PHP MYSQL : Create Secure Login and Registration System with Email Verification | Jazeb Akram | Skillshare

PHP MYSQL : Create Secure Login and Registration System with Email Verification

Jazeb Akram, Data Scientist, Web Consultant

PHP MYSQL : Create Secure Login and Registration System with Email Verification

Jazeb Akram, Data Scientist, Web Consultant

Play Speed
  • 0.5x
  • 1x (Normal)
  • 1.25x
  • 1.5x
  • 2x
30 Lessons (3h 56m)
    • 1. Promo

      9:35
    • 2. Introduction

      9:44
    • 3. Lecture 1 password Encryption PPT

      9:31
    • 4. Lecture 2 Understanding and Creating our Hashing Algorithm

      8:15
    • 5. Lecture 3 Controlling Cost of Hashing Algorithm

      2:16
    • 6. Lecture 4 Creating Hashing Algorithm Function

      3:23
    • 7. Lecture 5 Building User Interface

      5:12
    • 8. Lecture 6 Creating DataBase

      5:15
    • 9. Lecture 7 Activating Submit Button

      3:46
    • 10. Lecture 8 Adding Session

      11:10
    • 11. Lecture 9 Redirect Validation

      7:42
    • 12. Lecture 10 Inserting Data in Database

      8:11
    • 13. Lecture 11 Applying Validation and Password Encryption

      7:47
    • 14. Lecture 12 Creating Login Page

      12:55
    • 15. Lecture 13 Completing DataBase

      5:00
    • 16. Lecture 14 Understanding Prototype

      2:54
    • 17. Lecture 15 Restricting Login Page for Active user only

      3:48
    • 18. Lecture 16 Sending Email in PHP

      8:08
    • 19. Lecture 17 Sending Confirmation Email

      8:19
    • 20. Lecture 18 Activating User Account

      11:05
    • 21. Lecture 19 Making Pages Private and Adding Logout Feature

      16:55
    • 22. Lecture 20 Adding Remember me Functionality

      13:53
    • 23. Lecture 21 Recover Account

      10:24
    • 24. Lecture 22 Resetting User Password Mail Request

      10:04
    • 25. Lecture 23 Breaking Template

      12:36
    • 26. Lecture 24 Adding System in Website

      9:31
    • 27. Lecture 25 Making Movie Trailer Pages for Registered Users Only

      3:12
    • 28. Lecture 26 Login Logout Button

      4:05
    • 29. Lecture 27 Adding Content to Login User Only

      3:05
    • 30. Lecture 28 Beta Testing (Final)

      7:59
  • --
  • Beginner level
  • Intermediate level
  • Advanced level
  • All levels
  • Beg/Int level
  • Int/Adv level

Community Generated

The level is determined by a majority opinion of students who have reviewed this class. The teacher's recommendation is shown until at least 5 student responses are collected.

286

Students

--

Projects

About This Class

This course will focus on the process of User Registration and Login System in which students will build the complete project shown in promo video by using HTML CSS PHP and MYSQL.

This course will cover the followings

  • How to secure user cardinals
  • Password Encryption
  • Hashing Algorithms

Project

  • Complete Registration system & Login System
  • Confirm Account feature Via Email
  • Password Reset Via registered Email
  • Validation Checks
  • Very Easy to built
  • Could be applied on any site within Seconds  

we will be using HTML CSS PHP and MYSQL to build this application

--------------------------------------------------------------------------------------------------------------------

Students should have basic knowledge of HTML CSS AND PHP before taking this course

-----------------------------------------------------------------------

Meet Your Teacher

Teacher Profile Image

Jazeb Akram

Data Scientist, Web Consultant

Teacher

Jazeb Akram is a Data Scientist and has been working as a Developer consultant. He has been working as a Freelancer since 2011. He designed various applications for many companies and also training individuals on development tools and languages. Jazeb Also has a university degree in computer science from the University of the Punjab, Pakistan, and a master's degree in Data Science from Western Sydney University, Australia.

You can read his full portfolio on his website jazebakram.com

 



See full profile

Class Ratings

Expectations Met?
  • Exceeded!
    0%
  • Yes
    0%
  • Somewhat
    0%
  • Not really
    0%
Reviews Archive

In October 2018, we updated our review system to improve the way we collect feedback. Below are the reviews written before that update.

Your creative journey starts here.

  • Unlimited access to every class
  • Supportive online creative community
  • Learn offline with Skillshare’s app

Why Join Skillshare?

Take award-winning Skillshare Original Classes

Each class has short lessons, hands-on projects

Your membership supports Skillshare teachers

Learn From Anywhere

Take classes on the go with the Skillshare app. Stream or download to watch on the plane, the subway, or wherever you learn best.

