Signup Form

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
tecktalkcm0391
DevNet Resident
Posts: 1030
Joined: Fri May 26, 2006 9:25 am
Location: Florida

Signup Form

Post by tecktalkcm0391 »

I am just wondering what other people do to handle the username and password after its sent to the process page after a user signes up?

For example do you do:
$name = $_POST['name'] or do you just leave it as $_POST['name']

and do you do stuff like

trim($name);
User avatar
Oren
DevNet Resident
Posts: 1640
Joined: Fri Apr 07, 2006 5:13 am
Location: Israel

Post by Oren »

Never leave any data from your users as $_POST['data'].
As for the password, at least "md5" it and then escape it with mysql_real_escape_string() (of course after filtering it).
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

First step for me is reading the post/get/cookie/session array var names into a regular var. Then do with that var what needs to be done.
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Post by Christopher »

I tend to use preg_replace() for everything from the request. If it is an int I might just cast to (int).

So something like:

Code: Select all

$name = preg_replace('/[^a-zA-Z0-9\@\.\_\-]/', '', $_POST['name']);
That replaces everything that is NOT in the set of characters specified with '' which removes unwanted characters. I like it because it clearly documents what characters you are allowing. Trying to do the reverse by elminiating what you don't want always seems to miss something in my experience. Better to force you self to open the door wider.

Then you need to validate the value to see if it meets any other criteria, such as length, etc.
(#10850)
Post Reply