayed on the screen.
7. Hidden text field (hidden)
Allows you to pass some service information to the script without displaying it on the page.
8. Dropdown list (select)
A tag is a drop-down or expanded list, and one or more rows can be selected at the same time. But the value will be passed to the last selected button.
The list starts with paired tags. Tags allow you to define the contents of the list, and the value parameter defines the value of the string. If the selected parameter is specified in the tag, then the row will be initially selected. The size parameter specifies how many lines the list will occupy. If size is 1 , then the list will be a dropdown. If the multiple attribute is specified, then multiple elements from the list can be selected. But this scheme is practically not used, and with size = 1 it makes no sense.
White Green Blue Red Black
If you need to create a drop-down with a predictable sequence. For example, a list with years from 2000 to 2050. Then the following technique is used.
9. Multiline text input field (textarea)
A multi-line text input field allows you to send not just one line, but several at once. If necessary, you can specify the readonly attribute, which prohibits editing, deleting and changing the text, i.e. the text will be read-only. If it is necessary for the text to be initially displayed in a multi-line input field, then it must be placed between the tags.
There is a wrap parameter - setting line wrapping. Possible values:
off – disables line wrapping;
virtuals – shows line breaks, but sends the text as it was entered;
physical – line breaks are left in their original form.
By default, the tag creates a blank field that is 20 characters wide and consists of 2 lines.
In order for a multi-line text field to comply with html formatting (line wrapping using the tag
or
), then use the nl2br() function:
Originally inserted line 1 Originally inserted line 2 Originally inserted line 3
10. Button for uploading files (browse)Serves to implement uploading files to the server. When creating a text field, you also need to specify the field's type as "file" .
Upload file:
There are few methods provided by the HTTP protocol. This is important information. There are no other ways. In practice, two are used:
GET is when data is sent in the address bar, for example when a user clicks a link.
POST – when he clicks a button on the form.
To transfer data using the GET method, you do not need to create a form on an HTML page (nobody forbids you to use forms for requests using the GET method) - just a link to the document with the addition of a query string, which can look like variable=value. Pairs are concatenated using the ampersand &, and the string is appended to the page URL using a question mark “? "
But you don’t have to use key=value pairs if you need to pass just one variable - to do this, you need to write the VALUE (not the name) of the variable after the question mark.
The advantage of passing parameters this way is that clients that cannot use the POST method (such as search engines) can still simply follow the link to pass parameters to the script and retrieve the content.
The disadvantage is that simply by changing the parameters in the address bar, the user can turn the script around in an unpredictable way and this creates a huge security hole, in combination with undefined variables and register_globals on or someone can find out the value of an important variable (for example - session ID) just by looking at the monitor screen.
:
- to access public pages with passing parameters (increased functionality)
- transfer of information that does not affect the level of security
:
- to access protected pages with parameter transfer
- to transmit information affecting the level of security
- to transmit information that cannot be modified by the user (some transmit the text of SQL queries.
You can submit data using the POST method only using a form on an HTML page. The main difference between POST and GET is that the data is transmitted not in the request header but in the body, therefore, the user does not see it. You can only modify it by changing the form itself.
Advantage :
- greater security and functionality of requests using forms using the POST method.
Flaw :
- less availability.
What should you use it for:
- for transmitting a large amount of information (text, files..);
- to transmit any important information;
- to restrict access (for example, use only the form for navigation - an option that is not available to all robot programs or content grabbers).
What should not be used for:
PHP is capable of accepting a file downloaded using any browser. This makes it possible to upload both text and binary files. Combined with PHP authentication and file system functions, you have complete control over who is allowed to upload files and what to do with the file once it has been uploaded.
The file upload page can be implemented using a special form that looks something like this:
//Form for uploading files Send this file:
In the above example " URL" must be replaced with a link to a PHP script. The hidden field MAX _FILE_SIZE (the value must be specified in bytes) must precede the file selection field, and its value is the maximum allowed size of the accepted file. You should also make sure that you specify enctype=" in the form attributes multipart/form-data" , otherwise files will not be uploaded to the server.
Attention
The MAX _FILE_SIZE option is a browser recommendation, even if PHP would also check for this condition. Bypassing this limitation on the browser side is fairly easy, so you should not rely on this feature to block all larger files. However, there is no way to bypass PHP's maximum size limitation. You should add a variable of the form MAX _FILE_SIZE anyway, as it prevents users from waiting anxiously while transferring huge files, only to find out that the file is too large and the transfer actually failed.
Directly:
Getenv("REQUEST_METHOD");
will return GET or POST.
Which method should be used?If the form is used to request some information, for example, during a search, then it should be sent using the GET method. To keep the page updated, you can bookmark it and/or send the link to a friend.
If, as a result of submitting a form, data is recorded or changed on the server, then it should be sent using the POST method, and it is imperative, after processing the form, to redirect the browser using the GET method. Also, POST may be needed if a large amount of data needs to be transferred to the server (for GET it is very limited), and also if the transferred data should not be displayed in the address bar (when entering a login and password, for example).
In any case, after processing the POST, you should always redirect the browser to some page, even the same one, but without the form data, so that when the page is refreshed, they are not recorded again.
An example to demonstrate sending data using the POST and GET methods simultaneously and receiving a response from the server.
JavaScript is blocked in your browser. Please enable JavaScript for the site to function!
Working with FormsHTML forms are used to transfer data from the user of a Web page to the server. PHP provides a number of special tools for working with forms.
Predefined VariablesPHP has a number of predefined variables that do not change across all applications running in a particular environment. They are also called environment variables or environment variables. They reflect the settings of the Apache Web server environment, as well as request information for that browser. It is possible to obtain the values of the URL, query string, and other elements of the HTTP request.
All predefined variables are contained in the associative array $GLOBALS. In addition to environment variables, this array also contains global variables defined in the program.
Example 1 View $GLOBALS arrayAs a result, a list of all global variables, including environment variables, will appear on the screen. The most commonly used ones are:
| $_SERVER["HTTP_USER_AGENT"] | Client name and version | Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) |
| $_SERVER["REMOTE_ADDR"] | IP address | 144.76.78.4 |
| getenv("HTTP_X_FORWARDED_FOR") | Client internal IP address | |
| $_SERVER["REQUEST_METHOD"] | Request method (GET or POST) | GET |
| $_SERVER["QUERY_STRING"] | In a GET request, the encoded data sent along with the URL | |
| $_SERVER["REQUEST_URL"] | Full customer address including query string | |
| $_SERVER["HTTP_REFERER"] | URL of the page from which the request was made | |
| $_SERVER["PHP_SELF"] | Path to the program being executed | /index.php |
| $_SERVER["SERVER_NAME"] | Domain | website |
| $_SERVER["REQUEST_URI"] | Path | /php/php_form.php |
The PHP input processing program can be separated from the HTML text containing the input forms, or it can be placed on one page.
Example 2 Input Processing Example