phone

Transcripts

1. Promo: welcome to creating score, Logan and registration system with email activation using PHP. Now, let's see what we are going toe build in this course. So this will be a website. You can see we got a couple off movies and some information about these movies, and all of the information that is showing right now on the screen is completely public. Anyone could see this information, but after every single movie, we got this Burton off voice dinner now. So if I click on this button now, you can see I'm being asked to Logan by because only registered user could see the trailers off upcoming movies. I can also logon from here a guard, this tab right here. And right now, I don't have any accounts, so I have to create one. I got this text right here. So I'm gonna click on this text, don't have an account, so I'm gonna give my information to register. So giving my information jazz a back room and my email jazzy backroom had laid off gmail dot com. And if I give in my first password field 12345 And in the second, I give 1234789 Click on this register button, you can see a guard, this pope of message that both password values must be same. So we are going to apply these type off validation checks so that we could only get correct information from the user. So giving my correct information just Vikram email to be just back in America at gmail dot com. Password Toby Born 2345 Same Silicon District distributor. It's processing. No, I'm being redirected to Logon Page, and I guard this successful green message that jack your email account for activation. So now, before confirming my email, if I try to log in now, using my correct information, Logan, you can see a guard. This error message that account confirmation required. So here is my Gmail account. You can see a guard this email off. Confirm account high. Just about Come here is the link to activate your account. So if I click on this link, I guard this success message that account activators successfully, and I'm on my Logan pitch. So now if I log in with the correct email but with the wrong password and try to log in Now you can see a guard is invalid. Email and password at her message. So if I give my correct email and password Toby correct. 112345 And let's not click on this. Remember me feature for now, and click on the slogan You can see a guard, this success pop up that I'm logged in and also this burden off. Logan has been changed into Log out, and I can click on these voices and now to voice the movies, trailer, whatever I want. They can go back and watch some other movie trailer as well. I can go back and access all the public and private pages off this website because I'm still logged in. And if I close this browser window from here and opened my browser again and tried to visit my website again and click on these voice dinar, you can see a guard this log. In Britain, it means that I'm not logged in. Click on this water. No, I'm getting this message off. Logan required so giving my email and password correct one and all solar's. See this remember me feature So cooking this one as well. Click on log in. I guard this success message. Lagarde Burton has been established. I can voice detailer off these movies and looks close the browser window again. And if I visit my website again, you can see I'm still logged in because I take the remember me feature. So let's log out now. I'm logged out and this burden has been changed to log in. So clicking on this log in supposed that? I forgot my password. So I guard this option right here for your password. So I'm going to click on this for good password. It's asking me to give my email. So in case if I give some wrong email like just back from 1 to 300 off jimmy dot com, but it can submit, you can see regard this error message email, not phone, because there is no such email registered on our website. So, no, let's give correct email to reset our password with email So already a member log in. Click on this forgot password option now giving my correct email. Jazz became murdered off jimmy dot com Submit. I can also go back a consummate. Now it's processing. You can see a guard this success message. Jack email for resetting password and I'm on my log in Now pitch and in my email account you can see I guard this email that reset password. It is the link to reset your password jazzy, become so clicking on this link you can see I'm on the page where I can easily desert my password. So giving my new password 123456123456789 Wrong password. Both fear consummate. You can see a god. Both password valleys must be same and I'm still on that page. Reckon reset my password. If I try to submit with empty field, I'm getting this pop up So these type of federation were going toe apply on our every single field in this project. So giving my 123456 new password click Consummate. You can see parts were changed successfully. Logano. So entering my correct email and correct password that I just change. 123456 Clicking on Remember me feature. Logan can see successful log in and I got this message and the log in button has been changed to log out. Now I can watch any of the movie, which I want. I can broads, full website, all the register pages and the public pages as well, no problem at all. And I can easily low got whenever I want. So in case if the user try to cheat us, like if he copied the link off our registered user page or book market and then low gout and after looking out, if he tried to reach back to that page, the dart logging in, then he will be able to see this error message log and required. So there will be no way the user is going toe enter into our private pages without logging in. And one more thing I want to show you and that is a fire tried to log in and say that I don't have an account and try to register from the email that is already registered with our website contest. A distributor and I'm getting this error message that email is already in use, so one email cannot be registered twice on our website, so we will add many things like this in this course. So this is a system that we are going to Berlin the scores and you will learn many tips and tricks in this project. In this course, you are going to learn about many thing. First, I will show you how you can still protect your user cardinals. Even if the security off your website got compromised, we will learn about password encryption and then I will teach you about many hashing algorithms. And at last we're going toe pick one hashing algorithm and we're going toe. Implement it in our project and in our project, we will court registration and Logan system completely. So, first on our Web site, the user is going toe, enter his information and then we are going toe. Send him when email that will ask him to confirm his email account like the Facebook and many big website and later in case if the user forgot his password, we will add password reset feature that will allow user to reset his passport using registered email. This project will be very easy and I will show you each and every step in complete details , and the great thing about our project is you can implement it on any of the website out there on the Internet and I will show you how you can do that. My name is as a back room and I will see you inside. 2. Introduction: welcome to creating skill Logan and registration system with email activation using PHP. Before we start, let me tell you about myself unjust A come I'm teaching and helping thousands off students online and all of your instructor toward the scores in discourse. You are going to learn about many thing. First, I will show you how you can still protect your user cardinals. Even if the security off your website got compromised, we will learn about password encryption, and then I will teach you about many hashing algorithms. And at last we're going toe pick one hashing algorithm and we are going toe implement it in our project, and in our project, we will court registration and Logan system completely. So, first on our Web site, the user is going toe, enter his information and then we are going toe. Send him when email that will ask him to confirm his email account like the Facebook and many big website and later in case if the user forgot his password, we will add password reset feature that will allow user to reset his passport using registered email. This project will be very easy and I will show you each and every step in complete details . And the great thing about her project is you can implement it on any of the website out there on the Internet, and I will show you how you can do that. Now, let's see what we are going toe build in this course. So this will be a website. You can see we got a couple off movies and some information about these movies, and all of the information that is showing right now on the screen is completely public. Anyone could see this information. But after every single movie we guard this Burton off voice did. Or now. So if I click on this button now, you can see I'm being asked to Logan by because only registered user could see the trailers off upcoming movies. I can also logon from here a guard, this tab right here. And right now, I don't have any accounts, so I have to create one. I got this text right hair. So I'm gonna click on this text, don't have an account, so I'm gonna give my information to register. So giving my information jazz a back room and my email jazzy backroom had laid off gmail dot com. And if I give in my first password, field 12345 and in the second I give 1234789 Click on this register button. You can see a guard, this pope of message that both password values must be same. So we are going to apply these type off validation checks so that we could only get correct information from the user. So giving my correct information just Vikram E. Mail to be just back in America at gmail dot com. Password. Toby Byrne 2345 Same silicone decision Stripper Done. It's processing. No, I'm being redirected to Logon Page and I guard this successful green message that jack your email account for activation. So now, before confirming my email, if I try to log in now, using my correct information, Logan, you can see a guard. This our message that account confirmation required. So here is my Gmail account. You can see a guard this email off. Confirm account high. Just about Come here is the link to activate your account. So if I click on this link, I guard this success message That account activators successfully, and I'm on my Logan pitch. So now if I log in with the correct email but with the wrong password and try to log in now you can see a guard is invalid. Email and password at her message. So if I give my correct email and password, Toby correct. 112345 And let's not click on this Remember me feature for now, and click on the slogan You can see a guard, This success pop up that I'm logged in and also this burden off. Logan has been changed into Log out, and I can click on these voices and now to voice the movies trailer, whatever I want. I can go back and watch some other movie trailer as well. I can go back and access all the public and private pages off this website because I'm still logged in. And if I close this browser window from here and opened my browser again and tried to visit my website again and click on these voiced in awe, you can see a guard this log In Britain, it means that I'm not logged in. Click on this water. No, I'm getting this message off, Logan required. So giving my email and password correct one and all Solar's. See this remember me? Feature. So cooking this one as well you can log in a guard. This success message logo Burton has been established. I can voice detailer off these movies and looks close the browser window again. And if I visit my website again, you can see I'm still logged in because I take the remember me feature. So let's log out now. I'm logged out and this burden has been changed to log in. So clicking on this log in supposed that? I forgot my password. So I guard this option right here. Forgot password. So I'm going to click on this for good password. It's asking me to give my email. So in case if I give some wrong email like just back from 1 to 300 off jimmy dot com, but it can submit, you can see regard this error message email, not phone, because there is no such email registered on our website. So, no, let's give correct email to reset our password with email so already a member log in. Click on this for good pass for toe option now giving my correct email. Jazz became murdered off jimmy dot com Submit. I can also go back, but a consummate. Now it's processing. You can see a guard, this success message Jack email for resetting password and I'm on my log in Now pitch and in my email account you can see I guard this email that reset password. It is the link to reset your password jazzy, become so clicking on this link you can see I'm on the page where I can easily research my password. So giving my new password 123456123456789 Wrong password. Both fear consummate. You can see a god. Both parts word valleys must be same and I'm still on that page. Reckon reset my password. If I try to submit with empty field, I'm getting this pop up so these type of federation were going toe apply on our every single field in this project. So giving my 123456 new password click consummate. You can see password change successfully. Logano So entering my correct email and correct password that I just change. 123456 Clicking on Remember me feature. Logan can see successful log in and I got this message and the log in button has been changed to log out. Now I can watch any of the movie, which I want. I can broads, full website, all the register pages and the public pages as well, no problem at all, and I can easily low got whenever I want. So in case if the user try to cheat us like if he copied the link off our registered user page or book market and then low gout and after looking out, if he tried to reach back to that page, the dart logging in, then he will be able to see this error message Logan required. So there will be no Vader uses going toe enter into our private pages without logging in. And one more thing I want to show you and that is a fire tried to log in and say that I don't have an account and try to register from the email that is already registered with our Website Creek industry distributor, and I'm getting this error message that email is already in use. So one email cannot be registered twice on our website. So we will add many things like this in this course. So this is a system that we are going to Berlin the scores and you will learn many tips and tricks in this project. 3. Lecture 1 password Encryption PPT: Hi, my name is does a back room and I'll be your instructor. Throw discourse in the first part. We will learn about password encryption and how auto encrypt our plane password in an encrypted form. But before going toe that level, we need to understand the need off password encryption. Why should I apply password encryption on user passwords when I simply can save the user passwords in my database in a plain text form? Well, there are a couple of reasons. So here is the demo. Suppose you have a website and it's very large. You have thousands off registered users, and somehow some hacker got access to your database and have the access to user passwords, all his information and interest so his privacy will be at stake. And as the admin off that rap society, you don't want toe put to your user in someplace like this. So even though my half side got damaged by hacker, I don't want my user to suffer the same. So this is the part their password encryption comes, so we convert password means in grip them so that if the hacker get access, he won't be able to get the simple password off our users. Why? Because most people use same type off password in every side. It's just a guest that 99.9 people are not from the i t industry. They don't know about these skirting years, so they use same type off password in every singles website. So in case if your side got hacked and hacker get user passwords, then you don't want him to destroy your user life by hacking all off his accounts. His bank account, his Facebook account, his Lincoln account, but just getting his password at your site. So don't save password, inform off plain text in a database as a developer, always encrypt them. So instead, off saving pastor in a plain text, we encrypt them by using hash. No. What is hash actually hash the type off algorithm that can be applied toe Any simple string to generate encrypted string? Suppose we have a string off Pakistan and if we hash that string, then it will be converted like this. So by reading dollar $1 a cato door cheesy Sohn, you won't understand what does this hash means? So using this hash in case your database got hacked. The hacker won't be able to get the password off your users because he cannot understand this encrypted form. And it will take years in grip this hashed core that we are going to develop. But we need to understand how this hash works. First of all, consider registration form on your website. So I user just enter password string off Pakistan on your website for choosing his password and you encrypt user password in hash format like this. Then you store this encrypted user password in your database and your process off registration will be completed. Now, let's see the Logan process. So now the user came back at your side to log in to his account and he type his bastard off Pakistan. Then you're going toe. Take that user password off Pakistan and we'll match it with the encrypted password stored in your database. So if the match will phone, you will give access. So the user a year to your user and f the match not found, you will deny his access. So if your database got hacked and hacker has full access on your database, he will apply some attacks and the most common attacks are dictionary attack and brute force Attack in the dictionary attack, I could just apply some common vered in your password field like apple, blueberry, banana and the common words off over daily life. Then there is brute force attack in which hacker applied the combination off directors to get access to your account. Then there are look up tables that ah hacker already made. And he just matched the NK platform with your look up tables and try to understand the patron. And then there are rainbow tables that also give hacker an idea to track down your password . So even if you encrypt your password using the hash algorithm, your security might be at risk. But if you add assault, actually, assort is a string that combined with hash algorithm toe add an extra layer off security at your password. So if I have a password off Hello, then there will be some string like you excel U f something like that and I'm going toe Add that string vidi hashing algorithm. So if I have a password off Hello and I want to encrypt it, then I can simply add that sort means that string off Q x l u f so on with the hashing algorithm. So by adding sword any type off string with the hashing algorithm, it will be impossible for hacker toe Break the combination off my password innuendo. He used rainbow tables, look up tables and whatever technique he wants. So if I add just three characters with hashing algorithm means if I had salt off three characters nonetheless, Hacker have toe create 8500 password combination. And in case if that a single combination take one M B, then it will be total off here. 30 70 b and it tells RGB. Barred, easily purchased in the range off $100 it's still in the range. But when we air, the Logan time vidi hash algorithm means a time that will be needed by our algorithm to run the user name and password off user. When he tried to sign in. Suppose we add a sign in time off five seconds, so it will take 8.1 years. Ah, hacker toe encrypt our single password. And no one wanted a normally insert off, adding three character sort. We add 22 characters sold. No, you can do the math. It will take many years encrypt one password by using sort and hashing algorithm. Now there are a couple off hashing algorithm that are very famous in market. 1st 1 is empty. Five. Then we have a sensitive one. Then we have a subject toe. It has further two versions. I said you're too as such A to 56 and s a j 5 12 Then we have Yes, Danville. Poor then tiger. And then we have blowfish. Now, in all of these algorithm, Blowfish is one of the strongest algorithm and many organizations and government agencies use this algorithm. There are a couple of reasons. Virus. The favorite 1st 1 is it's very school. 2nd 1 is free to use. And 3rd 1 Is it slow now? Maybe you're wondering that integrate amiss. Slow hall can its favorite. Now the answer is using this slow functionality, you can limit the Logan time toe three second, five seconds on maybe 10 seconds. So in case of single logon request, it won't be a problem. But for hacker for running thousands off request, it will be a problem. That's why blowfish is favorite. So as I told you earlier that we are soared to secure our password more So we take user password. We use hashing algorithm off blowfish and source string and made a password. But if you want to make it more school instead off adding one simple string every time you choose on random string every single time for your every single password that will going toe make your password more secure on Earth. So here is this hacker he's very happy by because he just had our whole debt abyss. And he's thinking that I'm going toe get the information off every single user off the side . No, he looks at Why? Because then he see the structure off our website, our hack database. We applied very secure algorithm using blowfish and random salt, and we made our user password impossible to break. So I'm gonna say toe this hacker. Maybe next time, see your own Paul. So don't take shortcuts. Always apply encryption on your passwords. Now, in the next lecture, we are going to see how you can encrypt your password using salt and Blowfish algorithm. 