Join the social network of Tech Nerds, increase skill rank, get work, manage projects...
 

  • How to Implement Registration Functionality in PHP?

    @UniqueIdeaMan
    Recommendations Offline Message

    • 0
    • 0
    • 0
    • 1
    • 0
    • 0
    • 0
    • 672
    Answer it

    Programmers,

    I wrote a registration.php (member reg) and it was working fine but the coding was not perfect (old version).
    Neated-up the new version but I see a complete blank page once I click "Register" button. I do not get this mssg any more:

    Thank you for your registration! Check your email for details on how to activate your account which you just registered."

    What is wrong ?

    Old version:

    <?php

/*
ERROR HANDLING
*/
declare(strict_types=1);
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);

include 'config.php';

// check if user is already logged in
if (is_logged() === true) {
	die("You are already logged-in! No need to register again!");
}

if ($_SERVER['REQUEST_METHOD'] == "POST")
{
	if (isset($_POST["username"]) && 
	   isset($_POST["password"]) &&
	   isset($_POST["password_confirmation"]) && 
	   isset($_POST["email"]) && 
	   isset($_POST["email_confirmation"]) && 
	   isset($_POST["first_name"]) && 
	   isset($_POST["gender"]) &&
	   isset($_POST["surname"])) {
 
		//TypeCast the INT to STRING on the 1st parameter of sha1 as 1st parameter needs to be a STRING.
	   	$account_activation_code = sha1( (string) mt_rand(5, 30));
		$account_activation_link = "http://www.".$site_domain."/".$social_network_name."/activate_account.php?email=".$_POST['email']."&account_activation_code=".$account_activation_code."";
		$username 	= trim(mysqli_real_escape_string($conn, $_POST["username"]));
		$password 	= $_POST["password"];
		$password_confirmation 	= $_POST["password_confirmation"];
        $first_name	= trim(mysqli_real_escape_string($conn, $_POST["first_name"]));
        $surname 	= trim(mysqli_real_escape_string($conn, $_POST["surname"]));
		$gender 	= trim(mysqli_real_escape_string($conn, $_POST["gender"]));
        $email 		= trim($_POST["email"]);
        $email_confirmation = trim($_POST["email_confirmation"]);
        $account_activation_status = 0; // 1 = active | 0 = not active

        //Hashed Password.
		$hashed_password = password_hash($password, PASSWORD_DEFAULT);
        
		//SEE IF BELOW CODE AFTER FOLLOWING WORKS OR NOT AS SUBSTITUTE FUNCTION OVER mysqli_stmt_get_result FUNCTION
		//Select Username and Email to check against Mysql DB if they are already registered or not.
		$stmt = mysqli_prepare($conn, "SELECT usernames, emails FROM users WHERE usernames = ? OR emails = ?");
		mysqli_stmt_bind_param($stmt, 'ss', $username, $email_confirmation);
		mysqli_stmt_execute($stmt);
		$result = mysqli_stmt_get_result($stmt);
		
		$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
        
		// Check if inputted Username is already registered or not.
		if ($row['usernames'] == $username) {
			$_SESSION['error'] = "That username is already registered.";
		// Check if inputted Username is between 8 to 30 characters long or not.
		} elseif (strlen($username) < 8 || strlen($username) > 30) {
			$_SESSION['error'] = "Username must be between 8 to 30 characters long!";
		// Check if inputted Email is already registered or not.
		} elseif ($row['emails'] == $email) {
			$_SESSION['error'] = "That email is already registered.";
		// Check if both inputted EMails match or not.
		} elseif ($email != $email_confirmation) {
			$_SESSION['error'] = "Emails don't match!";
		// Check if inputed Email is valid or not.
		} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
			$_SESSION['error'] = "Invalid email! Insert your real Email in order for us to email you your account activation details.";
		// Check if both inputted Passwords match or not.
		} elseif ($password != $password_confirmation) {
			$_SESSION['error'] = "Passwords don't match.";
		// Check if Password is between 8 to 30 characters long or not.
		} elseif (strlen($password) < 8 || strlen($password) > 30) {
			$_SESSION['error'] = "Password must be between 6 to 30 characters long!";
		} else {

			//Insert the user's input into Mysql database using php's sql injection prevention method.
			$stmt = mysqli_prepare($conn, "INSERT INTO users(usernames, passwords, emails, first_names, surnames, genders, accounts_activations_codes, accounts_activations) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
			mysqli_stmt_bind_param($stmt, 'sssssssi', $username, $hashed_password, $email, $first_name, $surname, $gender, $account_activation_code, $account_activation_status);
			mysqli_stmt_execute($stmt);

