Posts Tagged html form submit

Link to part 1

So far we’ve made our database, connected to it, and wrote a function to get rid of
SQL Injection attempts. Now we can make the registration page.

We’ll have a form with a couple fields and a submit button that sends everything to our database.

The first thing we’re going to do is include the db_connect.php page. This will connect us to our database and give us access to the protect function we created earlier.

This form will then submit to itself and insert the data into our db.

< ?php
//Create registration form (register.php)
include "db_connect.php";
 
if(!$_POST['submit']) // 'submit' hasn't been clicked so output html.
{
?>

So what the first IF statement does is checks to see if the form has been submitted. If it hasn’t it outputs the html form.

<html>
<form method="post" action="register.php">
First Name: <input type="text" name="first"/>
Last Name: <input type="text" name="last"/>
Desired Username: <input type="text" name="username"/>
Password: <input type="password" name="password"/>
Confirm Password: <input type="password" name="pass_conf"/>
Email: <input type="text" name="email"/>
About: <textarea name="about">Tell us about yourself</textarea>
<input type="submit" name="submit" value="Register"/>
</form>
or <a href="index.php">Login</a>
</html>

Notice the forms action is register.php which is the page itself. When ‘submit’ is posted we go to the else block here. This is where we store the posted values into variables. We call our protect function on these values to cleanse them of any injection attempts.

Read the rest of this entry »