4. Lecture 2 Understanding and Creating our Hashing Algorithm: So, first off, all I'm going to run my Sam control panel and my party server and my SQL server as well. No, inside my C drive. I have this folder off Zam in which I have the full off esti dogs in which I made this for Ralph Ph. Because and in here, I'm going to create a new fuller with the name off user underscore registration in which we are going to put all off our project file. Now, here I have added this simple dot ph Before let me show you this file. But we have in this file, so I'm going toe open this file in my commode. Oh, now here is my simple or pure before nothing special here. So first of all, I'm going toe show you the hashing basics. So I'm going to save this file us hashing basics dot PHP Okay, so I already have this BSP school. So in this PHP school, first off, all I'm going toe ad variable off password, and I'm gonna equal this variable with one string off Pakistan. So this Pakistan will be your password. And on the next line, I'm going to create the new variable off blow fish that will hold the structure off our algorithm that will hold the structure off algorithm. So I'm gonna call it Blowfish. Underscore hash underscore form it and the Blowfish form It is dollar. So why dollar 10 and then dollar Ethan. So this too by means the blowfish I'm going to call my blowfish algorithm. And this 10 is the cost off Our algorithm. How long I've warned my logon request toe Take time. So if you want to take longer time, you can increase this tend to be 12 and increase it more if you want. And on the next line, I'm going to create Ah, simple salt and ah, I'm gonna give it a string value off. My name is jazz IB come king. So its length is 20 toe So first of all, let's use this Could command to see its length length off our sword using the length function off string. Okay, everything is good to go or save this and we have this file of hashing basics that is inside my PHP course user registration. So, inside my PHP course, I have this for little off user registration in which I have this file that I just made hashing basics or PSP. So browsing this file now you can see the length off over sword that we just take it out. So here is a real grid, um, off blowfish here is my sort. Now, on the next line, just after this sicko, I'm going toe can. Captain ate my sword with this blowfish algorithm by defining her 1/3 variable with the name off formatting blowfish, I read Sartre. And in this variable, I'm gonna can get in need my this variable off blowfish hash for made with this salt by using this dark to concoct a near these two evils. Okay, so on the next line, I'm going toe encrypt this form. It'd blow fish with Salt Fiddler Original password. So I'm gonna add here on the variable off hash, and I'm gonna equal it. The dollar gripped function that will take two arguments. One will be our password. So I'm gonna add the password as our first pedometer off this encrypt function. And in the next perimeter, I'm going toe Add this for mating blowfish with soil algorithm right here. And so Michael, nerve than our part has been done? No. The next line. Let's echoed this sword that we just did. He it did. Let's add the BR tag here so that you can see it on the next line. Looks good. Sitting this one out and fleshing the bait. Now we got hash or here is the former it off over blow official greed. Um, then we have our string and then we have our and give function that we applied on over possible. So we created our hash by using blowfish algorithm. So if we decrease the soared length, let's make it toe just my name is, as of a gram, saving this one out, refreshing the bitch. Now you can see regard the length of fitting. Also, we're hashing algorithm. Don't or put anything by because this is the basic and bigger wanted off Blowfish that it start work when we add the salt off at least 22. So if I made it again, Toby length off 22 refresh the page. Now we got our encrypted form so you can increase the sword length up to whatever length you want. I can add Ah Morlang, Toby, This simple I can make it to any string more than 22 saving this out refreshingly bench. Now you can see we got completely different algorithm string right here. So it means that if we changed a start, we also going toe have the different ash. So it's better to choose the random sword whenever we have toe create hash for our every single algorithm. So if I add a new variable off password right here, I can make it 212345678 And if I be the same process again for the different password and cheese, the string let's leave this drinkers or just saving this one out. And if I refresh this page again no, you can see for the different password regard the different hash. So right after this kind we have a totally different hash. And if I it seems the soar string Toby, something like my name is does it a crumb? 12345 I was saving this on art, refreshing the page. We also changed our source string and also our hash former And you can also notice that our sorties also different hair instead off having the King here changer to kind. And instead of having 1234 we are getting here 123 You went something like that. So it means that you can change the password. So with the same string over the difference sting, you will have the different type of hash for your possible. So it is a good technique to use the random sort whenever you have tow the year the hash for every single user password. 5. Lecture 3 Controlling Cost of Hashing Algorithm: So I thought that it would be great if I show you how you can increase the processing time off your algorithm, but changing its cost now regard the cost off 10. So if I make it it, 0 12 then you can see that looks refresh the page. It took just 1.5 2nd or something like that. So if I Jeda cost toe 15 7 this one out refreshing over page again, you can see it's taking too much time. And it almost got 4 to 5 seconds. So if I change it toe 27 this one out fresh in the page, all right. Taking too much time because we increase the cost. 13 2nd 15 Still spinning, Still spinning? No, it's almost took one minute and 32nd toe. These at this point on my process of work very hard. Now you can see regardless, Federer, that maximum exhibition time off thirties Aiken exceeded theirs. Why we guard this error so you can think in start off putting some more value. We have to make it more considerable because we are not creating it for the longer period. We are just creating it to spend some time on our algorithm. So I think 10 or maybe 12 goes time will be enough. So now you can think that if we add well, ghost here, then for one type off user, it won't be a problem. But when the hacker is running his court to decrypt our algorithm, it will be a problem for him. So, using this coast, you can put all the Herrick on your Hecker, not your hacker, but on the intervener. 6. Lecture 4 Creating Hashing Algorithm Function: now in the form of hashing basics, I'm goingto get a folder with the name off Include in which I'm going toe Add a simple PHP file and I'm gonna name it. So functions not be it me No nerves open dysfunctions or bp Fine in our leader. So here I have the function dot PHP file. So first of all, let's air the PHP scope in this file. So first off, all I'm going to add here a password encryption function that we just saw. So this is the function. I made it password encryption because we're going to use this function for the many time in our registration purpose. So it's better to make a function so same string off blowfish right here. So why $10? Then we have these sort length. Then we are just generating over salt by calling dysfunction that we don't have at the moment. And then we are just repeating over hash and returning over hash after in keeping our password with the formatting blowfish with salt? No, here we have this generates salt function. As I told you, it's better toe generate sword for every time. Whenever you have tow hash your password. So here is the court for generating random Czar. You can see I'm choosing the random string using the MD five function that is also analogue rhythm and using this empty there and function. And I'm just passing this true function to make it more skill. Then I'm choosing one more string with the base 64 including using this function and in case if we guard the plus I'm replacing it with the dart using str replace function on this base 64 string Then I'm just using this sub steer function to replace in case regarding negative number at the beginning and at last I'm returning, sort and this sort is going toe come at this position using this function called off generate sort So this is all the court toe Create a very secure random string if you want, then use it If you don't want, then just skip all of these lines. So if you don't want to use this court just to use this base 64 in court and ah, we're done here to sort whatever you want. Now these two function will be used toe generate our encryption and in case If you want to check whether user entered Ah, password is equal to your existing hash that you stored in your database. You can simply use this function off passport check that will add the user password that user going toe enter in your farm field. This function off pastor check will make sure that it will, whether it is equal to your existing hash that you created using the's to function So this parts or check. We're going to take this user password and we'll match it with existing hash. And in case if the hash is equal to existing hash, it will return true, otherwise, false. So now we finally know how toe encrypt our passwords or it's time we should move your project. 7. Lecture 5 Building User Interface: So I have this simple dot PHP file. I'm gonna save this file us user underscored registration dot PHP Let's also changed its name to be register now. So in the html section, I'm going toe add a simple HTML form right here and in the action It re route. I'm going to mention the same action. Actually, Rudolph user underscored registration dot PHP here. But because we are going toe, add the PHP court in the same file off this user registration door. PHP No saving this for not and let's make it matter. Toby posed. No, we need some style on this. He was a registration dot PHP. So in my include Fuller, I'm going toe adhere A new file with the name off style store CSS. And this file will include all the style off our project. Let's also upon this file in our comodo Oh, adding the bag off style CSS so that engaged You want us to have the style in this file, you can do that easily? No, we need toe connect this style or ceasefire with this one. So before anything, I'm going toe require this file. So using this require function require ones. We are going toe connect this file with this user registration dot PHP And this file is in My include forlorn hundreds Name is styles dort, CSS for saving this or not. Now I'm going to add some style on these fears. These fears has type of text, email, password and summit burden so far selects air the style on this type text, email and password. So here is some styles that I'm gonna paste. I'm saving this for Not if we brought over file. You can see we have this user registration door pH before click on this file. Now, if I refresh this page again, I can see regard these very cool fears. No, let's also start this one. And this input field has the type off submit. So I'm gonna air some style on this type off submit. So if I add some style on this type of submit saving this for naught if I refresh this page again, I can see regard. Did you distribute on right here? Let's make it toe floor too. And the right position. And let's also give it some margin from top now refreshing the page. It looked great. So one more thing to do here, and that is to enclose this whole form inside when death. So that we can place this dear in the center off our pitch. So no adding the de for style for this death. Let's give it some I D Toby send, uh, the age? No. Adding these style for this death? No, I gave this very And I gave this Dave somewhere 10 margin to be zero auto means center. Refreshing the page. Now regard this in the center. No. One more thing to do. So I'm gonna add some style on this user name. So first off, all I'm going to define a new glass off feel in four right here. And no, I'm going toe place this class off field in four in which I have added some color for in size and foreign family. I'm going toe air this class on these user registration by using span tack. Now you can see I have added this span off glass field in four inside my user name, tax my email password and confirm password. So if I save this for naught and refresh my page again now you can see regard these cool styles. So I think it would be great if I are some more margin. So there's some mid button. So we have this margin. Talkto five. Let's make it toe 10. Fishing the page. It's look great. No, our you a part off this register, no bid is complete. 8. Lecture 6 Creating DataBase: so we're good to go. But before going any further, I think it would be best if we create our database. So we have to go to our PHP mired hman. And I'm going to create here a new database, the D name off registration, underscore system. And all these letters are lower guests Career database. Now we have this registration under school system that I will start her now, in which we are going to add one table with the name off admin underscore panel. And first off, all I want first column to be I d. 2nd 1 will be our user name. Third will be email. Then we have password and confirm password. We don't need it because we are just going to re match these two values. So until now, we need just four columns in our database. We will add more column later if we want. So click on this government. We got our database. So 1st 1 I'm gonna call it I d. 2nd 1 will be user name in the lower form. 3rd 1 will be email. 4th 1 will be our password ID evil being the in form user name Will bean watcher email. Also watch Our password will also be watcher and for I D. I'm gonna give it length off then and also the orto inclement for the user name. Let's give it length off. 30 for email. Let's give it length off 70 for password alerts. Give it length off 1 30 Why? Because we are going toe. Add the in corporate form. So it's better if we add a wide range off length on our password. And all of these fears has the lower case letter click on the savory. Now our table off admin underscore Panel has been created. No, we need to connect this table off. Had been underscore panel with this register now file. So in my Aditya inside my include Fuller. I'm going toe adhere a new PSB file with the name off db dot PHP Saving this one out. Let's open this db dot PHP file in our data. So here we got our Devi daughter Piers people, First of all, we need bsb score, but this file and on the next face, we have to establish our connection in over this db dot piece before, So I'm gonna add here a new variable with the name off connection, and I'm going to equal it. The dollar My ask UAL underscore connect function and first perimeter. I have to mention the server and we are using our local host and our use the name off this server will be route, and there is no passwords. So in the third, But every time going to leave the string Toby empathy. Now, on the next line, I'm going to add one more variable with the name off connecting our databases connecting db . So now I have to select my database. So by using my SQL underscore select underscored Devi function, I'm going to select my database and my database that I may just has the name off registration underscore system. So we need to wear this one right here. And in the next perimeter we have toe are this Meyer skill connect as we added this connection. So we just can copy this one from here, and we can paste it in the next perimeter. We're good to go. No. As our database connection has been established, we also have to connect this file of TV door PHP with this user underscored registration or PSP We don't need this style or ceases fire anymore. So let's close this one. And in my was underscored registration file, I'm just going toe connect my this DVD or pH before that is in my inside. Include folder with the name off de being dart pH me saving this one out. Fishing the page. No, there is no other. Now, in the next lecture, we will add our PHP around. These feels so See you there. 9. Lecture 7 Activating Submit Button: So we have to apply the PS beyond this summit, Burton, because when they use it is going to enter all these values we have toe do the right thing when he click on this summit Britain. So let's make it value Toby register. And ah, this one has the name off submit. So we need toe use this submit one right in our PHP school. So here I got my PSP school and I'm going toe put this PFP school before any sdm all right here and in which I'm gonna say that if this submit button that has the name off submit is set means if I use a click on the submit button, then what should you do? You have tow close us these PHP code that we're going to write. So we need to add the if condition here, and I'm gonna say, if is sect using the super global off post If this set this submit button that has the name off submit, then you should take user name, email, password and confirm password field by using super global post video. So I'm gonna add couple off variable right here with the name off user name, password, email and confirmed password laxity Younis them. And we need to equal these variables with our super global off post. That going to help us to get our values from the user. So I'm gonna change it for the use. A name seem that we have right hair. Then we have to change it for email with the capital e, then for password, and then regard this confirm password field within him off. Confirm password. And as you know, that it might happen. Sometimes when we ask user toe, give us some data, some bad guys drop SQL injection, so preventing SQL injection. We should add the sq real escape string functions so that we could save our form with the SQL injection attack. So I'm gonna add my SQL. The deal is gave string around every single field. So that we could save our debt are that we are getting from our user and we can inserted safe and sound in our database. Well, the first part has been completed. No. In the next part, we will add some validation on these fields. So see you there 10. Lecture 8 Adding Session: No. In this lecture, we are going to air some validation on these fears so that we can also prevent some false information on these field. So inside my submit button, I'm going toe adhere if condition in which first off, all I'm going toe prevent my user toe, add any false information or prevent him by not leaving any of the field. So in the first field check, I'm going to say that you should not add the i m pretty string empty user name, empty email password and confirm password. Otherwise, you have to face ADDers, and our farm is not going to summit. So first of all, I'm gonna say, if this my user name is empathy And if my this email field is empathy and if my password fearless empathy and if my confirm password field is empathy, then you should prevent user to submit this form. I can just echo a simple statement right here that could ask user toe, add the information, or I can say that you should not leave these fears empty, but it's not a good idea. Toe echo right here. What is the best solution right here will be that if we pass the out putting debt are in some session so that you can also learn about sessions and you can make your court more sophisticated. So I'm going to add here a session that will show you the enter. And I'm gonna call this session with the name off message. And then let's say we are going to say to our user that, um, fears must be filled out. Now, we don't have any session file at the moment, so let's get a year a session file. So in my include Fola I'm going toe create her a new file with the name off session Dark being me. Alerts opened this session dot PHP file. You know, Ardito, And before adding any type off Gordon this file, let's also connect this session file, But this one So this file has the name off session? No, in the session file lacks air that PHP school right here. Let's close this TV dot piece. We find we don't need it because we already connected and in the session file. First off, all we have to start our session. So for starting session, you just have to tell it. Session underscore start function knowledge session has been started. Now I can just simply see this one by echoed this session message in my ass TML court. But, uh, as we're not going tojust add one relation check. We're going to add many relationship, so it will be bad programming if we add every time echo statement for our session message. So I'm going to create our function with the name off message here so that we can call this function every time whenever regard the other. So in my session dot PHP file, I'm going to adhere. Ah, function with the name off message and inside this function, I'm going to say that if is set, if my session off this message has been sect, then you should do the following things and I'm going to go add a div on run time That could help me to show the session toe the user without affecting my esteem. Ill court. So I'm going to add here are variable with the name off output in which we will need our Dev with the claws off message that we don't have at the moment. And as I use this direct rations, so I need to escape this one. And let's also where this class off message here while escaping these second quotation are closing off this death. Also, Michael Nerve done adding concatenation to the same variable off output as we were going toe show over session toe the user that has the name off message. So I think it would be create if we apply the STM identities because every time, whenever you have to show that are to the user, you should apply ice Tamil entities. And when you are taking that out from the user, you should apply what you should apply My ask your real escape string wide SQL injection. So inside this extremities, I'm going to just bars this session off message The last thing Tokcan, Captain eight with this or put and that is the ending off. Our deal now is the last part off this function. We're just going to return our this output. So we made our session off message in which we apply this class off message for starting and we didn't add any type of style, you know, if style Dorsey says file here you can see we don't have any style toe this style dot CSS file with the dyspeptic div message glass inside my Dave. So now we are good to go. No sitting this one out. Also this session dot PHP file and ah, let's refresh our page