			//Check if user's registration data was successful submitted or not.
			if (mysqli_stmt_insert_id($stmt)) {
				echo "<h3 style='text-align:center'>Thank you for your registration!<br /> Check your email for details on how to activate your account you just registered.</h3>";

				//Send account activation link by email for user to confirm his email and activate his new account.
				$to = $email;
				$subject = "Your ".$site_name." account activation!";
				$body  = nl2br("
				===============================\r\n
				".$site_name." \r\n
				===============================\r\n
				From: ".$site_admin_email."\r\n
				To: ".$email."\r\n
				Subject: Yours ".$subject." account activation \r\n
				Message: ".$first_name." ".$surname."\r\n You need to click on following <a href=".$account_activation_link.">link</a> to activate your account by confirming your email address. \r\n");
				$headers = "From: " . $site_admin_email . "\r\n";
			
			    if (mail($to,$subject,$body,$headers)) {
			    	$_SESSION['error'] = "Registration sucessful! Check your email for further instructions!";
					
					//Clear the Session Error so it can no longer be used.
					unset($_SESSION['error']);
					unset($_POST);
					exit();
					
					//Redirect user to login page after 5 seconds.
					header("refresh:5;url=login.php");
			    } 
				else 
				{
			    	$_SESSION['error'] = "Email not sent, please contact website administrator!";
			    }			    
			} 
			else 
			{
				$_SESSION['error'] = "There was a problem in trying to register you! Try again some other time.";
			}
	    }
	}
}

?>
<!DOCTYPE html>
<html>
	<head>
		<title><?php $social_network_name ?> Signup Page</title>
	</head>
<body>
<div class ="container">

<?php

// error messages
if (isset($_SESSION['error']) && !empty($_SESSION['error'])) {
	echo '<p style="color:red;">'.$_SESSION['error'].'</p>';
}

?>

<form method="post" action="">
	<center><h2>Signup Form</h2></center>
	<div class="form-group">
		<center><label>Username:</label>
		<input type="text" placeholder="Enter a unique Username" name="username" required [A-Za-z0-9] value="<?php if(isset($_POST['username'])) { echo htmlentities($_POST['username']); }?>"></center>
	</div>
	<div class="form-group">
		<center><label>Password:</label>
		<input type="password" placeholder="Enter a new Password" name="password" required [A-Za-z0-9]></center>
	</div>
	<div class="form-group">
		<center><label>Repeat Password:</label>
		<input type="password" placeholder="Repeat a new Password" name="password_confirmation" required [A-Za-z0-9]></center>
	</div>
	<div class="form-group">
		<center><label>First Name:</label>
		<input type="text" placeholder="Enter your First Name" name="first_name" required [A-Za-z] value="<?php if(isset($_POST['first_name'])) { echo htmlentities($_POST['first_name']); }?>"></center>
	</div>
	<div class="form-group">
		<center><label>Surname:</label>
		<input type="text" placeholder="Enter your Surname" name="surname" required [A-Za-z] value="<?php if(isset($_POST['surname'])) { echo htmlentities($_POST['surname']); }?>"></center>
	</div>
	<div class="form-group">
		<center><label>Gender:</label>
		<input type="radio" name="gender" value="male" <?php if(isset($_POST['gender'])) { echo 'checked'; }?> required>Male<input type="radio" name="gender" value="female" <?php if(isset($_POST['gender'])) { echo 'checked'; }?> required>Female</center>
	</div>
	<div class="form-group">
		<center><label>Email:</label>
		<input type="email" placeholder="Enter your Email" name="email" required [A-Za-z0-9] value="<?php if(isset($_POST['email'])) { echo htmlentities($_POST['email']); }?>"></center>
	</div>
	<div class="form-group">
		<center><label>Repeat Email:</label>
		<input type="email" placeholder="Repeat your Email" name="email_confirmation" required [A-Za-z0-9] value="<?php if(isset($_POST['email_confirmation'])) { echo htmlentities($_POST['email_confirmation']); }?>"></center>
	</div>
	<center><button type="submit" class="btn btn-default" name="submit">Register!</button></center>
	<center><font color="red" size="3"><b>Already have an account ?</b><br><a href="login.php">Login here!</a></font></center>

</form>

</div>
</body>
</html>

    What is wrong with the new version ?

