André Restivo @ FEUP :: PHP Tutorial

PHP Tutorial

In this tutorial we will create a simple twitter copycat. In step 6 we will create a user registration form.

Step 6

1. We will start by adding a link to the registration page in the common/header.tpl template. The registragion page will be located in a new folder inside the pages folder:

    <header>
      <div>
        <h1><a href="{$BASE_URL}">Fritter</a></h1>
        <a href="{$BASE_URL}pages/users/register.php">Register</a>
      </div>
    </header>

2. Initially the users/register.php page will only include the init.php config file, as all pages should, and display a new Smarty template that should be created in templates/users/register.tpl:

<?php
  include_once('../../config/init.php');

  $smarty->display('users/register.tpl');
?>

3. The users/register.tpl template, besides including the header and the footer, is a simple form with three input fields and a submit button:

{include file='common/header.tpl'}

<section id="register">
  <h2>Register</h2>

  <form action="{$BASE_URL}actions/users/register.php" method="post">
    <label>Realname: <input type="text" name="realname" value=""></label>
    <label>Username: <input type="text" name="username" value=""></label>
    <label>Password: <input type="password" name="password" value=""></label>
    <input type="submit" value="Register">
  </form>

</section>

{include file='common/footer.tpl'}

As with all form that have side effects in the server, the method should be post. The page that receives the data from the form will be an action page. Action pages are pages that have some kind of side effect before redirect to another page but don’t actually show any data. These pages should stay together in a new folder named actions. In the case of this particular action page, it will be created further inside a users folder.

4. The complete file structure at this time should be as follows:

  index.php
  config/
    init.php
  css/
    style.css
  database/
    tweets.php
  lib/
    smarty/
  pages/
    tweets/
      list_all.php
      list_user.php
    users/
      register.php
  templates/
    common/
      header.tpl
      footer.tpl
    tweets/
      list.tpl
    users/
      register.tpl
  actions/
    users/
      register.php

5. We will start by ignoring any error conditions that could happen when invoking the register.php action. This way the action would look something like:

<?php
  include_once('../../config/init.php');
  include_once($BASE_DIR .'database/users.php');  

  $username = $_POST['username'];
  $realname = $_POST['realname'];
  $password = $_POST['password'];

  createUser($username, $realname, $password);
  header("Location: $BASE_URL");
?>

We should always sanitize our form data:

$realname = strip_tags($_POST['realname']);
$username = strip_tags($_POST['username']);

Now we just need to create the file database/users.php, that contains all the database queries related to users, and, inside it, create the createUser function:

<?php

  function createUser($username, $realname, $password) {
    global $conn;
    $stmt = $conn->prepare("INSERT INTO users VALUES (?, ?, ?)");
    $stmt->execute(array($username, $realname, sha1($password)));
  }

?>

In step 7 we will add some color to our site.