Jump to content

Can I get quick critique


Rabastan

Recommended Posts

This is my first attempt at a registration script. Where do I need improve it?

 

Thanks in advance

 

Rab

 

// Get values from form
$username=$_POST['username'];
$password=$_POST['password'];
$confirm=$_POST['confirm'];
$firstname=$_POST['firstname'];
$lastname=$_POST['lastname'];
$email=$_POST['email'];
$address=$_POST['address'];
$address2=$_POST['address2'];
$city=$_POST['city'];
$state=$_POST['state'];
$zip=$_POST['zip'];
$phone=$_POST['phone'];
$dob=$_POST['dob'];


// Strip any escape characters
$username = stripslashes($username);
$password = stripslashes($password);
$confirm = stripslashes($confirm);
$firstname = stripslashes($firstname);
$lastname = stripslashes($lastname);
$email = stripslashes($email);
$address = stripslashes($address);
$address2 = stripslashes($address2);
$city = stripslashes($city);
$state = stripslashes($state);
$zip = stripslashes($zip);
$phone = stripslashes($phone);
$dob = stripslashes($dob);


//Check for empty fields
if(empty($_POST['username'])){
  echo (USERNAME_BLANK_ERROR);
}
if(empty($_POST['password'])){
  echo (PASSWORD_BLANK_ERROR);
}
if(empty($_POST['confirm'])){
  echo (CONFIRM_BLANK_ERROR);
}
if(empty($_POST['firstname'])){
  echo (FIRSTNAME_BLANK_ERROR);
}
if(empty($_POST['lastname'])){
  echo (LASTNAME_BLANK_ERROR);
}
if(empty($_POST['email'])){
  echo (EMAIL_BLANK_ERROR);
}
if(empty($_POST['address'])){
  echo (ADDRESS_BLANK_ERROR);
}
if(empty($_POST['city'])){
  echo (CITY_BLANK_ERROR);
}
if(empty($_POST['state'])){
  echo (STATE_BLANK_ERROR);
}
if(empty($_POST['zip'])){
  echo (ZIP_BLANK_ERROR);
}
if(empty($_POST['phone'])){
  echo (PHONE_BLANK_ERROR);
}
if(empty($_POST['dob'])){
  echo (DOB_BLANK_ERROR);
}


// Verify field lengths
if(strlen($username) < 6){
echo (USERNAME_SHORT_ERROR);
}
if(strlen($username) > 15){
echo (USERNAME_LONG_ERROR);
}
if(strlen($password) < 6){
echo (PASSWORD_SHORT_ERROR);
}
if(strlen($password) > 15){
echo (PASSWORD_LONG_ERROR);
}
if(strlen($firstname) < 2){
echo (FIRSTNAME_SHORT_ERROR);
}
if(strlen($firstname) > 25){
echo (FIRSTNAME_LONG_ERROR);
}
if(strlen($lastname) < 2){
echo (LASTNAME_SHORT_ERROR);
}
if(strlen($laststname) > 25){
echo (LASTNAME_LONG_ERROR);
}
if(strlen($email) < 10){
echo (EMAIL_SHORT_ERROR);
}
if(strlen($email) > 100){
echo (EMAIL_LONG_ERROR);
}
if(strlen($address) < 5){
echo (ADDRESS_SHORT_ERROR);
}
if(strlen($address) > 200){
echo (ADDRESS_LONG_ERROR);
}
if(strlen($city) < 3){
echo (CITY_SHORT_ERROR);
}
if(strlen($city) > 22){
echo (CITY_LONG_ERROR);
}
if(strlen($zip) < 5){
echo (ZIP_SHORT_ERROR);
}
if(strlen($zip) > 5){
echo (ZIP_LONG_ERROR);
}


// Compare Passwords
if ($password != $confirm) {
echo(PASSWORD_MATCH_ERROR);
}


// Validate Phone Number
if( !preg_match("/^([1]-)?[0-9]{3}-[0-9]{3}-[0-9]{4}$/i", $phone) ) {
   echo (PHONE_VALIDATE_ERROR);
}


// Validate Email Address
if( !preg_match("/^[_a-z0-9-]+(.[_a-z0-9-]+)*@[a-z0-9-]+(.[a-z0-9-]+)*(.[a-z]{2,3})$/i", $email) ) {
   echo (EMAIL_VALIDATE_ERROR);
}


// Hash password and validate hash
$hash = $hasher->HashPassword($password);


if(strlen($hash) <= 20){
echo (HASH_ERROR);
}


// Insert User into database
$sql="INSERT INTO $users(user_username, user_password, user_email, user_firstname, user_lastname, user_address, user_address2, user_city, user_state, user_zip, user_phone, user_dob)VALUES('$username', '$hash', '$firstname', '$lastname', '$address', '$address2', '$city', '$state', '$zip', '$phone', '$dob')";
$result=mysql_query($sql);


if($result){
echo (REGISTRATION_SUCCESS);
echo "<BR>";
echo "<a href='reg_thankyou.php'>Back to main page</a>";
}


else {
echo (REGISTRATION_ERROR);
}
?>
<?php 
// close connection 
mysql_close();
?>

Link to comment
https://forums.phpfreaks.com/topic/274598-can-i-get-quick-critique/
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.