effect. Click on this redistributed you can see we are not getting any message. Our feet It must be output right here by because we added this function off message. So if you want to use this function, you have tow output dysfunction. So right here, right in my body section, I'm going to call this function off message and I have toe record this function off message or saving this one out. If I had the Lord my page again, you can see we got all feel must be for Lord flashing it again. Still, we got all fields. Must be your fellow now, as you can see, if we refresh this page at the first time, we are still getting this message off. All field must be furloughed without entering a register. So this is happening because we haven't added our something in our sessions or PHP file. And that is we didn't add in no value. So I have to make this session feel first time to be No. So I'm going toe Make it to know so that it don't show me This all feel must be for Lord When The first time I brought my father or saving this one out if I had a freshness PGE we don't have any kind off all food must with your Lord. If I click on this redistributed, we are getting this one right here. So it's time we should add some stars according to this class off message that we made here . So in my style or CSS file, I'm going to add some style here. So here we have this function call. I'm gonna close this one in born deaf seven days for not in my style dot sees this file. I'm going toe add style for my death with the claws off message that we applied here in this function regard this tiff with the gloss off message and ah, let's add some stars. So I have added some border color phone were size margin. We're heart and alignment and margin to be bottom at one year or saving this one hour. If I refresh this page And if I click on this, the distributor, you can see we are getting this pop up right here. It's very cool. So I think it would be great if we add the background color off thread and make these fears Toby some different color. Maybe we divide. So in my style, I'm gonna make it to right. And the looks and the background color off. I think this color would be great. So I have had here some background color. No saving this. Find out if I refresh this page again and click on this register button. Now you can see we are getting this very cool Pop up. All fears must be fair, loud. 11. Lecture 9 Redirect Validation: No, it's time. We should add some more regulation on over for so move back to my user registration dot PHP . I'm gonna add here a new check and I'm gonna say else if if my password and my confirm password are not equal than you should show Also the editor in the session. Let's go pee this one. And peace You tried after it. I'm going to change this message. Toby bought boss Word values must be same. No saving this one out. Refreshing the page submit. All feel must be allowed. And if I are some, use the name Toby Joe's ib e mail. Toby Josie became editor of demon dot com and Pastor Toby A Crumb and confirmed Pastor Toby 5 86 9 Register. We are getting both password values Must be same. This error and also as we're not receiving any kind off call back here. So I think it would be great in case if the user violate our validation. He should return to the user underscore registration door piece before, although it's not required here. But I think it would be a great programming practice if you add and make you accord more solid. So in my first of condition, I'm going toe. Did he direct my user? So the location with the same location off this user registration door Ph B In case if he voile it, my validation. And after that, we should add the exit means you should not do any further processing after that. No sitting this one out also lets copy it and pierce to tune our next scored as well. Sitting this one out if I refresh the page If I click on register, we are the directing. You can see the effect on this one right here, so refreshing the page again. You have to focus on this refresh page button. I click on this register, you can see we are getting the request back. So instead, off adding the harder every time I think it would be great if we add ah, function that could redirect my user in case if he violate my dump. So, in my functions, PHP file Before any function, the function of encryption, I'm going to add here a new function with the name off the director. So adding this new function and this function will accept one perimeter that our user going toe intense. I'm gonna call this one the D name off, Neil. Location now in the plant is off this function. Let's Skopje discord from here. This court off header that's gutted from here and be arrested inside of a function and no at this variable off new location and concluded nated here. So we made this redirect function Now in my user registration file right here instead of adding this one, I'm gonna call my Did he dot ek function an insider span? Amita, I'm goingto Passover next link. No, everything is good. So when the user violate our reservation dysfunction off, redirect who will be God and ah, this one is going toe Go in our function dot PHP file and come toe this new location and this new location will be going to be equal with this user registration or Petri far and then is going to be exit So in here we didn't add our function file wouldn't included So it's time we should include our functions Dart bsb file right here While sitting this one out and fleshing the page register, Nothing has been changed. Now for third validation, I'm going to wear here one more else. If and I'm gonna say if the length off our password is less than four, then you should restrict my user. And how can I check my length by using str length function on this password? So I started. If the length of my password is less than four, then you should pass a message in my session and say the user toe that your password should include at least four values US seven. This or not, we also have to redirect my user back to my registration. So I'm gonna call this one here and also dysfunction right here. No, if I to fresh my page again. And if I enter register all feeds must be feel loud. So I'm gonna add some day Donna here and I'm going to add one toe. Three password, Same password. 123 Less than four. Click on this redistributed. Now we're getting this message. Password should include at least four values. Now our basic validation has been completed. Now we need to define the structure means if we are not getting any problem with these validation than you should apply something else. And in this l school. We're going toe. Add all the cord that will gonna help us toe add data in our database. Throw this user registration form and that we are going to do in our upcoming lectures. 12. Lecture 10 Inserting Data in Database: So now in the instruction, I'm going to write my career That could insert all of the fears data in my this admin underscore panel table. So in the l structure, first off all we have to establish our connection with the database and in my db dot PHP file, I already added the connection requirement so I can just simply use this connecting db Global in this cell structure of to insert my data. I don't have to write all of this court, So let's copy this variable off connecting db. And we're going to require hair global off our variable that we did in this file. And now we're good to go. We have connected over that abyss. Now we have to write our curie that could insert our data into their address. So I'm gonna and here a new variable with the name off Curie and looks equal this variable with the work Yuri So inside of a curie, we want to insert our data into our table off this admin underscore panel. So I'm gonna say that insert into admin. Underscore panel alerts confirm its name Admin underscoring Penna all in lower case. And now I have to mention the color names that I God in my database. So I got I d user name, email and password. I don't have to do anything for the i d. Because I made it all too intimate. It's going to an agreement every time we're going to add our record. So we need to focus on these user names, email and password fear just for now. So in here, I'm gonna mention the column name that we got in our database. First regard to use the name. Then we got emails and passwords. Same like here. Now we need to assign the values toe over. Use a name, similar password. So we have to write this values. And in the Prentice's, we have to pass over very well that we are going to enter from over from Saudi first. Well, you will be this user name, and the second value will be our email regard the email field and also here and in the third feet. I'm gonna add my simple street plain text passwords known the next line. I have to run this Q t. So I'm gonna add new variable off execute and let's call over my SQL beauty function. And inside we have toe past this video, but off duty. I was sitting this one out. Now, I can just say that if my career unsuccessful mean this execute run, then you should show a message and redirect my file toe. Same page of the registration door. PHP. So I'm gonna pause here a message, and I'm gonna give it value great in my session message. And if this clearance unsuccessful, we are going to say that in our message, something went wrong. Well, let's see if this one out and, uh, do something here, refreshing the page. So if I had used the name of Joseph email Toby just programmer threat of demon dot com password. Toby Secret and register. No, there is some problem. Something went wrong. Try again. It means that our security hasn't bean run successful. So we need to find out our other We have this curie, our global insurgent. Oh, and money underscore panel panel with the double in. So let's see what we got here. We have registration under school system. Then we have our table off adamant underscore panel. Very single. And so there's other why we're working has been stopped. So we need to remove this one. And you should careful with these type offspring thing to a wired. The further confusion. Nor let's see if this one And if I refresh the spirit again and enter my user name to be Joseph email Toby, just about climate rate of gmail dot com Pastor to be 1234 No, great. Our record has been added. So if I click on this one and browse now, you can see we are getting over the card right here. So it would be great if we Jesus success message toe with some different gonna and start off red. So let's do some CSS and all soldiers defined the session for the success message. So in massaging dot PHP file, I'm gonna copy all off this function off message and I'm gonna pee ist it right after it, and I'm gonna change it, Toby Success, Success message. And let's also change its glass Toby success message and session to be success message as well. Everything is good right here. So now let's open this style or to see a ceasefire. And ah, first of all, copy this devolved dot message that we made for our session, and I'm gonna change it for new glass off success message. And now let's change the background color from Red Toby. Something like green. This looks good. Okay, No, we also have toe ad the function calling. So let's copy this one. This function call and let's be arrested right after it. And also, let's change this call, Toby Success message. When we are going to get our success message called, We're saved this and ah, in here In my executing great function, I also have toe pass this success message session right here. So in case off something with the success, we are going to get the green bedroom are saving this one out. Refreshing. The page does it. 1234 1234 Enter. Now we're getting this green background message that indicating our record has been added. No Internet of its you can see, we got these two fears and ah, there is some problem here. First off, all by this type of relation Ah, same user can register for two times. We need to take care off this thing that only one email could be used for one time registration purpose. So we need to air some curie that could restrict our user not to add email twice, or nor to register twice. So this problem off dual email registration we are going to tackle in our next lecture by creating one function that could check whether we already got email in our database or not , so hang in there. 13. Lecture 11 Applying Validation and Password Encryption: So let's tackle this dual email problem back to my Aditya. So in this file, off user registration door PHP, when we are doing our validation, I'm gonna add here one more else if in which we will add one curie that could make sure whether the user email that he's going toe enter is already exist in my database or not. So I can add hair else if in which I'm gonna add Curie. But I don't think so. It's a good idea. Are toe put all of the court in this is the registration or Pete before. So instead of that, in my functions PHP five, I'm gonna add acuity in this file informal functions so that we can separate over things. So first of all, let's drop our David or PHP connection file in this functions or PHP file so that we could work freely with the world database by calling its global off connecting DB. No, I'm gonna add here Ah, function with the name off Jack E mail exists or not, and we are going to take one argument from the user email and inside this function, first off, all we have toe call our global off this one connecting db so that we could connect our database with dysfunction. Now, on the next line, we're going to write our Q t and I'm gonna say in the security, select all the columns. Select static from my table off Edmund Underscore panel, where the email that we got in our database is equal toe email that we are going toe get from the user, Throw this argument all function Then you should execute this Ghouti ball single acuity variable. And in case if we got reserved more than zero, then you should return. True. So if using my SQL underscore num underscore Rose on this curie off execute if we got reserved, that is greater than zero. So this function off my SQL Lambros is going toe check all those off this curie affects secured. And in case if we got a number off rose greater than zero, then it's going to return us true and else it going to return us what? Yeah, false. Our part has been done here solar to save this one and in user registration in our else. If I'm gonna call this function off Jack, email exists or not, and end up argument. I'm gonna pass the email that we're going to receive from the user using this super global . So this one is going to be here, and ah, then it going toe, check this function. Call in this functions dot PHP file. This is just a simple function concept, how the function work and how it's called work. Then, after performing this one, if he got the crew reserve, then it would show us enter and return us back toe user registration door pH people at this time, the other will be Email is already news. No saving this one out and also this functions dot PHP file. Now let's refresh our page. If I argue, is the name of Josip email Toby just back, Limited of demons? Or come that we already got here. Password to be 12341234 Register. Now you can see we are getting Email is already in use in case if I add some different information. Joseph. Email. Toby Contact our director of jazz, but from dot com password Toby. 12341234 Register. No, Great! And here you can see we are getting over new record. So we eradicated this problem off dual email. But here is one more thing. You can see that we are getting very straight plane password. We're not hashing them. So we made our functions off hashing here, So it's time we should use this past for encryption function on this password that we're going to receive from the user. So in our L structure, where we added of acuity off inserting into a database, I'm gonna add here a new media Beloff has underscore Boss Word unlocks equal dis variable with our function. Call off password encryption that is going to help us cool, encrypt our password. So I'm gonna equal this one with this bastard encryption function. And let's past this variable off password that we're going to receive from Orfield innards argument. So then it's going to do the rest of the hashing and generating sort and acceptable, but nor this pastor check because we're going to receive this pass or check function when we are going to Logan. So you don't have toe think about this passport check function at the moment. So no, I converted my this password that I'm going to receive from the user using this positive encryption. And ah, now we got this new evil of hash password. So instead, off pasting this old password variable, I'm gonna send my hashed password this time. No saving this one out and ah, let's delete all of these records. No, Next the disturbs does it for the first time. Just became editor of gmail dot com and pass for Toby. 1234 1234 Register. Great. And let's see what we got. Now you can see we got this encrypted form of password hit. So this is our any captured pas for so we dedicate this do problem and also the plain text password. So in the next lecture, we're going toe design our logon page because our work off register? Nah, Britain has been done. 14. Lecture 12 Creating Login Page: no for creating logon page. We have to use this user registration dot PHP file because there are many things that we're going to need in our Logan pitch. So let's first off all save this file as Logan dot PHP. Okay, so now in this file, we will need our email and password. So let's remove this user name and also this confirmed field off password dollars. Remove this. I m pretty for user name Jack. And we have toe leave this email boss for that cities and also remove this confirm possible field because we're going to only have two fears in our logon page, email and password. We're going to believe aws that winter into our area. But checking these fields, no removing this validation. All these validation from confirmed pass for toe pastor length, toe existing email or not, no removing this else. Hold else. Let's make this e mail and password in start off and and we should make to or because if they use a leave email or leave passport, you should show this error No, in hair. We don't need this user name. Feel anymore, removing this one from here and also we don't need this confirm password field. And I'm gonna make this field off summit instead of register. Toby Logan. No saving this one out. One more thing to do here. We have to change exchange. Attribute, Toby Logan dot PHP. And also the starter, Toby Logan. So let's go through everything really quick. So we got this submit button, and we also have to close its closing right here. Then regardless, if condition, just one validation on email or password, and then we got our these fears off. Email, password and some Edward Toby Value off Logan. No saving this one out. If I back to my user registration for her, you can see regardless, file off Logan dot PHP. Click on this. No regard email, field and password field. So it's time we're goingto take two values from the user. And, ah, we're going toe. See whether doors email and password value exist in our database or not. The regard. This valuation all feel most people don't. Right after that, I'm going to adhere when else I'm gonna right here. Arcuri. But instead of writing here, Cody, we can ride the curie in our function door pH before so in here. I'm gonna add new function with the name off log in attempt and this function will take you argument. 1st 1 will be our email and the 2nd 1 will be our password. So, you know, writing it's Q t. So I'm going to say that you should select static. Select all the columns from my table off Edmon Underscore panel. Their email is equal toe this. I can just got Peterson from here, and then you should execute my i q t. So if this gritty work, then you should have this one If condition in which we are going toe fetch all the data according toe that particle email that we guard from the work yui off execute. So I started here, Run the security. And if you find any mill that user is going toe enter, then you should fetch all the data according toe that email. Now let's equal this one with variable off Edmund when new, variable and inside. This is condition because we check our email north's time. We should check also the password because this Logan attempt will be considerable on our email and passport. Now, if we guard this email by using this Kuwaiti, then we will fetch the deliver data according to that email. And if we fetch that email data, then we also have toe fashion, uh, password from this relevant email using this, my skin fetch associative. So inside this I'm gonna add one more if condition and in which I'm gonna call my function off password check that I made here to check our user password and our existing hash stored in our database so I can call this function. And on the first perimeter, I'm gonna pass this variable off password that you there is going to enter right here and in the next perimeter, I'm gonna pass the password that I stored in my database And that password I can only fetch by using this variable off Edmund Vay because I'm fetching all off the data off this email and storing it in this Edmund. So now I can simply make the super global off this Edmund and excess the password According toa this email They're stored in my database, so I can just seem please use the super global off password field. So this password feel Is this field in my database? No, in this if condition, If we run this password jack successfully, then you should return this variable off Edmund and we done our work. And else if the user email the user is going to enter is not equal toe any off the email in our database, then you should return. No. So now you can easily see that in this function. If we find the email in our database according toe that email that we're going to see from the user, then we're going toe fetch our discord, discord and else If we are not having the email that user send, then we will just return. No. So everything looks good right here, and we don't have any thing for this bracket. So let's remove this one. I'm saving this one out. Now. We need to call this function off logging attempt in our Logan dot PHP file. So in here, I'm gonna call this one this function off Logan attempt in my log in door to p two p file, and we have to send the perimeter off email and boss word. And it's equal this one with new variable off phoned account. No. One more thing toe say here that when we're going to get this user password and this password from the database, then by using this function call this one will going toe come right here. And this existing hash will be our Edmund password that we're going toe get from the user. So this one will going, Toby, come right here on this Airman password is going toe. Come right here. Then it will encrypt our hash so we don't have to worry about it. So if the hash matching do this existing hash, this admin password, then it's going to return is true. Otherwise force. So this is all the working off over Blowfish algorithm. We don't have to worry about it. Now, sitting this one out now in my Logan dot PHP file if you found account means if this variable of phone account is giving you something means it's returning some Edmund from here, then you should the director user. So this speech off welcome dot PHP, which we don't have at the moment. And else we can boss here a message that invalid email address or password. We're not telling the user which one is wrong. Your email is longer password is wrong. So this is also one more security techniques to map out North Hotel user about which one is wrong. And we will send our user backed over logging dart PHP file. So one more thing right here. So if this veneration is also occur, we also have to send a user to log in or Pete before now, saving this one out. Saving this in order as well. Knowledge's refresh this page. If I give it any the guard that I don't guard in my databases Password off anything, Logan? No invalid email password. And if I give it correct one jazz back a moderate of gmail dot com The regard that we already got here and password Toby, I think it was 1234 Logan. Now we are welcomed RPS River. Although we don't have this file, so it means that our court is working. So let's create here a new file. So here are my this simple or PCI file. I'm gonna save this file as welcome dot PHP And let's change it. Name Toby. Welcome. Welcome. No back flashing the page. If I give it just a back room and correct password of 1234 So you can see we are entering our 1234 password. So although we guard this encrypted form, we don't have to worry about it. We just have to Poor delight. Bus word, Logan or peace be We are getting this page off. Welcome dot PHP. So know this Logan dot PHP file is also working on the next lecture. We're going to see how you can activate your user by email. 