PHP Message Board Pt 2

PHP Message BoardA few articles ago I started creating a PHP Message Board, but then I got side tracked. Here is the original video PHP Message Board. You must watch it before you watch this one.

In this video tutorial I’ll start explaining how to create a new user registration system for the message board. You can also use this as a review of all I taught on PHP, MySQL, CSS, HTML, JavaScript and JQuery. If you click on those links you can see all of my tutorials on those subjects as well.

All of the code used in this tutorial follows the video. In the next part of this tutorial I’ll finish up the whole user registration file. If you want more information on the Captcha System I’m using check out Setup Captcha System.

Code From the Video

Configmsgbrd.php

<?php

// Define these as constants so that they can’t be changed

DEFINE (‘DBUSER’, ‘mysqladm’);

DEFINE (‘DBPW’, ‘Turtle2Dove’);

DEFINE (‘DBHOST’, ‘localhost’);

DEFINE (‘DBNAME’, ‘msgbrd’);

 

if ($dbc = mysql_connect (DBHOST, DBUSER, DBPW)) {

 

if (!mysql_select_db (DBNAME)) { // If it can’t select the database.

 

// Handle the error.

 

trigger_error(“Could not select the database!<br />MySQL Error: ” . mysql_error());

 

exit();

 

} // End of mysql_select_db IF.

 

} else {

 

// Print a message to the user, and kill the script.

 

trigger_error(“Could not connect to MySQL!<br />MySQL Error: ” . mysql_error());

 

exit();

 

}

 

// A function that strips harmful data.

function escape_data ($data) {

 

// Check for mysql_real_escape_string() support.

// This function escapes characters that could be used for sql injection

if (function_exists(‘mysql_real_escape_string’)) {

global $dbc; // Need the connection.

$data = mysql_real_escape_string (trim($data), $dbc);

$data = strip_tags($data);

} else {

$data = mysql_escape_string (trim($data));

$data = strip_tags($data);

}

 

// Return the escaped value.

return $data;

 

}

 

?>

Header.php

<?php

 

// Start output buffering.

 

ob_start();

 

// Initialize a session.

 

session_start();

 

require_once(‘configmsgbrd.php’);

require_once(‘./includes/recaptchalib.php’);

 

 

//////// End of connecting to database ////////

 

?>

<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.01//EN” “http://www.w3.org/TR/html4/strict.dtd”>

<html>

<head>

<meta http-equiv=”Content-Type” content=”text/html; charset=UTF-8″>

<title>Playing With Layouts</title>

<style>

 

body {

background-color: #FFF;

}

 

#header {

background-color: #006;

color: #FFF;

padding: 20px;

}

 

#footer {

background-color: #006;

color: #FFF;

padding: 20px;

}

 

#lypsum {

padding: 15px;

background-color: #FAF0E6;

margin-right: 230px;

margin-top: 5px;

}

 

#login {

padding: 10px;

padding-bottom: 15px;

border: None;

background-color: CornSilk;

width: 200px;

text-align: left;

float: right;

margin-left: 10px;

margin-right: 5px;

margin-top: 5px;

}

</style>

 

</head>

mbregister.php

<?php

include (‘header.php’);

?>

 

<body>

 

<div id=”header”><h1>Message Board</h1></div>

 

<div id=”login”>

<p>

<?php

 

// Welcome the user (by name if they are logged in).

 

echo ‘<h4>Welcome’;

 

if (isset($_SESSION[‘first_name’])) {

 

echo “, {$_SESSION[‘first_name’]}!”;

}

 

echo ‘</h4>’;

 

// Display links based upon the login status

 

if (isset($_SESSION[‘user_id’]) AND (substr($_SERVER[‘PHP_SELF’], -10) != ‘logout.php’)) {

 

echo ‘<a href=”logout.php”>Logout</a><br />

 

<a href=”change_password.php”>Change Password</a><br />’;

 

} else { // Not logged in.

