11.5.3.8 use script language to provide interactivity
11.5.3.6 use various algorithmic structures in a scripting language
SQL & PHP. User Registration.
Creating a user registration system involves a combination of front-end HTML forms for the user to input their details and back-end PHP to handle the data input, along with SQL to manage storing user information in a database. Below is a simple guide on how to create a user registration system using PHP and SQL.
Step 1: Setting up the database
First, you need a table within your database to store user information. Here's a simple SQL query to create a users table in a MySQL database:
sql:
CREATE TABLE users (
userID INT(11) AUTO_INCREMENT PRIMARY KEY,
userlogin VARCHAR(50) NOT NULL UNIQUE,
userpassword VARCHAR(50) NOT NULL
);
Step 2: Creating the registration form
Create an HTML form for users to enter their registration information. Here's an example:
html:
<form action="signup.php" method="POST">
<label for="userlogin">Login:</label>
<input type="text" name="userlogin"><br>
<label for="userpassword">Password:</label>
<input type="password" name="userpassword">
<input type="submit" value="Sign Up">
</form>
Step 3: Handling the registration with PHP
In your register.php file, you'll process the registration form input. This involves validating the input data, hashing the password for security, and inserting the new user into the database.
file signup.php:
<?php
include 'connect.php'; // Include database connection code
// Assuming you have a database connection set up (not shown for brevity)
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Retrieve input data
$userlogin = $_POST['userlogin'];
$userpassword = $_POST['userpassword'];
// Presence check. Validate input
if (empty($userlogin) || empty($userpassword)) {
die("Please fill all required fields!");
}
// SQL query for adding a new user
$adduser = mysqli_query($conn, "INSERT INTO users (userlogin, userpassword) VALUES ('$userlogin', '$userpassword')");
// Execute the query
if ($adduser) {
echo "Registration successful!";
} else {
echo "Error";
}
}
?>
Add checking exist user in database
// Prepare SQL statement to select record about user
$search_user = mysqli_query($conn, "SELECT * FROM users WHERE userlogin = '$userlogin'");
// Store the result so we can check if the account exists
$row = mysqli_fetch_array($search_user);
if (!empty($row['userID'])) {
// User exists
echo "Login already exists.";
exit;
}
Step 4: Secure your PHP code
Validate and sanitize user inputs to protect against SQL injection and XSS attacks.
Use prepared statements when interacting with the database to prevent SQL injection.
Store passwords securely using password_hash() and verify them with password_verify().
Step 5: User login
It will be the next step. To complete the user registration system, you'll also need a login system. This involves creating another form for login, capturing user input, verifying the email/password against what's stored in the database, and then starting a session for the user.
This example covers the basics of setting up a user registration system with PHP and SQL. For a complete system, you'll need to consider adding more features like email verification, password reset functionality, and user sessions for login management.
Questions:
Exercises:
Ex. 1 Identify the differences between POST and GET methods to send user data. (Author: Litvinova Olga CS teacher of NIS Pavlodar)
Tasks: |