15. Lecture 13 Completing DataBase: Welcome back in this lecture, we are going to see how you can register your user by email, confirmation or playing the user and risk or registration dot PHP file. No, in this file, I'm gonna add mawr values that we are going to enter from this user. Underscore registration dot PHP file. And these two values will be automatic. There will be no control from the user on these two value. So the first value I'm gonna call this well, you will be token and 42nd value. I'm gonna call it active, but I don't have to pass that value and make its variable by because I can just simply enter that value using here. So for this token value, let's add any type off random value. So for adding random barrio, I'm gonna use been toe hags are function, and I'm gonna apply it on open SSL under school. Random underscores pseudo parts and I'm gonna ask for 40 bites from this function. So first, we are going to get 40 bites from this random SSL function and then we will only have from bind Reto. Hugs are from zero to f so 0 to 9 after 9 10 will be a then we will have by NATO. Hesse Random numbers in this very well of token. Now saving this one out. Now, one more thing to do here in this file, you can seem when we don't our this gud off uncertain toe. So right after this password of field, I'm gonna pass the token field the token variable. And we don't have any feel according to this token variable. So let's create a field. So in structure, I'm gonna add here a new column and I'm gonna add that column right after my possible field . No, let's give it a name off. Broken in lower form and make it type to be watcher Elect Toby 45. Now saving this one out. So in my brows, you can see regardless, token feel law. So now if I adhere my new field off token and this variable off token that we're going to get from this bind, Reto eggs are open SSL random pseudo bites or saved this one out and ah, let's refresh our page and adding the user name E mail. Toby just become password. So he's just her Great. We just heard our user and, ah, let's browse this one. Now You can also see that we guard the value in our token. So using this token, we're going toe, activate our user, but before doing anything first off, all we have to limit of a user. And we can do that by passing hair, a value off off in our field and one new column off active that we don't have any active column in over database. So let's three year this column off active. So in the structure, let's add one more column right after our token. And I'm gonna call this column Toby active and value to be watcher like Toby five. Saving this one out. No, if I show you this is the column name effective that we just created. And by default, we're going to pass the value off. So when the user confirm his email address through email, then we're going toe, make it on and give it access to the welcome pitch. Now saving this one out, refresh my page. But before doing their lives to lead this record, use the name Toby. Feeling feared. Great. Browse our structure. You can see we got token and active to be off all the part off. Our database has been completed. No. In the next lecture, we are going to see the prototype off our registration process. How it going toe work and, ah, how it's gonna help us to register our user by email verification. 16. Lecture 14 Understanding Prototype: this lecture will focus on the process off our email verification and expert up because before building anything, we have to understand how we are going toe accomplish our project further. So suppose we have the register usurpation that we made and we passed value off, user name, email, password, token and active. And we made our active Toby default off. So then the user is going to register. We are just going toe, take all these values and saved these values in the red hours. Then we made our log in page in which we're going toe. Take the email and password. Now here is the bridge between registration page and log in page and that is activating of a user by email Confirmation. So by D for From the user registration page, we're sending our active value Toby off. And first we're going to define one function that will limit our user on log in page, give access toe does whose value off at their is on in the database, but by default, registration page will send off value to the active column. So when the user hit the button off register own register page, we are going to send our user email and ask him to verify his email by clicking on one link . Then the user will click on that link and on Dad Ling, we will add Accord Toe, make the value off our active toe own. And then we will send a success message in session that you activated your account successfully. Nobody this link. We activated our user and make the active value Toby own in our database. Now we're good to go because on the log in page we made one restriction only allowed. Those who has the value off on in the active column otherwise asked them to verify their email. So now, first thing First, we should limit our logon page toe. Allow doors who have the active column, vidi on value. So in the next lecture, we are going toe define van function in our function file that will restrict our logon page to give access only to those who has the own value in there Active column or databases. Otherwise asked them toe. Confirm their email address. So let's move to our next lecture 17. Lecture 15 Restricting Login Page for Active user only: So let's restrict our Logan dot PSP page to give access only to those who has the active status off on in their database column. So opening Logan dot PHP file and also functions or PHP file No. In the functions dot ph Before I'm going to define here a function with the name off confirming account, Active status? No, in dysfunction, we're going to define here a curing. So I'm gonna copy, disputing that we made earlier and do the necessity addition. So let's copy this whole curing and based in this one No. First we need to have this global connection. That's good. Then we're going to hysteric all the columns from or Edmund Underscore Panel. We're instead off email where we have to check overactive column. The active is on, so I'm gonna pass here the value off that column and, ah, same thing here. We don't have to change anything, all of dysfunction. So I just made a little bit chain here that select all the columns from a table of Herman balance where this status off active his own. Then we're going toe process our this Logan attempt function. So let's copy dysfunction name from here in my Logan dot PHP file. Right before dysfunction. Call off Logan attempt in the l structure. I'm gonna add heaven more if and inside this. If I'm gonna pass this function off, confirming account, active status, no starting off dysfunction. And ah, the ending off This function will include right after the else off deceive condition right here. So we're going to take two values imminent pastor from the user than we are going to apply the validation after that in the structure. First, we're going to see that whether the state us off active is on by using dysfunction. Then if we found the status to be on, then we're going to process all off discord. Otherwise, instead of processing all of this court, we are going to adhere else. And in the cells were just going toe pass. One failure message that account confirmation required nothing more are saving this one out . Now, Also this functions dot PHP file. Let's browse this Logan Dopp fire. Now you can see regardless, user of Josip and D fort. Its status is off. So let's browse this Logan Dopp file. Oh, if I give it email jobs, Bakhram and password. Now you can see we are getting this account confirmation required pop up because the status off our activists off. So we need to make it on by sending user an email. So finally, release to our destination off sending email. So in the next lecture, first, I'm gonna teach you how you can set your local host to send email. 18. Lecture 16 Sending Email in PHP: I in this election, we are going to set our local host to send emails. First of all, let's start our server off Sam. And after starting it, let's back to our C drive and inside. See, Dr, we have further off Sam, and we need to locate our BHP Fola in this damp order. So here is my ph before the and inside my pH before her. I have to look eight BHP daughter and I file. And here is my PSP daughter and I file Let's open this file in our Aditya. So this is BSP Door Diana file. Now, in this PSP daughter in a file, you have to locate line number 11 42. You can see right here and ah, deport this semi calling her the beginning off this line. So remove this semicolon means uncommon did and online 11. 45. You have to air semi colon here to commend it. Now all work has been done for PSP daughter and I file Let's see if this one and ah close our data. No, inside my Sam folder, we need to do one more thing. We have to open the sun mail fuller and in this folder. We have this file off. Send Mayor daughter and I So Bunny Gunawardena, an online 14 You can see we have this SMTP server. You have to wear your server off your domain And in case if you have Gmail or Yahoo, you have tow add the SMTP server off respective male company So I'm going to set up for Gmail. So for setting this SMTP for Gmail First off, all we have to add SMTP Dundar then gmail dot com And we also have to add the SMT people off our genial server and for sending email the SMTP port is 5 87 or save this one out. Now scroll down this page online 46 47 You have to add your Gmail email here and password off that G. Millikan. I'm going to set up it for my email address off Joseph A Crumb at the rate off gmail dot com And now I have to give my actual password off this email account here. No work has been done. No saved this fine and close them from here. And also our editor No, in my exam for LIRR. Inside my eyes two dogs I'm going to create here. Ah, file that could send email. So I'm going to call it sending email dot PHP. Let's open this fly in your data. No. First of all, let's air BHP school right here, and we need to add the meal function that could send our email. So I'm going to add May function. First off, all in the first perimeter. I have toe air, the e mail address off that person whom I want toe get email from my job as a back room at the rate of Jimmer dot com account. So in this case, I'm going to add the same account here, Josie Backroom. And in the next perimeter, I have to give subject to my email, and I'm going to call it testing and Indian experimenter. I have to wear my message and I'm going to say this is just a test to check local host email. And in the last perimeter, I have toe add my Gmail account that I usedto set my as some Teepees over and that account . First off, all I have to hurt from then I have toe give my Josie Burke rumored to write off G. Millican. No port semi colon Arda and I'll say this one out. So this is our two. We're going to send our email to this email address and this is our subject. This is our body off over email and this is our source off standing emailer that we are did in our send me your daughter and I file. So save this one out before doing anything. Stop Apache Server and restarted again so that it could get the new configuration. No open Broza, local host Inside local host. We added this file of sending emails or PHP click on this fire now where email has been sent and this is my G. Millikan, you can see a guard This email review blocked signing the attempt. So if I click on this, you can see we have this message hijos a Google just block someone signing into your Google account and that is less Gura. So by default, Google Gmail prevent signing in from Alaska. So if you want to see the result, you need toe disabled dysfunctionality. So are you the one who tried signing? And yes, I am So click on this allying access to less collapse and done access for less good up while setting has been changed. My guard, the notification on my mobile and also I got this email that's successful. Less collapse has been turned on. And if I refresh the space again, are our email has been sent and you can see a guard. This email testing This is just a test to check local host email. So this way you can send email. There is better way to right this male function. So let's first comment this one and I'm going toe adhere about of and that is using variables. So I define this variable off email the wind, which I put this string off email. Then I have this subject off testing. See the body variable? We have large jackets, working or not using better Mary Bova. And then I have the harder in which I passed my source account that I used to set my local host for email and that it does backroom other Okajima, Torkham and inside my condition. I'm using male function, and first off all I'm passing this don't know email and then I passing this subject than passing body, then headers Any side headers. We have our from jazzy Bagram murder of Jimmy Torkham. So ICO Mail sent successfully if this function execute well and else male not sent. So let's save this one out and ah, fastest sending email dot PHP file. We got at her online. 11 because we need toe. Remove these Martin Comment ending here. Seven. This one out. Refreshing the page mail sent successfully. And in my Gmail, you can see we have this new male testing. Let's jackets working or not using better variable. So this way you can set up your local host to send the email. But remember, it's not the skill way to sending email, but as long as it's doing job for you here scored. 19. Lecture 17 Sending Confirmation Email: No, you have learned about sending email, so it's time we should apply that technique in our project. So first off, all let's copy that file that we just made in our last lecture off the sending email dot pH me and I'm gonna pierce this file inside my PHP cores. Use the registration that I'd here in which we got all the files. No, let's open our data. We need to open this user underscore registration door feature before and also the sending email or putrefied that we just made now in the user underscore registration file where we execute our insert curing so night it's time we should add our email core right here. So I'm gonna remove this session off success message off create and also this redirect function, and I'm going to copy all off these variables off email, toe subject body and headers so that we don't have toe, but I discord again. So I'm gonna placed this inside my beauty execution, if condition And now we are going to just added our email message. So for subject, I'm gonna call it, confirm a cone and no for the body. First off, all I'm going to say hi. Then using concatenation, I'm gonna add her user name that we're going to receive from the fields off the registration page. Then I'm going to concurred in eight it with another string in which I'm gonna say here is the link to confirm your account. And now I'm going toe ad here, a link that will take our user from his email box. So the page off our account activation So the link will be sgtp local host PHP course, and inside Ph recourse. We will have our file off user underscore registration. Then we will have all of these files. And here we are going to create for new files off activate dot PHP. So I'm gonna just simply pass here that fire lame that we're going to create. And for the search of the perimeter, I'm gonna pass the token, And that token will be equal to over this token this token that we will create by buying your toe tags on opener nemesis cell function. So no, adding this token, that's it. No, for the header. I'm gonna call this variable in start off head. I'm gonna call it company or ah, I think sen dreamily would be more appropriate, Sanremo. And after that we will have our male function. And I'm going to copy our male function from this sending emails orchids before. So let's copy this whole if condition hold one and that's B s stood right after it. So for the success, we will call over session off success and we will say that Jack email for activation. And we will redirect our user toe, the log and dark peach before and for some problem, we will the direct our user again to the user underscore registration dot PHP file and the four decision message. We will say that Ah, something went wrong. Dragon No. One more thing to do here. We have toe changed the new media bubble for this harder value. So let me go through everything. So we're going toe first off all, see that if this Gideon successful or not, if this credence unsuccessful So instead of executing all off this court, were just gonna move toe this l structure and say to use or something went wrong, try again and else a disputed unsuccessful. Then you should create variable off email to subject body and ah say hi to the user and the past, this user name in the email that we're going to receive from the registration fields and then passed this simple text. Here's a link to confirm your account or you can say active. Your account would be more appropriate. Then we will pass. Use a link off because we are using our local host. Then we have our PSP course. Then we have used the registration folder, and after that we will have over active dot PHP file, which we don't have at the moment and then in the search perimeter. We are going toe career this token and this token will be equal toe the token that we are going toe generate for decked register user So everything looks good now saving this one out. Let's back to over use an underscore registration or PHP file. Now there is some problem or line 38 that is because regard this whole string and then we are putting this variable. So we need to khunkitti near this variable by using this dot and one last thing to read it because we are not going toe, have the email toe this email so we should focus on on the vital level. And that is the email that we are going to receive from our user Underscore registration page. So we need toe copy this variable off email and let's delete this one from here. And, ah, in the feel of her male function that's put directly our email, which we are going to get from our farm or sitting this one out. Everything looks good. If we refresh appears again, no other at all. So let me delete this email now refreshing the page again if I ard Josip email to be justified. Committed of gmail dot com Password. 12341234 Register. Now you can see regard this check email for activation, green message and also videos to Logan Door Peace before it means that everything worked. Perfect. So we need to check our email. So opening my Gmail account now you can see a guard this email and here is the message. Hi, Joseph. Here is the link to activate your account. So if I click on this link, you can see we are on the active dot PHP file where we're going toe Add our cord to activate a user for this activity dot PHP file were going toe build this file and have some PSP code That gonna get this token from the Ural and activate our user. And we were gonna do it in our next lecture. So see you there. 