Register

The registration script uses regular expressions to validate the data and a sticky form for user convenience when a problem occurs with the data. It ensures that there's a unique email. It sends an email containing an activation link. 

<?php

// This is the registration page
include ('start.php');
// site URL (base for all redirections:
define ('BASE_URL', 'http://voyager.deanza.edu/~hso/php/lecture/php23/');

if (isset($_POST['submit'])) {
		process_form();
	}
	else {
		display_form();// display form for the first time
	}

function display_form() {
	echo <<<HTML
	<h2>Register</h2>
	<form action = "$_SERVER[SCRIPT_NAME]" method="post">
	First Name:
	<input type="text" name="first_name" size="20" maxlength="20" value="$_POST[first_name]" />
	<br />
	Last Name:
	<input type="text" name="last_name" size="20" maxlength="40" value="$_POST[last_name]" />
	<br />
	Email Address:
	<input type="text" name="email" size="30" maxlength="80" value="$_POST[email]" />
	<br />
	Password:
	<input type="password" name="password1" size="20" maxlength="20"/>
	<br />
	Confirm Password <br /><small>(must be between 4 and 20 characters)</small>:
	<input type="password" name="password2" size="20" maxlength="20"/>
	<br />
	<input type="submit" name="submit" value="Register" />
	</form>
HTML;
}

function process_form() {

	// trim all the incoming data
	$trimmed = array_map('trim', $_POST);
	// assume invalid values
	$fn = $ln = $e = $p = FALSE;

	// check for a first name
	if (preg_match('/^[A-Z\'.-]{2,20}$/i', $trimmed['first_name'])) {
		$fn = mysql_real_escape_string($trimmed['first_name']);
	}
	else {
		echo '<p>Please enter your first name!</p>';
	}


	// check for a last name
	if (preg_match('/^[A-Z\'.-]{2,40}$/i', $trimmed['last_name'])) {
	$ln = mysql_real_escape_string($trimmed['last_name']);
	}
	else {
		echo '<p>Please enter your last name!</p>';
	}

	// check for an email address
	if (preg_match('/^[\w.-]+@[\w.-]+\.[A-Za-z]{2,6}$/', $trimmed['email'])) {
		$e = mysql_real_escape_string($trimmed['email']);
	}
	else {
		echo '<p>Please enter a valid email address!</p>';
	}

	// check for a password and match against the confirmed password
	if (preg_match('/^\w{4,20}$/', $trimmed['password1'])) {
		if ($trimmed['password1'] == $trimmed['password2']) {
			$p = mysql_real_escape_string($trimmed['password1']);
		}
		else {
			echo '<p>Your password did not match the confirmed password!</p>';
		}
	}
	else {
		echo '<p>Please enter a valid password!</p>';
	}

	if ($fn && $ln && $e && $p) {

		// connect to the database server
		include ('db_connect.php');

		echo "<p>Start registering...</p>";

		//Use SHA1() function to encrypt the password
		// Calculate the sha1 hash of a password
		// http://www.faqs.org/rfcs/rfc3174
		$newp = SHA1('$p');
		// make sure the email address is available
		$query = "SELECT user_id FROM " . TABLE_NAME . " WHERE email= " . "'$e'";
		// run the query
		$r = mysql_query($query) or trigger_error("Query: $query<br />MySQL Error: " . mysql_error());
		// if data
		if (mysql_num_rows($r) == 0) {
				// email available
				// create a unique activation code
				// uniqid() creates a unique identifier
				// md5() creates a string exactly 32 characters long
				$a = md5(uniqid(rand(), true));
				// add the user to the database
				$query = "INSERT INTO " . TABLE_NAME . " (email, pass, first_name, last_name, active, registration_date)
				VALUES ('".$e."', '".$newp."', '".$fn."', '".$ln."', '".$a."', NOW())";
				// run the query
				$r = mysql_query($query) or trigger_error("Query: $query<br />MySQL Error: " . mysql_error());
				// Get number of affected rows in previous MySQL operation
				if (mysql_affected_rows($link) == 1)
				{
					// if it ran OK
					//send the email
					$body = "Thank you for registering . To activate your account, please click on this link:\n\n";
					$body .= BASE_URL . 'activate.php?x=' . urlencode($e) . "&y=$a";
					mail($trimmed['email'], 'Registration Confirmation', $body, 'From: hso@voyager.deanza.edu');

					// finish the page
					echo '<h3>Thank you for registering! A confirmation email has been sent to your address. Please click on the link in that email to activate your account.</h3>';

				}
				else {
					echo '<p class="error">You could not be registered due to a system error. We apologize for any inconvenience.</p>';
				}
		}
		else { // email is not available
				echo '<p>Sorry, but your email address was already registered. If you have forgotten your password, use the link at the bottom to have your password sent to you.</p>';
		}

	}
	else {
		// if one of the data tests failed
		echo '<p> Please try again.</p>';
		display_form();

	}

	// include the footer
	include('footer.html');
	// close the connection
	mysql_close($link);
}

?>

View the effect


Registration Example | Start | Header | Footer | Connect to a Database | Create a Table | Register | Activation | Login | Logout | Forgot Password | Change Password
© 2008: Hann So
email: hso@voyager.deanza.edu