Jump to content

Register Check!

Snooble

By Snooble
in PHP Coding Help

 Share

Recommended Posts

Snooble Regular Member

Snooble

Posted
Posted

Hello everyone,

 

I have a register form, posting to a checkregister form which then goes to a completed form.

 

Forms on register page:

 

Username

 

Password

 

Password Again

 

Email

 

--------------------------

 

Can someone tell me some security i can implement on my checkregister page. Such as to stop blank entries, to tell the user if they have entered a username that's already in the db, no duplicate entries for email or username. make sure the passwords match otherwise tell them.

 

Thanks,

 

Bit lost here,

 

Snooble

Link to comment
Share on other sites
simcoweb Advanced Member

simcoweb

Posted
Posted

Here's an example:

 

<?php
// input error checking
    if ($username=="") {
        $err.= "Please provide a username<br/>";
    }
    if (!$email) {
        $err.= "Please provide your email address<br>";
    }
    if ($email) {
        if (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {
            $err.= $email. " is not a valid email address.<br/>";
        }
    } 
    if ($password=="") {
        $err.= "Please provide password<br/>";
    }
    if ($confirmPass=="") {
    $err.= "Please confirm your password.<br/>";
}
if ($confirmPass != $password) {
  $err.= "Your passwords do not match. Please re-enter your passwords.";
}
    if (!$secure) {
        $err.= "No security code entered<br/>";
    }
    if (($secure!=$match) && ($secure!="")) {
        $err.= "Security code mismatch<br/>";
    }
    if ($err=="") {
If no errors then all the code between these brackets would execute
}
?>

Link to comment
Share on other sites
Orio Member

Orio

Posted
Posted

Take a look at this registration page I made for the mmorpg contest, I hope it'll help you:

 

<?php

if(!isset($_POST['submit']))
die_form();

elseif(empty($_POST['username']) || empty($_POST['password']) || empty($_POST['email']))
die_form("Please fill in all of the fields!");


//else{...
//validation
register_valid();

//get data
$user = sql_quote(html_convert(trim($_POST['username'])));
$email = sql_quote(html_convert(trim($_POST['email'])));
$pass = md5(md5(sql_quote($_POST['password'])).$config['salt']);
//Check if exists already
$query = "SELECT * FROM `users` where username='$user' OR email='$email' LIMIT 1";
$result = mysql_query($query);
if(mysql_num_rows($result) != 0)
die_form("The chosen username/email is already in use.");

//I've removed the actual registration part:
//The part that inserts data to database


function register_valid()
{
if (strlen(stripslashes($_POST['password'])) > 15 || strlen(stripslashes($_POST['password'])) < 4)
die_form("Invalid Password. Password must have between 4 to 15 charaters!");
if($_POST['password'] != $_POST['ppassword'])
die_form("Password fields don't match");
if(preg_match("/^[a-zA-Z0-9\_]+$/", $_POST['username']) == 0)
die_form("Invalid Username. Username may only contain alphanumeric charaters and underscores!");
if(strlen($_POST['username']) > 15 || strlen($_POST['username']) < 3)
die_form("Invalid Username. Username must be between 3 to 15 charaters long!");
if (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$", $_POST['email']))
die_form("Illeagal email address!");
}



function die_form($err="")
{
if(!empty($err))
	echo "<font color=\"red\"><b>".$err."</b></font><br>";
$restore=array();
$restore['user'] = (isset($_POST['username'])) ? html_convert($_POST['username']) : "";
$restore['email'] = (isset($_POST['email'])) ? html_convert($_POST['email']) : "";
die("<form name=\"login\" method=\"POST\" action=\"".$_SERVER['PHP_SELF']."\">\n
<table width=\"60%\" border=\"0\" cellpadding=\"5px\">\n
<tr><td width=\"40%\"></td><td width=\"70%\"></td></tr>\n
<tr><td>Username:</td><td><input name=\"username\" type=\"text\" value=\"".$restore['user']."\">\n</td></tr>
<tr><td>Password:</td><td><input name=\"password\" type=\"password\">\n</td></tr>
<tr><td>Retype Password:</td><td><input name=\"ppassword\" type=\"password\">\n</td></tr>
<tr><td>Email:</td><td><input name=\"email\" type=\"text\" value=\"".$restore['email']."\"> (Must be valid!)\n</td></tr>
</table><br>
<input name=\"submit\" type=\"submit\" value=\"Register!\">\n</form>");
}

?>

 

 

Orio.

Link to comment
Share on other sites
Snooble Regular Member

Snooble

Posted
  • Author
Posted

both, BRILLIANT examples of what i'm looking for. Will take what i need from them, should work fine.

 

Are there any suggestions of a good captcha to use? I've never used one before. Not after any SSL encrypted thing, Just want to know the basics.

 

Thank you

 

SNooble

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.