20. Lecture 18 Activating User Account: So now let's create our activate dot PHP file hair in the same for Ralph. Use an underscore registration David or PSP Alerts opened this fall in our Rita. Now, here we go. This file of activity or Peter, we know the first thing 1st 1st off all, we have to grab all the things that we might need in this file of activate or pH me. So I'm going to copy these PHP lines from using Driscoll registration, and I'm gonna be s them right here. We will need about sessions or Petri fire. There will be no need off this style dot CSS file. And ah, also, we don't need this function dot PHP file in this fire, we might need this debate or Petri fire. And now let's put the end off PHP scope. Okay, So, first of all, we have to establish our connection with over database file by using global, and we have to copy this connecting DB and paste it in our new file off. Activate or PHP? No. By using one if condition, I'm gonna get my token that is appearing in my browser by using super global off cat. So in the if condition I'm going to define here a function off He said if set is my super global off get And if it is, has the value off token in our Ural bar Then you should do the following things and all the first thing first. So this stroke and I'm gonna equal this token with some variable and I'm going to call that variable will be token from UL and I'm gonna equal this one with this super global off. Get off token. So now we got this token in our despicable of token from us. So now we can write our Curie that could confirm our account and change the Valley off active Toby on in our database so that our logon page will give access to over user so defining when curie hair and ah, this security will be this time update. Qd So we need to update our table off Edmund underscore panel and set the value off active Toby on so that the logon page could give our user access. And this is the justice simple curator update. But we also have to mention that you should do this thing on only that column where the token is equal toe token from the euro. So I started here that update my table of Hedman underscore panel and said the active Toby on where the token column is equal toe this token from the URA that we are going to get from our neural bar by using the sober global off talking. Now we have toe executor disc Yuri, and I'm gonna execute my ass. Curole under school, Q T. And I'm gonna pass this security that we made here. No, on the next line, I'm gonna say that if discreet, unsuccessful, then you should show user one success message in session and say that account activated successfully. And in case if this curry Vulcan, then in the else statement do you should give you the a failure message something when drunk, dry again and redirect my use that we use an underscore registration Lord pH before now, saving this on out. Now we're going to update our table off at my underscore panel and certain active to be on where their token that we're going to get from the U. N. Will be a cool toe. This variable off token from your we need dollar sign here to make it very ever. Good. No, Everything looks good. No, saving this one out. No, let's open our browser. And I'm going to lead this record from here. So let's open this. Use an underscore registration or PHP and resistor Reserve from the beginning. Register Jackie Moon for activation and with your own Lord inner peace before no opening my Gmail account, you can see regard this email. So I'm gonna click on this link. No, we have this a little bit other functional directo because we unintentionally the move our function dot PHP file with this one. So that's included a function file. Because this function off the direction is in my functions. PHP far solar space. Dis linked to be in hair, saving this one out if I refresh this page again, account activated successfully. No. In my browser. If I try to Logan now, now you can see we are getting this account confirmation required. So it means that there might be a some problem. So we need to figure out and in my database if we see if we have data very off active. Toby on. We haven't done it. So there is some kind of problem that we might have to find out. And, ah, in the conformation account, you can see regard this token off E f. So there could be a problem with this token. So this token is starting from E F and ending with 97 on in my database. This one is starting from E F and ending with three c, and this one has very less value as compared to the token that we're sending. So, in my opinion, there might be a problem in our structure off that abuse. So if I opened this structure now, in my token field, I made it length Toby 45 my confirm account token. I'm sending token with the length more than 45. So I'm sending a very long value in my token. But do toe insufficient space in my token fear because I made it 45. I'm not getting the full value off token invited, always so you can see we are only getting value till five. Double 63 c. And here is five. Double 63 c right here and right after this nine toe end off the token, we're not saving this one do toe insufficient space in our database. So there is this advice for you that you should add enough length in your database toe a wire, these type off logical errors. So if I brought the structure and seeing the value off token and instead off 45 let's make it toe 200 so that we won't have any type of problem in the future. And let's also change the value of password. I already made it 1 30 although there is no need to change it. But let's change it and make it more wider space for this passport string. Let's also make it toe 200. Although we don't have any problem with deposit. But I'm just changing it for the sake off doing things in a good way. So now everything looks good and no, let's browse our database and delete this one. And ah, I have to go back to use underscore registration and register used from the beginning again the jester jacquimo for activation. And here I guard this email. Now you can see this one is ending with E 53 and ah, in my database. If I show you this token is also ending with a 53. So we dedicate this problem off insufficient fear space in our token, So I think it would make it So Now let's click on this link account activated successfully means it made our state us off active Toby on using this file off activated or PHP that we add Just know. So if I biologists again and now here you can see we updated its value from off the beyond . So it means that we're good to Logano. So if I log in again now 1234 Now you can see regardless welcomed or Petri file. So it means that our account verification process has been completed. So this all restriction was happened due toa this function that we added in our Logan dot PHP file confirming account, active status and in the function file if I can show you right now regardless function off confirming a conductive status and we made it toe give access only to those who has the active value. So in the Logan or bigotry fire, I did this function off confirming account active status and put everything off Logan, a town function inside it So on this user underscore registration. I'm sending an email and that email further takeover user to activate or PSP five, in which we are changing the active Toby on by using this super global off token that we got in our link bar right here. 21. Lecture 19 Making Pages Private and Adding Logout Feature: So now the activated user can easily Logan by putting his email and password. But very minute, you may be thinking that this page welcomed or PSP if I close my Firefox and open it again . And if I look for my welcome dot PHP file, then I can easily destroy this welcome page without entering my email and passport. Survive the name on Earth are designed such system, which could not restrict my user to reach to the main page without Logan. So we need to add one restriction on this page. Welcome dot PHP toe Give access only to those who enter their email and password by proper channel using log in page so that no one could reach to this. Welcome dot PHP file without Logan. So for that, first off all let's back to where detail and let's open this Logan dot ph before. So here you can see where we found over account and, ah, air dysfunction off Logan attempt and ah, the place where we are sending our user to develop com dot PHP file. We can simply set one session and passed that session in order. Welcome, Daughter Beach before and also we can use that session toe. Make one function off, Logan, that could restrict our user to give access only to those who has that session in their browser. Now for doing that, if I show you this Logan attempt function in my functions or peace before here, you can see I guard this longer term function. And in that function, I fetch all the data according to the user email, before seeing the user password. And after seeing user password, I'm returning the Edmund inform off fetch. And that Edmund is saving in Logan attempt after a successful logon attempt. And here, Logan dot PHP file I equal this Logan attempt function. I said, if it is true, then you make this variable off phone account. So I put all the data off this Logan attempt function using this, My ask, you'll fetch associative in tow. This found account. So now I can easily make session to access the data off that particle er person with that imminent password. So for doing that, I can create here as many session as I want. So the first session I'm gonna call this session. Toby User, I d underscore i d and now for accessing user I d. I just have to pass this variable found account that is getting all of my data. And in the super global off this phone account, I have to pass the column off my database. Name off my database column Name? No for accessing his i d. I have to pause this small idee right here. Now, if I want to access all off his information, I can define the next session and I can call it use Ah, name. Now, this time decision to be used the name and for accessing his user name. I have to pass this user name off Lower form that the same in my d. B now for accessing his email. I can simply call decision Toby, email whatever name you want. And boss this lower form off email so that we could access the dye data from this variable of phone account that is getting my data from this my school. Fetch a source now. I passed all the data off the user in my session. Now it's time we should open everywhere. Come dot PHP file and first off, all in this. Welcome dot PHP file. We have to start over. Session toe. See this data that we are sending from Logan or beautiful for that? We need this Require wants Toby session in my welcome dot PHP file right at the top. No, I can access all of this information. That does. I'm sending in my session in this file off. Welcome dot PHP. So in this PHP school, I'm going on adhere one echo statement, and I'm gonna say that first off, all my i d. Is and then I can concoct innate it with this session off user I d. That is getting my i d. From this phone account so I can contaminate it with this one. Then I can cut, coordinated with one more string, and I can call it with the name off. Then I can can coordinate it with this. Use their name session, and then I can concoct innate it. Vidi email. Let's put it in the string and can get anything it with this session off. Usually mill. No semicolon air. Done. No. If I save this one out now, you will also see their Dini information off their person. Who is going to log in from this logging dot PHP page on this. Welcome dot PHP for saving this one out. If I open my Logan dot PHP page giving it, use the name email and password. Now you can see I also guard this my id's 10 with the name of Josip with the email Jazzy Bagram air direct off gmail dot com So now we are accessing our this information in this page off. Welcome dot PHP five. So now we can easily use this session to restrict our user toe. Give access only to those who come on this page with proper channel using Logan pitch. For that, we need one function that I'm going to define in my function. Start ph before. So right at the end, I'm going to define here but new function, and I'm gonna say, Toby, log in function and in dysfunction. I'm just going to check whether this session off use that I d or maybe use the name is set or not. And if you decided, then you should give you the access. Otherwise not. So I'm gonna say if a set this user I d that we are setting. If this user ideas sacked, then you should return through and when more function, I'm gonna define here. And I'm gonna call this function Toby Gun firm Logan. And in this function, we are going to just check this function that what is the value of this function? So in this function, I'm going to define one condition off. If and I'm going to say that if this function off Logan is true, then you should not have any problem. But if this function off Logan is not set means it is not giving you value off through. So I have to wear, not here. So if this function off Logan is not true, then you should create a session and passed inferior message to my user that you have to log in and redirect my user to log and got Pete before. So I made it to a security right here. I said that dysfunction will be confirmed, Logan, and in this function, we're going to check whether dysfunction off Logan is true or not. And if it is not, then we are going to set our user toe the Logan dot PHP file. And otherwise, if it is log in means if this session is there, then we don't have a problem. Give him access. So now we need toe air dysfunction in our welcome dot PHP five to restrict our user. So I'm gonna add it right here and ah, in the PSP school. But And also, we are using this functions dot PHP file in this one. So we have to grab or functions dot PHP file and added right here. So adding it right here? No, we made our function. So whatever page you want toe add in the access privileges, you should add this confirm log and function on that page. Now, saving this one out. Also, this functions dart PHP file. Now, if I close my window and open it again and try to access that page of welcome dot PHP. Now you can see we are getting this pop up. You have to log in. And, ah, if I log in our 1234 I'm on my page of welcome dot PHP. So this way you can give access to those pages who you want. Now, this is the structure off. Designing are welcome Page and making it private. Only 40 Logan User. Now I'm gonna create her a new page off log out that could look out my user and send him back to the Logan Dorky trip age. So first off, all in this page of welcome dot PHP I'm going to define here one hyperlink and ah, this hyper link will be Take our user toe the log out page logger door for your speed, which we're gonna define. I'm gonna see here, Log out. No, no. Sitting this one out large scale here to hear a new file with the name off logo dot PHP No , in this file. First off, all we will need our session, because by using this page off logo were going toe delete this session that we created in this log in page right here. So before adding anything in Logar page, if I assure you so if I can show you what we got here on the option in the privacy tab of five fox hair in the use custom setting for history show cookies. Now, here you can see regard this session off PHP session I d. And it means that our session is starting. So if I close this one right here, browse my welcome dot PHP file again. I can easily do that and excess it without Logan. And why? Because there is this session that has been stored on it will be in when I close this window. So if I remove this session and refresh this page, you can see my session has been destroyed, and I'm on my log in dot PHP page No, you have idea. In our logo dot PHP pit, we are going toe. Add some court that will make the session off user I d. Toby no or deleted so that after looking out, we have to require for loving. And so first off, all I have to include the session file in this page off log out and all. The next thing is, first off, all I have to wear the PHP scope in this file off log out and ah, the session that I'm adding in my logon page and in hair in my PHP school. First off, all, I'm going to equal this session with the null value. So make it No. And then I'm gonna destroying my session by using session underscore, destroy function. And then I'm going to redirect my user toe Logan dot PHP file. So this is all the gored toe. Get rid off your session. And after looking out, you can make your user toe Logan again are saving this one out. So now everything is good, but I'm calling. Here are functional redirect. So I have to include my function fire right here as well. So now if I log in now, you can see I'm on my welcomed or peace be page. And if I look out now, I'm on my Logan dot Petri bit. And if I try to go again in my welcome dot PHP page, you can see a kind of go there because by using this log out page by destroying my session and make my user I d off session to be No, I cannot go back to welcome dot PHP page until I Logan. No, Maybe you were wondering that we made this welcome dot PHP page only for the registered user only. So if you want toe, add more pages in the scope off. Welcome dot PHP How you can do that? It's very simple. And I have this simple dot PHP page and I'm gonna save this page as Welcome. Just Zib. Let's save this bitch. Next idea its extension. Now regard this page of Welcome, Joseph. So this page I'm gonna just changer tighter Toby, even the name off my job, Zeb. A gram private bitch and in its body. I'm gonna add one h one in which I'm going to say that jazz ib a gram dot com slash coupons And then we will have when I was two heading in which I will say that Browse it for deals now saving this one out regardless paid off. Welcome, Josip dot PHP Here I guard this page off. Welcome, Josh. Have door PHP dis click on it and you can see that regard jazzy become dot com slash coupons brought it for coupons or deals. So this is bitch, and anyone can access it without logging in. So if you want to make it private, you can do that easily by just adding three statement in this page. And that is in this page of welcome dot PHP. First off, all, you have to add the session than function than this confirmed Logan pitch. So I'm gonna copy them and pays them right at the beginning off welcome. Judge your PHP page. So this confirmed logon page will make this page private and ask for Logan. So any off the page you want to make private, you just have to add this function off. Confirm Logan. And, of course, this function file and this session file as well. Now, seven this one out. If I refresh this page just for now again, you can see record this message off. You have to log in. And, ah, we cannot access that page again. Whatever we can do. So if I click on this welcome judge of dot PHP, I redirected back to log in dark pH me and I'm getting this passage of you have to log in. So this way you can make your page private for adding any of the page in the restricted area. We should add thes statement. 22. Lecture 20 Adding Remember me Functionality: So when we log in to our account, you can see we are all normal. Welcome dot PHP pitch and we can go on any page we want. And if I close this welcome page and open even my Google, I can easily do that. And if I want to go back to my welcome page, I can go back. Why? Because our session is running in our browser. But when I close this window and if I try toe open my five folks again and browse my page off Welcome. No, I cannot these to my welcome page until I logon. So it's time. We should include our remember me feature in this page of Logan so that if the user jack on that feature, he should not have to log in again even if he closed this window. So in the structure we are going toe, add our remember me feature in our project. So now here is my Logan dot PHP pitch. And in this space, I'm going toe adhere one new field with the name off Jack box and remember me. So this time this type off this field will be Jack box and the name off this field will be Remember, Now we don't have to pass the value for our check box. However, we have to adhere our text off. Remember me Now, saving this a note if I show you this page of logging or PSP? No. Here you can see regard this check box and that regardless to memory lifestyle lister memory as well. So I'm gonna air the span feeling for around it. So that regard this one also stylish and also lets air some space before this. Remember me feature By using our space office GMO and nbsp. No saving this one out. If I refresh my page again, you can see a guard this Remember me feature Right here. So now when the user is going toe check on this one, we're going to set a cooking in our browser so that a user can come whenever he wants without entering his email and password again, like the Facebook account or your Gmail Com. Now, for doing that, we have to set our cookie so that, remember, feature, you can see this Feel off, Jack. Box has the name off, Remember? So in the Logan dot PHP pit when we found our account. I'm gonna add heaven if condition. And I'm gonna say that if this remember feel is sad done by using the super global off post and this field, this field has the name off this, remember? So I'm gonna say that if this super global off remember is said, then you should create one cookie. And you can set your cookie by using certain cookie function in which you need three kilometers. So if you are short off PHP basic concept, I would recommend my PHP fundamentals and building blocks Course that is for complete beginners who want to learn about basic PHP. And also there will be some project in that course, so that with learning basics, you could also build something by using basic knowledge off pH. So for starting over, Cookie, we need three arguments. First of all, we have to give our cookie name, and I'm gonna call this cookie Toby, name off, setting email. So this will be the name off this cookie. And in the next perimeter, we have toe past some value toe that cookie, and I'm going toe pass the email address that I'm gonna receive from my user on this Logan or Petri pit because that email will be unique. So we will set our cookie for that particle email address. So I'm gonna pass the email right here. And in the third function, we have to set our timeto that cookie, and this time will be in the seconds. So we have to set. Here are time that should tell our browser. Toe certain this cookie. For how long? So I'm gonna call this one with equal toe This variable off expired time. And so, Michael, honor that now for the expired time, we have toe get here this valuable off expired time. Right here. So I'm gonna kill year. This variable expired time in which I'm going toe boss sometime here. So normally, cookie, take our times in second. So if you want the current time, then you should use the time function off Ph. B. And, ah, this time function means right now and for how long. I have to add the next value in seconds. So for starting my cookie for 62nd I can just simply plus 60 right here. But for setting my cookie toe one hour and one hour has 60 minutes. So I have to multiply 62nd with 60 minutes. And if I want to set my cookie for