User registration PHP
In this tutorial I will show you how to create a simple user registration script in PHP. This script will take the user's name, email, password, and a security question. If the security question is right, it will then insert the name, email, and the encrypted password into a database. When connecting to a database we will need to put the database credentials into a file called "mysql_connect.php". If you need help on how to create databases, and how they work, please take a look at our MySQL tutorial before continuing. The following is the mysql_connect file. Click here to see an example of what we will be making.
// Our database credentials
$host = "localhost"; // Usually localhost
$user = "database_user"; // The user you added to your database
$pass = "password"; // Your database password
$db = "database_name"; // Name of your database
// Use mysql_connect to connect to our database
$conn = mysql_connect($host,$user,$pass) or die (mysql_error());
// Select our database
mysql_select_db($db,$conn) or die (mysql_error());
?>
I pretty much summed all this up with the comments I added in the code. If you do not already know, the comments are followed by the two foward slashes //. Of course you will need to change the database_user, password, and the database_name to what you have specified, to connect to the database successfuly. Now that we have our connection file, we can include this anywhere we want to connect to our database, pretty cool huh? If you do not recognize the variable $conn, it's fine. This is just the link identifier. It is not needed, but I put it there anyways. Now we can move on to register.php
// If the submit buton is set (clicked)
if(isset($_POST['submit'])) {
$errros = array(); // Start our errors array, so we can print out any errors
// Validate our fields
if(empty($_POST['name'])) { // If they didn't enter name
$errors[] = "Please enter a name";
} else {
$name = mysql_real_escape_string(trim($_POST['name'];
}
if (!eregi ("^[[:alnum:]][a-z0-9_.-]*@[a-z0-9.-]+\.[a-z]{2,4}$", mysql_real_escape_string(trim($_POST['email'])))) {
$errors[] = "Please enter a valid email.";
}else{
$email = mysql_real_escape_string(trim($_POST['email']));
}
if($_POST['password1' != $_POST['password2']) {
$errors[] = "Your passwords do not match.";
} else if (empty($_POST['password1'])) {
$errors[] = "Please enter a password";
}
if($_POST['human'] == "no") {
$errors[] = "You are not human!";
}
// If there were no errors
if(empty($errors)) {
// Insert the info into our database
$sql = "INSERT INTO table (name,email,password1) VALUES('$name', '$email', SHA('$password1') )";
$rs = mysql_query($sql) or die (mysql_error());
echo "Thank you, $name. You have been registered.";
}
}
?>
That is the PHP code that will proccess the information in the form. It may seem a bit confusing, but I will explain it. We start our errors array at the very top of the script, so if the user forgets to enter his name, or email, he will get what is inside the errors[] array. Then we validate all our fields. We do this by using the if statements, which are explained in part two of this tutorial.