registration.php
echo '
<center>
<table border="1" width="60%" cellspacing="3" cellpadding="20"><tr><td>
<table><tr><td width="30%">
<form name="register" action="reg2.php" method="POST">
<tr><td>Username:</td><td><input type="text" length="20" name="username"></td></tr>
<tr><td>Password:</td><td><input type="password" length="20" name="pw1"></td></tr>
<tr><td>Again:</td><td><input type="password" length="20" name="pw2"></td></tr>
<tr><td>email:</td><td><input type="text" length="20" name="email">
<p>
<!-- // ### USE AN INCLUDE HERE FOR A FANCY VERIFCATION
// ### CODE. ->
</td></tr>
<tr><td><input type="submit" value="Submit"></td>
<td><input type="reset" value="Reset"></td></tr>
</td>
</form>
</td></tr></table>
<td valign="top" width="70%"><font face="arial" size="2">
<div align="justify">
.:: Registration -<br>
Must have a valid email - information will be sent to this address
for verification.
</div>
</td>
</td></tr></table>
</center>
';
sorry the formatting doesnt come up nice - you can thank blogspot for that. This is the best trick i could fine to display the code, otherwise it tries to execute it.
anyways.....
This is just a simple form to get some simple information for our simple game. will look similar to below
| .:: Registration - Must have a valid email - information will be sent to this address for verification. |
When a user clicks the submit button, it will send them to a reg2.php to check stuff out.
reg2.php
<?php
require("serverconfig.php");
$valid_acct=1;
$username=$_REQUEST['username'];
$userpw=$_REQUEST['pw1'];
$userchk=$_REQUEST['pw2'];
$useremail=$_REQUEST['email'];
if ($username ==""){
echo '<font color="red">Please enter your desired username</font><br>'.
'<a href="registration.php">Click Here</a> to continue...';
}// ### END DATA ENTRY CHECK
// ### CHECK TO SEE IF PASSWORDS MATCH
if ($userpw != $userchk){
echo '<font color="red">Passwords do not match<p></font><br>';
$valid_acct=0;
}
// ### CHECK TO SEE IF A VALID NAME IS ENTERED
// ### ONE THAT IS NOT USED
$result = mysql_query("SELECT * FROM accounts WHERE playername='$username'");
while($row=mysql_fetch_array($result)){
echo '<font color="red">Name is already Taken<p></font><br>';
$valid_acct=0;
}
// ### CHECK TO SEE IF EMAIL IS NOT TAKEN
$result = mysql_query("SELECT * FROM accounts WHERE email='$useremail'");
while($row=mysql_fetch_array($result)){
echo '<font color="red">Email is already in use.<p></font><br>'.
$valid_acct=0;
}
//
if ($valid_acct){
// ### CONVERT PW TO MD5
$pw3=md5($userpw);
$sql="INSERT INTO accounts (
playername,
password,
email)
VALUES (
'$username',
'$pw3',
'$useremail'
)";
if (!mysql_query($sql)){
die ('Error: '.mysql_error());
}
echo 'You are all set '.$username.' feel free to log in and play now.';
echo '<br>Good luck<P>';
echo '<a href="index.php">Click Here</a> to begin playing...';
}else{
// ### IF VALID ACCOUNT = 0 THEN HAVE THE USER GO BACK
// ### AND ENTER A VALID INFO
echo '<a href="registration.php">Click Here</a> to continue...';
}
?>
Ok there looks like a lot going on, but its actually simple (thats how programming is, you write alot to do somehting simple).
As you can see, the familiar "require" is shown as well as valid_acct (I just like it so i stick with it througout the software). Next we put everything into variables that we are going to check, username,userpw,userchk and email
Next, check to see if user forgot to put something in. If so, tell them and go back to the registration page.
Once done, make sure the password check matches. if not, back to the registration page.
Then make sure they havent picked a name that is already used, if not back to the registration page.
check the email. same thing. Getting the hang of it? Not so bad is it?
now to be safe, we turn the pw into a md5 hash. very secure for the most part because its not reversable. So if you ever see websites that "reset" your pw, or send you a temp, most likely they are using this method. You just cant get it back if you loose it.
Once that is complete, shove everything into the table - you did make your table right??
If for some reason the valid_acct is still 0, that means there was something wroing and they have to do it all over again.
Give them a link to go back and log in with their new id/pw. Note - get creative, have the program email them and verify they are who they say they are. You can also add a "gotcha". That is a random picture or alpha/numeric numbers that they have to type in to verify they are human. Buuuttttt, I dont think you have to worry about any of this right now. But have fun with it. That is how you learn.
2 comments:
Merry Christmas! I am liking the tutorial, congratulations!
thank you - I think I bit off more than i can chew LOL. I'll see how long i can hold out
Merry Christmas to you too, and a happy new year!!!
Post a Comment