one day, then I have to multiply it with 24. No starting mice cookie for one day, Some icon order. Now, this is how you are going to set your cookie. Now we have toe pass this cookie in our condition off. Dysfunction off. Confirmed, Logan. So I moved back to my functions. PHP file here. I heard this function off Logan image. I asked my function to return. True. When you have this session, I d off use. Ready. So we will have the section idea fuse ready? No. For adding also our cooking in our Logan function. We have toe at one or statement with this session I d. So I'm gonna say are IHS said the super global off cookie that has the name off this setting email. Then you should do and return crew. So this setting email is this cookie that I'm setting in my cookie are saving this one hour and also this functions dot PHP file. No, let's browse over file again. And if I here information I'm on my welcome dark beauty bitch logoed. Now, if I had information again and also check this Remember me? Future? Set my cookie. Now, if I show you in the option off Firefox in privacy show cookies, you can see that I set to things here. First of all, I got this PHP session I d Then I got setting email cookie. And here you can also see that this cookie is going to expire on March 29 2000 and 17. And today's March 28 2000 and 17. So we set up a cookie toe one day, close this one out. So if I close this window now or no, If I browse my browser again and open my welcome dot PHP file now you can see I'm own my welcome page, but I'm short off user I d name and user email because that session waas expired when I close my browser. No, I'm seeing my this welcome dot PHP page just because off my cookie. So if I add something in my welcome dot PHP page and if I can say that here fired one if condition and say that if it's said this session off use righty. Then you should show you the all off this gored. Okay. No. Seven, This one out. If I had a flash the space again, you can see I'm not getting any type of better because my session off user id's not set. So if I love out now and try to log in again now you can see I'm getting my information because my section user id's set and let's create one more cookie here so we could eat this cookie for email. Now, I'm going to create this same cookie for our name. I'm going to call it a pooky off name and despite time will be same. And in my welcome Dr PHP file, I'm gonna say that same thing here if our cookie set off this setting name. So I'm saying on my welcome dot PHP page. If this cookie off setting name is sad, then you should echo here in the Edgemont tag the name off the person that you set cookie for a putting records for making it variable or saving this one out. No opening. Welcome dot PHP file. I'm logging because I have to reset my cookie when the user click on the low guard Britain , which I didn't. So let's open our longer page and in the longer paid, we also have to reset our cookie like we did with this session. So for resetting our cookie first off, all I'm going toe copy all of thes statement from here. And I can easily do that by basting the statement in here and making the expired time to be minors. So this expired Time of minus is going toe settle cookie back to the date off. 27th and today's 20 years. So this is the vato unsettle cookie. And for the value I'm gonna past null here toe unset And also not hair toe uncertain or cookie. Not This is the same cooking that we set in our log in page. Now we are just unsettling it by passing no value And also Dean negative time No seventies one out. Also, we have to save these files as well. So if factory contest log out now my cookies unsaid completely and also my session. And if I show you what I got nine local host. I do have the session I d, but I don't have my cookie. So let's close it and open our Firefox again. And if I tried to open my welcome page Now you have to log in If I are jazzy, become password here. No, I'm on my welcome dot Petri pitch. If I close this one without looking out And if I open it again if I open my Malcolm got PP again I have to log in because I didn't click on this Remember me future. So giving it my name, boss Word and adding this Remember me, Cookie Logan. Now I'm on my log in page. So if I close my browser window and open it again if I brought it adult logging in I can do that. Here is this page off. Welcome. If I log out now, I am on my log in dot PHP page So now you have learned how you can air d remember me? Feature. Now you have learned about how you can add Remember me future and also how you can use this information in the session And when you are not having the session or you can remove the error off session by putting it in a set. I don't think this if off cookies. Necessity because cookie, some dental in the browser that saved in the Broza. Knowing the next lecture, we are going to learn about how you can reset your password. Throw email, So see you there. 23. Lecture 21 Recover Account: So now for adding for good password feature. First off, all we have toe adhere One link that could take over user toe the page where he can fill some information toe get email that he could use toe. They said his password later. So in the Logan dot PHP page right after this remember feature. I'm gonna define hair when link and this link will have the address, Toby. New file that we're going to create. Recover underscore account dot pH me. And for its text, we're gonna call it Forgot password. Let's style it by using these Ben or feeling for saving this one old in a fresh ing of our beach. No regard this forgot password that said one more be attacked before it. So here is B R. Ptak. Look. Scored. No Click on this for good password. Now we are recover account or PSP. Now we need toe design. This paid off recovered account, or PSP that will take email from the user and send him in email with the token to restart his password. So for that, I'm gonna open my use an underscore registration or PHP pitch. We have toe save this page as the name off. Recover. Underscore a Gondor. PSB the same one that we asked for here. No, In this page off the cover Condor PHP. We have toe get rid off a couple of things. First off, all, we don't have to use this user name, field. And also these password feels and also this token. And we also have toe look for these validation. So there will be only one validation left for the email only. And the message Toby email required. And, ah, light scattered off this else if and also this password one and ah, we don't have toe get it off this jacquimo noticed or not, because we have to check for it. So I'm gonna make this validation, Toby. Not so in case off the email not found. Then you should send the user message, Toby, email, not phoned. And send my user back to use an underscore registration or PHP. And in case off email empty field, you should send my user toe the cover underscore account, or PHP. And then we're going to do something right here and here. Let's change it. Toe forgot password for the title of this page and the action of tribute Toby, the cover underscore Account or PHP, We will not need this feel off. User name. Also these fears off submit No sitting this one out. So now we have to define our curie in this us. So first off, all we need this global connection, Davy. Then we don't need this hashed password from here. And then we're going to define our curie. And this curry will be different as compared to register yousa because we have to look for the particulate record. So I'm gonna delete all off this curing because we are going to die the new one. So now we have to check the email that the user is going to enter. So I'm gonna say that Select static, All the columns from my table off Edmund Underscore panel where the email is the one that user is going toe enter. Then you should execute my curie and in the if condition, you should fetch all the data off that user and we can do that easily by using this my SQL underscore fetch underscored a day function in which we're going toe pass This execute very uber right in the princes off over function. And that's equal this one with the new variable off Edmund. So he used this committee and we start that all the columns from a table argument underscore panel where the email is equal to this email that uses going toe enter not before doing anything. Let's pause this one right here and see what we have. This structure for this recover underscore counter PP pitch. So that's refresh it again. Now you can see we only guard this field off email, so we're going to get this email from the user. Then we're going toe, compare it with our database. Then we're going to run it. And after learning this one, we're going toe French, all the guards off that particle email and save them in the variable off Edmund. And then we're going toe create couple off super global off Edmund in which we're going toe save the user record, and we want to say foster falls use the name that we got in our database. And also we want toe fetch our token because their token is gonna help us toe three searchable user pass for So I'm gonna took the user name and the token only from the fetch results. No, for the email. I'm gonna say that that he said boss word. And ah, then in the body, I have to say hi to my user so we don't have this variable of using them on. We are getting the user name from this Edmund Super Global. So we have toe paste it right here because we are getting it from user record after fetching it. It's regard then in the link. This one is good. PHP course user underscore registration and then we're going toe takeover user toe the new file with the name off, the certain underscore possible that were going on make and the token will be the this token that we're going toe fetch from the user email by using this functional factory. So here is the link toe. Reset your password. No. Looks good now, So Sandri meal will be this one and ah, the same ill will be the one that the user is going to set. And the success message will be jack email for resetting boss word and else something went wrong. And in the l, something went wrong. Dragon no. In the value of this summit. Britain. I'm gonna call it submit saving this one out. Everything looks good. So after executing the screen, we are gonna take user name and token from the database and save them in December. Global off Edmund. Then we're going to write an email in which we're going to use this name from the database and we're going to stay here. Is the link to reset your password? Then we're going to send you the link that would take user toe this Find off. Reset underscored password. And this token vidi surgically perimeter will be equal to the token that we are extracting from other databases. Then the simple thing that we did earlier, we will send email by using this male function than to success message. Then this failure message and this failure message off hold or saving this one out. If I back to my page off logging or PHP click on this forgot password. I'm gonna give it my email submit. You can see I returned back to Logan dot PHP page and check email. Four resetting password. So I have to go to my Gmail account for getting my token that I sent from the dispatch. So click on this reset password. Now you can see a guard, this name and also this tooken extracting from my database. So here is the link to reset your password. Click on this one. Now I'm on my reset. Underscore passer page there. I can give you their fields to research his password. 24. Lecture 22 Resetting User Password Mail Request: Now we're going to design this page off Reset password. And also there is this problem with its name, and it has to s. And there is no extension off this page that we're going to create. Forced to fall. Let's fix it. Hair regard the link. So make it Oh, reset. Underscored password door pH. B now saving this one out. So if I click on this forgot password giving it my email cement in my email box, I got email with the correct name off reset underscore password, and it's giving us tokens. So we need to take this token to update our pastor in databases. So now we need to define this page off researchers core password that will have password field, and it's gonna get our token toe update over passer in the database that has this token. So let's do it for that. We need too far user underscored registration file and ah activated dot PHP file that we used earlier. So let's close this one from here. And also this Logan door PHP page. Now it's open overuse underscored registration, an activity door pH being, and this user underscored registration. I'm gonna save this file as ini file that he said, underscore Boss Word Dort, BSB. We're going to do the necessity things in this file. So first off all looks Remove these feel off email user name because we will have only password field. Don't need this token field confirmed field. We need it. And for validation. Let's remove the validation for email and use the name and let's make it toe. If usually leave any off the field that's used or an instead of reader can never user. We don't have to. We just have to show him message. We don't need this three direction here. We need this password relation. Also, this password validation off, lying to be a t least for I don't need this redirection. And also we don't need this else if condition, because we're not going to check it. Anything for the email or for this else we don't need any off the cord because we're going to define Arcuri. So let's remove all off the scored from here. No, let's make this biz name Toby Goodyear. New boss. Word are sitting this one out. So now we have to use this activity dot PHP file and first off, all let's use this is set off. Get broken. Because in the Ural you can see you. You are having this token so we can use this token to reset our password. So we have to get it by using Super global off. Get so we already have the super global off. Get gored, Inactivate or PHP? Fine. Then we activate our user by email. So let's copy it from here. And I'm gonna based all off this sum mitt gored inside this super global off god and ah. Then we will have this submit Gord. And in their structure, we should have one curie that could update over password. So we guard. This is set off token. Also, we have to add its and Inga writer the end. No, saving this one out. Now we need to go get rid off these fears that we got here. We don't need this user name, email the next make despots or Toby, new password and the value off some involvement to be some meant. And this time, the action attribute will be the certain underscore password dot PHP and there's search query parameters will be broken and their token will be equal toe Tokcan from the Ural. So I'm gonna add her PHP scope. And inside it I'm gonna go. My token from the you are method will be posed. No saving this or not, we'll scroll up. So it's time we should add our curie here. So this token from the Ural is going to help us to establish security so far adding, Arcuri regard this curie right here. So I'm gonna copy this curie from here and ah Pierce disputing my research password else structure. And this time, let's make the security update my table of Feddeman Interscope panel and set the password feared so this new password that we're going to get from this fight. And first of all, we're going to get this password. Then here, you can see we're gonna in crypto password that we're gonna get and we will save 80 Never hashed password. So we have to pass this hash password in here. So said my passport to be this hash password that I'm gonna get. Their token is token from Europe. So if discreet, unsuccessful, then you should. And here a success message that will say that password changed successfully and year direct my was there to Logan dot PHP pitch and else if this curing Yvonne trance successful that you should adhere Ophelia message that will say that something went wrong. Try again and send my user. So the page off, Logan dot PHP VD failure message sitting this one out so everything looks good. So first off, all we're going to get over token from the Ural, then in the submit button. We're going toe couple off. Have these validation. Annandale structure. If we won't have problem with these relation, then we're going toe hash your password and update over table admin panel and settle pastor to be hashed pass for And where the token is talking from, that you are executive acuity. Give you the message to the pastor, change successfully and in case of failure, give message off. Something went wrong. Try again. And here I put action off. Reset past for dot PHP. I have added the surgery perimeter of token because in case off user violated validation, I don't want him Togo back toe, any page other than this page off research, password and talking. So we have to make sure that then user avoid any of the validation. He should be back on the same page off. That could help him. He said his password. No sitting this one out. If I click on this link now, you can see a guard new password and confirm Pastor and Ammon. He's certain the score pastor dot PHP If I click on the submit button now, you can see we still guarded talking from the u l and did. Nothing has been changed. Just because we echo our token from you are all here. So instead off that if I change it to this simple one and remove all off this PHP token from Ural and certainly perimeter, it will gonna take from reset underscore password paid. And we will be in the middle off Nova, so we don't want that. So in case if the user violated any of the validation, we want him to stay still on the page off. Same that regard from the email address. So if I give it wrong password inboard fears submit. Regard. This enter both password must be seemed If I give it parceled off. 123123 Password should include at least four values And if I give it new pastor Toby. 12345678 12345678 Submit my password so you can see past for change successfully, I'm gonna log in using this new password. So using my email address and password, Toby. 12345678 The new password that I made, Logan. Now I am on my welcome dot PHP page and my past for change successfully. So now, in the couple off next election, I'm gonna teach you how you can use this project gored in your own Cordes or your website to make your own system. So see you there. 25. Lecture 23 Breaking Template: Hello. In this lecture we are going to march our project with the our HTML five and CSS three template. You can pick any other Templar that you want. I build this template in my course off the complete HTML five and CSS three with the website design. And I think that my students will feel more comfortable if they pick the complete esteem of five and CSS three course template where the builder template so it will be easy for them. Moreover, I've been using this template from my first course. Overestimate five sisters three. Then I use the same template in my JavaScript course. Then I used the same template in my animations transforms and three D design course with CSS for your u X, you can pick any rhythm player that you want. It's up to, you know, before adding over template, I can show you the minor team that I made. You can see I have opened this user underscore registration daughter PSB file Here I have added this hyperlink on the text off already a member. Logan and I put it in the span tag and put a hyperlink using ankle tag that is going to take over user to Logan dot PHP file if he already signed up Similarly, in Logan dot PHP file. I have did the same thing. I have added one hyperlink on this text off. Don't have an account. Create one. So on the log in page, the user will also see ah hyperlink in case if he don't have an account. So now let me show you what it's gonna look like in our project. So opening First off, all use an underscore registration. Lord Peter, be fine. You can see this text right here. So if I click on this now, I'm on my log in page. So if I click on this, don't ham and account create one. Now I'm on my user and Resco registration door Peace before it just a hyperlink. So now let me show you the template. So in the former off use underscore registration I'm gonna adhere our template. So this is our template Solar to see what we got in this template. So you can see we got ah, many pages. So see what we got here, So I'm gonna open all of these pages in my comodo. So here is our page off inducted PHP file in which we guard some CSS. Then we got so much GMO then we have the ending off the speech and in the images Fuller. I guard some images here and ah, in the CSS for the I got one ceases file basic. Dorsey's is nothing special. No. Let me show you the outcome off this project in our browser. So here I have this template folder. Now you can see I'm on my index dot PHP file. So it has very nice header. Then it has thesis sidebar and in which we play some images and then it guard the very simple for her. And this is the place where we are going to add all the things. No. Here I have this page off front page content dot PHP in which I have the couple off hurting a couple off paragraphs. Def tags, a couple off heading better graph image. Dave. Doug again. Dave. Doc at one paragraph image and in these pages off trailer, one door PSP trailer to dot ph, peter three dot PHP. I have one heading. Then I have the i frame from the YouTube. Then we have deaf than being then image are then. Same in all these pitches off trailer Mondor PSP, a turtle or PSV realty dot PHP. So we're going to apply the destruction on these pages off trailer, $1 piece, peter to dot PHP and trailer three door pH. Me? No. First off, by using our firebug tool off, we're gonna find out what we got. The idea off this white space so you can use chrome developer tool if you want, so you can see that this vital space has the live off I d content. And ah, this side bar has the Dave off i d side. We'll be focused on this, Dave. A fiery content. So let me show you this. Divide the content in my index dot PHP file Here I guard this divided content online 1 90 and ah, this division empathy at the moment. That's why we don't have any kindof content right here. So we will be add something like hairs. So if for kick demo, I add her one h one jaws eb gram selling this one don't If I refresh this page now, you can see we are getting over our perpetrator. I'm gonna break this page into two pages off PHP. The first page will have the