ACCES INTERZIS | blog de programare si securitate IT

 

Cum fac un formular de inregistrare a utilizatorilor? (versiunea 2)

 

Scripturile PHP apelate prin functia include() le gasiti in articolul despre versiunea 2 a formularului de contact.
Interogarea SQL care creeaza tabelul in care se vor stoca utilizatorii o gasiti in articolul despre prima versiune a formularului de inregistrare a utilizatorilor.

registrationf.php

<?php
/*
Cum fac un formular de inregistrare a utilizatorilor? (versiunea 2)
Autor: Marian Barbu aka AccesInterzis
Website: http://www.accesinterzis.ro
2010 (c) Toate drepturile rezervate
*/

//-----specific EXACT cu ce campuri se va lucra
#1
$required_fields = array('username', 'email', 'password', 'retype_password', 'register');
$sent_fields = array_keys($_POST);

//-----ma conectez la baza de date
#2
include('includes/connect_to_db.inc.php');

//-----incarc fisierele include
#2.1
include('includes/validators.inc.php');
include('includes/filter_it.inc.php');
include('includes/validate_form.inc.php');
include('includes/filtered_urls_and_cookies.inc.php');

//------scriptul PHP se executa doar daca cererea a fost facuta de pe aceeasi pagina pe care se afla formularul si doar daca toate campurile formularului au fos trimise
#3
if ($referer == 'http://'.$_SERVER['HTTP_HOST'].$php_self && $required_fields == $sent_fields) {
	//-----procesez datele din formular; rezultatul va fi o lista de erori, o lista cu datele nevalide, o lista cu datele valide
	#5
	include('includes/process_form.inc.php');

	//-----infasor datele VALIDE in mysql_real_escape_string() deoarece urmeaza sa interoghez baza de date
	#6
	$processed_form['good_data'] = filter_it($processed_form['good_data'], array('mysql_real_escape_string'));

	//-----BEGIN - DATA HANDLING
	#7
	if (isset($processed_form['good_data']['username'])) {
		$q = "SELECT user_id FROM ai_registrationform WHERE LOWER(username)='".strtolower($processed_form['good_data']['username'])."'";
        $result = mysql_query($q) or die(mysql_error());

		if (mysql_num_rows($result) != 0) {
			$processed_form['issues']['username'] = 'The username <strong>'.$processed_form['good_data']['username'].'</strong> already exists in our database.';
		}
	}

	if (isset($processed_form['good_data']['email'])) {
		$q = "SELECT user_id FROM ai_registrationform WHERE LOWER(email)='".strtolower($processed_form['good_data']['email'])."'";
        $result = mysql_query($q) or die(mysql_error());

        if (mysql_num_rows($result) != 0) {
			$processed_form['issues']['email'] = 'The email address <strong>'.$processed_form['good_data']['email'].'</strong> already exists in our database.';
		}
	}

	if (isset($processed_form['good_data']['password'])) {
		if ($processed_form['good_data']['password'] != $_POST['retype_password']) {
			$processed_form['issues']['password'] = 'The two passwords don\'t match.';
		}
	}
	//-----END - DATA HANDLING

	//------daca nu exista niciun fel de erori bag datele in baza de date
    #8
	if(count($processed_form['issues']) == 0) {
		$q = "INSERT INTO ai_registrationform(`username`, `email`, `password`, `registration_date`, `ip`)"
			."VALUES('".$processed_form['good_data']['username']."', '".$processed_form['good_data']['email']."', SHA('".$processed_form['good_data']['password']."'), NOW(), '".$_SERVER['REMOTE_ADDR']."')";

		//-----daca intr-adevar datele au fost bagate in baza de date se va afisa pe monitor un mesaj de confirmare
		#8.1
		if (mysql_query($q)) {
			$confirmation = 'The user <strong>'.$processed_form['good_data']['username'].'</strong> was succesfully registered in our databse.';
		} else {
			$confirmation = 'Something is wrong with the server. The user <strong>'.$processed_form['good_data']['username'].'</strong> wasn\'t registered.';
		}

		$confirmation .= ' <a href="http://'.$_SERVER['HTTP_HOST'].$php_self.'" title="Back" id="back">Back to registration form</a>';

		#8.2
		$display = 'style="display:none;"';
	}

	//-----infasor datele in htmlentities() deoarece urmeaza sa le afisez in formular
	#9
	$get_my_fields = filter_it($get_my_fields, array('htmlentities'));
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>How do I make a registration form?</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="description" content="How do I make a registration form?" />
<meta name="keywords" content="registration,form,php,script,mysql,database,user,backend,admin,section,cms" />
<meta name="abstract" content="How do I make a registration form?" />
<meta name="author" content="AccesInterzis" />
<meta name="copyright" content="AccesInterzis" />
<meta name="robots" content="index,follow" />
<meta name="revisit-after" content="7 days" />