 

echo ‘ <a href=”register.php”>Register</a><br />

 

<a href=”login.php”>Login to your account</a><br />

 

<a href=”forgot_password.php”>Forgot Password</a><br />’;

 

}

 

?>

</p>

</div>

<h2>Register</h2>

 

<form action=”mbregister.php” method=”post”>

 

<fieldset>

 

<p><b>First Name:</b> <input type=”text” name=”firstname” size=”20″ maxlength=”20″ value=”<?php if (isset($_POST[‘firstname’])) echo $_POST[‘firstname’]; ?>” /> </p>

 

<p><b>Last Name:</b> <input type=”text” name=”lastname” size=”30″ maxlength=”30″ value=”<?php if (isset($_POST[‘lastname’])) echo $_POST[‘lastname’]; ?>” /> </p>

 

<p><b>Email Address:</b> <input type=”text” name=”email” size=”40″ maxlength=”40″ value=”<?php if (isset($_POST[’email’])) echo $_POST[’email’]; ?>” /> </p>

 

<p><b>Username:</b> <input type=”password” name=”userid” size=”20″ maxlength=”20″ /> <small>Must contain a letter of both cases, a number and a minimum length of 8 characters.</small></p>

 

<p><b>Password:</b> <input type=”password” name=”password1″ size=”20″ maxlength=”20″ /> <small>Must contain a letter of both cases, a number and a minimum length of 8 characters.</small></p>

 

<p><b>Confirm Password:</b> <input type=”password” name=”password2″ size=”20″ maxlength=”20″ /></p>

 

<?php

require_once(‘./includes/recaptchalib.php’);

$publickey = “PUBLIC KEY HERE”; // you got this from the signup page

echo recaptcha_get_html($publickey);

?>

 

 

</fieldset>

 

<div align=”center”><input type=”submit” name=”submit” value=”Register” /></div>

 

<input type=”hidden” name=”submitted” value=”TRUE” />

 

</form>

 

</div>

 

<div id=”footer”><h2>This is the Footer</h2></div>

 

</body>

 

</html>

 

 

13 Responses to “PHP Message Board Pt 2”

  1. jesse b. says:

    These are great!!! Some of this is a bit redundant, because you’ve covered it in your other videos. Regardless, These are probably the best vids I’ve found for detailed security measures/ Keep up the great work!!!!!!

    • admin says:

      I’m glad you like my stuff:) Yes I redo tutorials if I think I’ve found a better way to explain the information. I’ll eventually find answers for all of the other questions people have. I’m looking forward to creating tutorials on calculus and physics.

      Thanks for stopping by

    • Anonymous says:

      Comment

  2. imran says:

    i like your tutorial and the way your teaching style is really cool .
    In future ,i am looking for tutorial on wordpress,joomla,prestrashop.

  3. Punit says:

    hii, nice tutorial..just awesome..
    i downloaded all the files, and created database, but it’s not correctly working for me..
    always while login it’s showing me the error “3Either the Userid or Password are incorrect”, although i m entering correct user name and password..
    also if possible can you mail me all the working files with sql files…

    Thank you

  4. Evile says:

    Love your video tutorials, I am currently developing an Android on-line space game similar to ELITE from the 80’s.
    I am utilizing mySQL with php to provide the data support, and your security code is spot on for helping me stop fake game clients connecting to the DB. The session token stuff was especially useful.
    If you have time to make a tutorial, I would very much like to see how you would set up PHP/mysql (under WAMP preferably) for maximum security for public facing applications, in my case exposing test and development DBs safely.
    I have trashed many of my databases trying to work out how to set up remote admins/developers and restricted end-users for mySQL database, despite years of experience doing the same for Oracle.:0)Restricting development to localhost or remote desktops passing off as localhost is very suboptimal, but the only way I’ve managed to provide appropriate access for my devs.

    • admin says:

      Thank you very much. I personally use the Zend framework with any large php sites I develop. It is all free stuff. If you want a secure site, that is the way to go. Tell me if your interested in seeing truly professional site development using Zend and I’ll see what I can do.

  5. wishwayn says:

    Hi sir! i got a problem again in the log in part. when i input an error info, the error warning links to another page. how am i going to make it appear in the same page? thankyou sir

  6. wishwayn says:

    Hi sir! i got a problem again in the log in part. when i input an error info, the error warning links to another page. how am i going to make it appear in the same page? thankyou sir. please help me

    • admin says:

      Can you show me the error you’re seeing. I’m trying to figure out why there are so many problems. I just tested everything and it worked? Maybe it is the database? i did send you the database set up though from what I remember

Leave a Reply

Your email address will not be published.

Google+