    New Version

    <?php

/*
ERROR HANDLING
*/
declare(strict_types=1);
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);

include 'config.php';

//Step 1: Before registering User account, check if User is already registered or not.

//Check if User is already logged-in or not.
if (is_logged() === true) {
	die("You are already logged-in! No need to register again!");
}

if ($_SERVER['REQUEST_METHOD'] == "POST")
{
//Step 2: Check User Submitted Details.
	
	//Check if user made all the required inputs or not.
	if (isset($_POST["username"]) && 
	   isset($_POST["password"]) &&
	   isset($_POST["password_confirmation"]) && 
	   isset($_POST["email"]) && 
	   isset($_POST["email_confirmation"]) && 
	   isset($_POST["first_name"]) && 
	   isset($_POST["surname"]) && 
	   isset($_POST["gender"])) {
		   
//Step  3: Check User details for matches against database. If no matches then validate inputs and register User account.
		   
		//Create variables based on user inputs.
		$username 	= trim($_POST["username"]);
		$password 	= $_POST["password"];
		$password_confirmation = $_POST["password_confirmation"];
		$email 		= trim($_POST["email"]);
        $email_confirmation = trim($_POST["email_confirmation"]);
        $first_name	= trim($_POST["first_name"]);
        $surname 	= trim($_POST["surname"]);
		$gender 	= $_POST["gender"];	
	   	$account_activation_code = sha1( (string) mt_rand(5, 30)); //Type Casted the INT to STRING on the 1st parameter of sha1 as it needs to be a STRING.
		$account_activation_link = "http://www.".$site_domain."/".$social_network_name."/activate_account.php?email=".$_POST['email']."&account_activation_code=".$account_activation_code."";
		$account_activation_status = 0; // 1 = active; 0 = not active.
        $hashed_password = password_hash($password, PASSWORD_DEFAULT); //Encrypt the password.
        
		//Select Username and Email to check against Mysql DB if they are already registered or not.
		$stmt = mysqli_prepare($conn, "SELECT usernames, emails FROM users WHERE usernames = ? OR emails = ?");
		mysqli_stmt_bind_param($stmt, 'ss', $username, $email);
		mysqli_stmt_execute($stmt);
		$result = mysqli_stmt_get_result($stmt);		
		$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
        
		// Check if inputted Username is already registered or not.
		if ($row['usernames'] == $username) {
			$_SESSION['error'] = "That username is already registered.";
			exit();
		// Check if inputted Username is between the required 8 to 30 characters long or not.
		} elseif (strlen($username) < 8 || strlen($username) > 30) {
			$_SESSION['error'] = "Username must be between 8 to 30 characters long!";
			exit();
		// Check if both inputted Emails match or not.
		} elseif ($email != $email_confirmation) {
			$_SESSION['error'] = "Emails don't match!";
			exit();
		// Check if inputed Email is valid or not.
		} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
			$_SESSION['error'] = "Invalid email! Insert your real Email in order for us to email you your account activation details.";
			exit();
		// Check if inputted Email is already registered or not.
		} elseif ($row['emails'] == $email) {
			$_SESSION['error'] = "That email is already registered.";
			exit();
		// Check if both inputted Passwords match or not.
		} elseif ($password != $password_confirmation) {
			$_SESSION['error'] = "Passwords don't match.";
			exit();
		// Check if Password is between 8 to 30 characters long or not.
		} elseif (strlen($password) < 8 || strlen($password) > 30) {
			$_SESSION['error'] = "Password must be between 6 to 30 characters long!";
			exit();
		} 
		else 
		{
			//Insert the user's inputs into Mysql database using php's sql injection prevention method "Prepared Statements".
			$stmt = mysqli_prepare($conn, "INSERT INTO users(usernames, passwords, emails, first_names, surnames, genders, accounts_activations_codes, accounts_activations_statuses) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
			mysqli_stmt_bind_param($stmt, 'sssssssi', $username, $hashed_password, $email, $first_name, $surname, $gender, $account_activation_code, $account_activation_status);
			mysqli_stmt_execute($stmt);