starting off this page with the name of 100 or PHP. And a 2nd 1 will be the name off for door PHP that will have the ending. And before here, we're going to just include over pitches. So I'm gonna copy all off this content from the beginning Tab off, develop very content. Not gonna copy this slash Dev and ah, I'm gonna create hair. A new file with the name off harder dot ph me and this file will be in our template for her that is, inside of a user underscore registration for seven. So not honor Spears Tower Gord. Now you can see that this file has this starting over steamer tag and ah, ending with the Devil Fire D content without its closing time. So now in defied off index dot PHP I'm gonna copy the just off the gord with the ending off def tag and I'm gonna could eat here a new file with the name off footer dart PHP Ah, basting all the gold here sitting this one out So we got 100 art pH being and for or PHP and we break this paid off index dot PHP into two files. The reason I'm doing that I'm going to include these files at the beginning and ending off our project toe have these similar design without messing with our index toward peace before. Now let's close this 100 or PHP file and also this photo dot PHP And if I show you the or put off this front page content dot PHP, this doesn't have any beginning and any ending It just has some actual p and ah, a couple off images. So opening over paid off front page content, not Ph me. Now you can see the speech has some headings, some images and nothing more special right here. And now if I show you the trailer Mondor psb this bitch you can see there is only heading one beauty video than text and then emitted the lost. So now we find out that greater one dot PHP and this front page content or ph. B doesn't have any kindof CSS and esteem, ill starting and ending. So now we can put these pages in our template and all we have to do is and if we have the beginning, add up BSP tag. And in this PSP tag, if we require our file off header dot PHP that we cut in the form off beginning off index dot PHP I was sitting this one out. If I open our front page content or if you know, you can see we put this page off front page content with ever had or peace be so if air the end, I include my foot or file off this front page content. Then you will see that our everything will be in the right order. So adding no air, then footer dot PHP that has the ending off over indexed or PHP file seven This one out if I refresh this again. Great. Now we placed our front page content successfully in this template file. So here we got 100 or PSP dinner. Then we got for the dot PHP and in the middle, we can place any of the file like a sandwich. So we are just putting all of this scored as a sandwich in over template. Now, if I do the same thing with this trailer one dot PHP and without earning for them if I show you, it's out. But regard driller one dot ph me. Now you can see this is what we have without hurting for the So if I add the footer in this paid off, her wondered Ph. B as well, saving this one owned. If I refresh it again now you can see we placed our this page off trailer one dot PHP into our template by adding it's harder. And for the I'm gonna do the same thing with these pages after 234 and five, all I have to do is got this head of fun and put it in the every single file. And also we need for for seven these fires out. If I open my tailor to rot Ph. B, Now you can see regard this page off trailer to Lord pH. B in our template. So this is all like a sandwich. You're just putting all off your stuff in the two slices off your bread that you cut from this index dot PHP by cutting it in two pieces. So in this page of front page content or PHP, if I show you this page again, you can see we got heading. Then we got our this heading pioneers off Caribbean. Then we got image. And after getting the image, you can see regardless, wash trailer now. So if they use every click on this, then he will be the director Trailer Mondor Peace be same. If they was every click on this writer now, then he will be redirected toe trailer to your PC. If they use every click, all of these files, then he will be redirected. Tow the trailer, tow trailer fire after four dot PHP. So now we're going to make this page public. And these pages off critter 12345 will be private. And if the user want to teach on these pages were going toe make him Logan. And if he doesn't have a log 90 we'll ask him toe the just turn. Do the process off email verification. So now in the next lecture, we're going toe Mars district plate with dollar project off registration system 26. Lecture 24 Adding System in Website: so, no, we're going toe ad over the destruction system with dark Templar that I just showed you. And, ah, I'm gonna create here on your folder with the name off herding template. And ah, first off on, let's copy all of these files off template and pissed them in the form of addendum plate so that when he will have d according exercises, you can see the tempered without registration system on with registrations. Stop. So, no, I'm gonna at all these files off registration issues. Underscore. Registration will come dot PHP this reset password. Recover account. Logan, log out. Activate this, include file. I'm gonna cut them from here. And I'm going toe based these files in our adding template Hit. Let's open over there. You don't know. First of all, let's open in 100 or two PHP and our footer dot PHP. Now you can see we already got the beginning off extreme attacks in our header and ah, the ending off our esteem or tag in our future. So we need toe, remove the STM oh, from the Logan and log out pitch and registration pages as well to make them fit into this because if these pages off Logan dot PHP have the STM a starting and ending, Dave will going toe break after getting the html so we don't want that. I'm gonna cut all of this esteem l court from here. And also the ending off of a ledge steamer, Gord, Just the body and esteem or tags Only saving this or not. Now we need to do the same thing with blogger dot PHP. We don't have any steam. All hair is good also, So I'm gonna open are activate dot PHP. We don't have any HTML here. No, I'm gonna open. Use an underscore registration. We do have some html in our user underscored registration dot PHP I'm going to remove body tag. Had EST email and doctor I from here and ah, at the end. Also, the ending of html and body saving this one out Now on the research underscore password or PHP, we do God some html right here. So I'm gonna cut them from here. And also the ending off esteem and body sitting this one out? No, for the Governor Condor PHP. We also have to cut the STM o from this page. The ending as well. Saving this one out. Then we go. Logo page, logon page we already got from Logan pitch. Then we got activate dot PHP. We don't have anything, writer. So now these files doesn't have any kind off as TML opening and ending. So you're good toe and our headed or PHP. And for your PSP with these files toe include these files in our project. So I'm gonna close this header and footer files as well. And in my Logan dot PHP file, I'm gonna add the header dot PSP template right after this DVD or PSP in ah, one BHP dog. I was sitting this one out. We also have toe do photo file air the end sitting this one out. No, If I browse my Logan dot PHP fire that is inside my user underscore registration and the adding template for DNA. No. Here I guard this folder of heading template. So this is the index dot PHP file. So if I browse my Logan dot PHP file here great. Now you can see we much other project with this template easily. Now, I'm gonna do the same thing with our other files as well. So now in my file Off recover account dot PHP I'm gonna add the same thing right here. First off, all the food. Better than then we have toe are the harder at the beginning that I'd after a session function and db file changing it for header No opening my research password file. First off all adding the footer file heard the end and then I have to add my hydro file. And I'd after my dad obvious changing it for harder dot PHP. Now, lastly for this user, underscore registration dot PHP First off, let's add footer filer then Then we have toe er the template header file at the beginning Right after over that obvious now, saving these fires out. No, If I show you my user underscored registration file by clicking on this link here I got he was under skill Registration North PHP. Here we go, Logan dot PHP and, ah, if I can show you my cover account or Petri file No, here, regard about it over the counter peace be so back to over Logan dot PHP file lurks. Check whether it's PHP code is also working or not. If I click on the slogan. Now you can see we got at her and ah, our page has been broken. And after a refreshing page again, Now we're getting the other. So if I adhere some wrong email and wrong prospered click on Logan or Peace broken down again And if I refresh that place again, then I'm getting my session method. So this is just happening because we are out putting over these other message in our session. That's why when we click on the Logan, the all the pages content burnt in the session and show us this error and we are getting the information, you cannot modify harder information. And if I refresh that bit again now we are getting these session message. So we need to tackle down this problem. We can easy to do that by putting a simple function off output buffering in the first statement off these files. So first off, all in my log in dot PHP file the PSP tag where we added our session. I'm gonna adhere one function off or be underscored start. So this function is goingto take care off these warnings and it will let us do the things that we want to go now Sitting this one out If I refresh this page again, If I click on Logan now, we are good to go. We're not getting any kindof better here If I adhere wrong, boss Word, click on Logan. We're getting over. So we need to do the same thing with these file as well. So adding or b start function in my recovered account or to PHP file and in my research password or PHP file. And in my use, that underscored registration dart PHP five. So that we want that enough output buffering sitting this one out. Also these files. So if I give it correct email and password now you can see successfully meto welcome dot PHP. If I click on this log out now and try to go into welcome dot PHP again, you can see we are getting the other here. So finally, we have added our user registration project with this Templar. No. On the next lecture, I'm gonna show you how you can add the restriction on these files off Letterman dot PHP driller to driller. 300 or four and five. So hang in there 27. Lecture 25 Making Movie Trailer Pages for Registered Users Only: So remember when we are making our page private like we did with this Welcome dot PHP. I told you that you can make any type off pace private by adding these three statement session file function file and this confirmed Logan function. So now I'm gonna add these restriction on these files off trailer one driller 234 and five . So let's go. This user underscore Registration, recovery, ConEd reset password. So I'm gonna copy the statement from here, and I'm gonna pieced the statement in my cradle one dot PHP in my trailer to dot PHP right at the beginning before adding any type off header then inducted or three dot PHP then in my trailer, $4 ph me then in my trailer, five dot PHP. So if I show you what we got now, if I opened my friend page content dot PHP Hey, regarded right here. If I click on this white, you don't know I cannot get access off this page off german dot PHP until I Logan. Same here. Same here and here as well. So I have to log in before accessing these pages off. Trailer modern trailer to one trailer three dot PHP. So if I log in now, enter. I am Logan. And if I deflect that page again and click on this washed you don't know now I can easily see these trailers, like on this vital. Now, I can easily avoid this trailer if I click on this right through there. Now, I can easy received driller from this train afford or PHP in the project in other Logan dot PHP page. I'm gonna add one thing right here. So let me pause this video first. And ah, I'm gonna say that if the person log in successfully, then you should return that person on front page content dot PHP No sitting this one out. If I log out now and click on this Washed Didn't know. Now you can see I have to log in. Forgive it. My email and password. Now I am on my front page content, or PSB and I can easily see any of the trailer which I want. So here is the thing. In the next lecture, I'm gonna add here a Logan log out button. So if the user is in Logan form, he will see the log out button in our template. And if in case he's log out, he will see the Logan button right here. 28. Lecture 26 Login Logout Button: First of all, we need to find out the name off the serial by using Mozilla fired back to or chrome developer tool, whatever you moan. So no over using this, Inspector, this one is as three heading with the latest movie links you can see in the minimize window and ah, here it's on top. It has comment offside area. So we need to find out whether this side area belonged to over header file and or photo file because we slide other file off index dot PHP into two files. Let's open our heart and further file her to file, then fortified. So finding out my side area by control laugh. You can see we don't have anything right here. So if I find out for my foot her file click, you can see regard side of your head. And here is the latest movie links. So I'm going to define hair if condition and ah first off are we need PHP scope. And in this PHP school, I'm gonna say, if my cookie is sad and ah, you can see in my log in or PHP file When we authorized our user to log in, we made this cookie off setting email. So I'm gonna say that my foot or finally closes her profile, gonna say that if my cookie offsetting e mail is set, then you should make air toe log out. Then we need BHP school began, and we have to wear the ending in this PSP school because we want where the three in this PHP scope off. Condition off. If so, now I guard this ending off. If condition and ah else, you should make this to Logan. And again, we need PSP school toe. Put the ending off this cells here. No, saving this one out. So I started my If my cookie off starting email is certain, if the user click on this remember me feature, then you should make it to logo. Otherwise, you should make it toe. Logan. Now sitting this one out and I can add the ankle tag and I can make it toe look out page so that they use that could have the link to low garbage and same on this Logan, I can add to Logan now sitting this one out, opening well organized peace before now you can see I already set and I think my cookie. No. Here you can see we start double cookie off starting email. So that's why we are seeing this logger Britain. So I can go into my front page content or PSP and ah, I still have the local Burton because it means that it can brothy hold upside If I want civically conscious voice tell, you know I can easily access it. And if I click on this low Garneau now you can see I'm on my log in pitch on This logoed is changed in tow, Logan. So in the next lecture, we're going to apply the same kind of thing on this upcoming movies. And I'm going to say, If the user start is cookie, then you should make this upcoming movies 2017 to welcome back so that the user could know that he is low again. 29. Lecture 27 Adding Content to Login User Only: So now in this lecture, we're going to change this upcoming movies when the user is logged in so you can see that this one is front page content, or PSP. So we need to open our front page content. Here, you can see regardless, upcoming movies 2017 online toe. So right after the header, I'm gonna add here when? If condition. And I'm gonna see that inside my PSP scope. And I'm going to say that if my cookie offsetting email is set, then you should make my actual heading. Toby. Welcome back. See upcoming movies 2017 and ah else you should make it. Oh, instead off. Welcome back. You should make it toe just upcoming movies 2017 So now in the PHP scope ending the and they go for else condition. So I said here if my cookie set then you should make heading Toby Welcome back. See upcoming movie 2017 and else you should make toe just upcoming movies 2000 and 17 for those users who hasn't set our cookie or the users who are not registered oversight. So we need to wear the PHP school at the beginning here as well. So it's good now if I say this one out and ah, fresh might be it again. Nothing happened here. If I click on this Logan but are now and give it my I D and password. Remember me? Feature Logan, you can see regard. Welcome back. See upcoming movies 2017 Like an easy The voice didn't know whatever they want. So if I click on this window, close it and open it again and opened fire front page content or PHP, you can see we still got Welcome back. See upcoming movies 2017 and still I have the logo button so that I could look out going this washed it or no, I can easily see the trailer off these movies now where a project has been complete completely so in the next lecture. So in the next lecture, I will give you a presentation to all of the project so that you could know that our databases working completely fine Our registration system is completely working fine. Our Logan Research password email confirmation is also working. So see you in the next lecture for having the last presentation. Another project 30. Lecture 28 Beta Testing (Final): so you can see my table off eggman. Underscore Panel doesn't have any occurred in this. So I did. They only regard from here on now I don't have an account. So if I click on this, create one and give it my user name. Joseph Akram. Email Jobs become a murderer of Jimmer dot com. Password of 1234 1234567 Register. I'm getting the error. Both password values must be saying so over relation is working. Fine. I give it password over in 2341234 Register. I'm on my log in dot PHP and check email full activation before activating my account. If I try to Logan Now, Logan, now you can see account confirmation required, and I'm on my log in your piece before. So in my Gmail box, you can see a guard. This email confirm account, hamza link to activate your counsel. If I click on this link now, account activities successfully. And I am on my Logan dot PHP file and this file has the address off user interest code registration. So we found out that there is one problem in our activated or to PHP fire. So in my activity dot PHP fire there we are redirecting our user. We are redirecting him to log in North Beach before and in other user underscore registration file. We have to find out where we're sending over email. So when the user ask for registration, we are sending him a link to our old for lead off user underscored registration. But now our directory has been changed. So we need toe their toe, adding template dot PHP and Logan so adding here off or let off heading template. So if the user get the email, we will send him. Adding template, the new directory off our project that has the template. No, saving this one out. If I were delete my record here and do all the process again, use the name email Boss Word Jack email for activation. I guard the seem a law If I click on it. No, we successfully sent our user toe Logan dot PHP four. And if I give it wrong email and password. Logan Invalid, imminent, possible and no, let's see Ever forgot password. So here we are going to get over, use their email so let give him first off all wrong email, submit even Lord phone And we are on over you. Is there a dress code registered or PHP? So if I click on this for good, pass for now and, ah, before giving him a cool email. We also have to change the directory of this recovery counter PHP where we are sending over use Ah, an email so that it won't go to the old directory. So here is the link. So I move on. I'd here. I didn't template for the Then we will send our user toe reset underscore password or PHP was sitting this one out if I give it my email law But before doing that Artificial paid to Lord over PHP Click on this email Correct. Submit Jackie Moran for the starting prosper and I'm on my Logan dot PHP pitch. So here a guard reset password email I can click on this email law and it has a new directory off adding template, the look on this one. Now I can choose your password. Forgive it. Wrong password Here submit. Are relational working fine and we still guard the research token because off in the desert password. Fine. Where we are. Did this research underscore password or PHP? And we made this token toe the court taken from Europe. So if I give it parceled off 33 Lesson four, Summit Brussels should include at least for values were still on that page If I give it my new passer, Toby. 123456 78 New buzzword. 12345678 Summit password to successfully if I log in now. 12345678 nine. Wrong password. Remember me? Logan invented the minute boss word. And we still guard this Logan button here. If I give it my right Email and password. 12345678 Remember me, Logan. Now we are on our front page content. Welcome back, CIA becoming movies 2000 and 17. And I can easily wash the trailer off the movies without any further problem. So here I got this logo better now. - So I hope you enjoy watching the straighter with me. So if I click on this log, are now normal in my leg and order peace be fire and ah, if I tried to wash together again. I cannot do that. So this is gored testing your project, and it's very important because you have toe. Be careful while you change your directly, like I change this directory of hiding template. And when I was getting the email, I was sending my user toe the whole other directory, which I don't want. So it's always a good idea toe test your project before calling it complete. So now we also tested our project and reversed one foster in few days Taylor together. So it's time we should say goodbye to the scores and I will see you in the upcoming courses off mine. And ah, you can also search me on Google and follow me on your job. And you can also see my other courses that will also give you some hands on skills in each other courses. So see you around and, ah, have a great day