<style type="text/css">
* {
	margin:0;
	padding:0;
	outline:none;
}

html {
	color:black;
	background-color:white;
	font: normal normal normal 12px  Verdana;
	/*font-style font-variant font-weight font-size font-family*/
}

/*INCEPUT - LINIILE CSS CARE CREEAZA SKINUL FORMULARULUI DE INREGISTRARE*/

div#registrationf {
	width:335px;
	margin:0px auto;
}

div#registrationf h1 {
	color:black;
	font: normal normal normal 24px  Verdana;
	/*font-style font-variant font-weight font-size font-family*/
	padding-bottom:5px;
}

div#registrationf div {
	margin:0 0 5px 0;
}

div#registrationf label {
	width:130px;
	float:left;
}

div#registrationf label span {
	color:#c00;
}

div#registrationf input {
	width:200px;
}

div#registrationf textarea {
	width:300px;
	height:150px;
}

div#registrationf input, div#registrationf textarea {
	border:1px #ccc solid;
}

div#registrationf input:hover, div#registrationf textarea:hover {
	border:1px #666 solid;
}

div#registrationf input#register {
	width:auto;
	color:#FFF;
	background-color:#333;
	border:1px #000 solid !important;
	cursor:pointer;
}

div#registrationf input#register:hover {
	color:#333;
	background-color:#fff;
	border:1px #333 solid;
}

/*Inceput - stilurile erorilor*/
div#registrationf p {
	color:#c00;
	padding:0 0 0 130px;
	font-size:10px;
	text-align:left;
}

div#registrationf div#username_field label,
div#registrationf div#email_field label,
div#registrationf div#password_field label,
div#registrationf div#retype_password_field label {
	color:#c00;
}

div#registrationf div#username_field input,
div#registrationf div#email_field input,
div#registrationf div#password_field input,
div#registrationf div#retype_password_field input {
	border:1px #c00 solid;
	color:#c00;
}

div#registrationf div#username_field input:hover,
div#registrationf div#email_field input:hover,
div#registrationf div#password_field input:hover,
div#registrationf div#retype_password_field input:hover {
	border:1px #c00 solid;
}
/*Sfarsit - stilurile erorilor*/

div#registrationf a#back {
	color:#900;
	font-weight:bold;
	text-decoration:underline;
}

/*SFARSIT - LINIILE CSS CARE CREEAZA SKINUL FORMULARULUI DE INREGISTRARE*/
</style>
</head>

<body>
<div id="registrationf">
	<h1>
		<label>&nbsp;</label>
		Register an user
	</h1>

	<?php if (isset($confirmation)) echo '<p>'.$confirmation.'</p>'; ?>

	<form action="<?php echo 'http://'.$_SERVER['HTTP_HOST'].$php_self; ?>" method="post" <?php if (isset($display)) echo $display; ?>>
		<?php echo (isset($processed_form['issues']['username'])) ? '<p>'.$processed_form['issues']['username'].'</p><div id="username_field">' : '<div>' ; ?>
			<label for="username">Username<span>*</span>:</label>
			<input name="username" type="text" id="username" value="<?php if (isset($get_my_fields['username'])) echo $get_my_fields['username']; ?>" />
		</div>

		<?php echo (isset($processed_form['issues']['email'])) ? '<p>'.$processed_form['issues']['email'].'</p><div id="email_field">' : '<div>' ; ?>
			<label for="email">Email<span>*</span>:</label>
			<input name="email" type="text" id="email" value="<?php if (isset($get_my_fields['email'])) echo $get_my_fields['email']; ?>" />
		</div>

		<?php echo (isset($processed_form['issues']['password'])) ? '<p>'.$processed_form['issues']['password'].'</p><div id="password_field">' : '<div>' ; ?>
			<label for="password">Password<span>*</span>:</label>
			<input name="password" type="password" id="password" />
		</div>

		<div>
			<label for="retype_password">Retype password<span>*</span>:</label>
			<input name="retype_password" type="password" id="retype_password" />
		</div>

		<div>
			<label> &nbsp; </label>
			<input name="register" type="submit" id="register" value="register" />
		</div>
	</form>
</div>
</body>
</html>

Post to Twitter Publica acest articol pe Twitter

Articole asemanatoare:

Publicat de: admin
Ultima modificare: Apr 06, 2010, 10:01

Etichete
Etichete: , ,
Categorii: web
Precedentul Urmatorul


 

Comentarii lasate » (0)

 
Lasa un comentariu

XHTML: Poti folosi urmatoarele taguri HTML: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>