Jamie McInnes wrote:
I have created a Register page for my website using php, i want it to redirect the user back to the home screen once they have signed up.
i also what it to send a email verification to the user once they completed the forum.
Can anyone help me
Have you built these pages with the DW server behaviours?
If you have normally you can select a page to go to IF the process was suceessful, have you done that.
The script Ben linked to is pretty good, but I will point out the following:
- Only the email address is verified. The password and name are allowed without the slightest sanitizing.
- Passwords are stored in the database un-encrypted.
- One should always use bound parameters on forms open to the public. (Anyone who doesn't know what that means needs to find out ASAP)
- The HTML input attribute "required" can be used to check fields prior to submission.
- The HTML5 email input type can be used. (older browsers will just treat it as text, so you still need to verify and sanitze after submission)
- The form checks to see if the email address has been used, but doesn't give the option to retrieve or reset a lost password, and we all know how often passwords get lost.This can be achieved by sending an email with a link to re-set the password. We've all see this routine (because we've all lost passwords).
- PHP has built-in filters that can be used to check the email address and other fields.
I didn't mean to rip this script. Certainly it is a good place to start. I thought point 1 was worth making, so I decided to mention other things I thought of as well.