			//Check if user's registration data was successfully submitted or not.
			if (!$stmt)
			{
				$_SESSION['error'] = "Sorry! Our system is currently experiencing a problem registering your account! You may try registering some other time.";
				clear_registration_session();
			}
			else 
			{
				//Email the account activation link for user to click it to confirm their email and activate their new account.
				$to = $email;
				$subject = "Your ".$site_name." account activation details!";
				$body  = nl2br("
				===============================\r\n
				".$site_name." \r\n
				===============================\r\n
				From: ".$site_admin_email."\r\n
				To: ".$email."\r\n
				Subject: Yours ".$subject." \r\n
				Message: ".$first_name." ".$surname."\r\n You need to click on this following <a href=".$account_activation_link.">link</a> to activate your account. \r\n");
				$headers = "From: " . $site_admin_email . "\r\n";
			
			    if (!mail($to,$subject,$body,$headers)) 
				{
					$_SESSION['error'] = "Sorry! We have failed to email you your account activation details. Please contact the website administrator!";
					clear_registration_session();
				}
				else
				{
					echo "<h3 style='text-align:center'>Thank you for your registration!<br /> Check your email for details on how to activate your account which you just registered.</h3>";
					exit();
				}
			}
	    }
	}
}

?>

<?php
// Error Messages.
if (isset($_SESSION['error']) && !empty($_SESSION['error'])) {
	echo '<p style="color:red;">'.$_SESSION['error'].'</p>';
}
?>

<?php
//Session Messages.
if (isset($_SESSION['message']) && !empty($_SESSION['message'])) {
	echo '<p style="color:red;">'.$_SESSION['error'].'</p>';
}
?>

<?php
//Clear Registration Session.
function clear_registration_session()
	{
		//Clear the User Form inputs, Session Messages and Session Errors so they can no longer be used.
		unset($_SESSION['message']);
		unset($_SESSION['error']);
		unset($_POST);
		exit();
	}
?>

<!DOCTYPE html>
<html>
	<head>
		<title><?php $social_network_name ?> Signup Page</title>
	</head>
<body>
<div class ="container">
<form method="post" action="">
	<center><h2>Signup Form</h2></center>
	<div class="form-group">
		<center><label>Username:</label>
		<input type="text" placeholder="Enter a unique Username" name="username" required [A-Za-z0-9] value="<?php if(isset($_POST['username'])) { echo htmlentities($_POST['username']); }?>"></center>
	</div>
	<div class="form-group">
		<center><label>Password:</label>
		<input type="password" placeholder="Enter a new Password" name="password" required [A-Za-z0-9]></center>
	</div>
	<div class="form-group">
		<center><label>Repeat Password:</label>
		<input type="password" placeholder="Repeat a new Password" name="password_confirmation" required [A-Za-z0-9]></center>
	</div>
		<div class="form-group">
		<center><label>Email:</label>
		<input type="email" placeholder="Enter your Email" name="email" required [A-Za-z0-9] value="<?php if(isset($_POST['email'])) { echo htmlentities($_POST['email']); }?>"></center>
	</div>
	<div class="form-group">
		<center><label>Repeat Email:</label>
		<input type="email" placeholder="Repeat your Email" name="email_confirmation" required [A-Za-z0-9] value="<?php if(isset($_POST['email_confirmation'])) { echo htmlentities($_POST['email_confirmation']); }?>"></center>
	</div>
	<div class="form-group">
		<center><label>First Name:</label>
		<input type="text" placeholder="Enter your First Name" name="first_name" required [A-Za-z] value="<?php if(isset($_POST['first_name'])) { echo htmlentities($_POST['first_name']); }?>"></center>
	</div>
	<div class="form-group">
		<center><label>Surname:</label>
		<input type="text" placeholder="Enter your Surname" name="surname" required [A-Za-z] value="<?php if(isset($_POST['surname'])) { echo htmlentities($_POST['surname']); }?>"></center>
	</div>
	<div class="form-group">
		<center><label>Gender:</label>
		<input type="radio" name="gender" value="male" <?php if(isset($_POST['gender'])) { echo 'checked'; }?> required>Male<input type="radio" name="gender" value="female" <?php if(isset($_POST['gender'])) { echo 'checked'; }?> required>Female</center>
	</div>
	<center><button type="submit" class="btn btn-default" name="submit">Register!</button></center>
	<center><font color="red" size="3"><b>Already have an account ?</b><br><a href="login.php">Login here!</a></font></center>
</form>
</div>
</body>
</html>

     

    php membership
    Answer it

 1 Answer(s)

Sign In
Forgot Password?
                           OR                           
Create an account !!
                           OR                           
Register

Sign up using

                           OR                           
Forgot Password
Fill out the form below and instructions to reset your password will be emailed to you:
Reset Password
Fill out the form below and reset your password: