Wednesday, 30 April 2014

Register Process

I started of the register process by 


I then went ahead and started validating the fields, here I checked various factors:
  • All fields have been filled in, if they are not (==  "") then the echo message will notify them
  • Email fields 1 and 2 (email and confirm email) need to match if they don't (!=) another echo will notify them about this error. Here I carried out the same process for password 1 and 2 (password and confirm password)


  • I also verified the emails to see if they were valid address, important for the process of activating accounts
  • I used a hmac for the password encryption
  • sha512 was used although it is not the best method combining it with bcrypt and salt would enforce it
  • The unique key created for the website was linked to this section as it is the unique character set for the password security
  • I then create a prepare statement that checks to see if the email and chosen username exist within the database if they do they will need to change the details 

  • After all the validations are made a try catch block is created where a prepared statement executes the query that inserts all the information inserted within the form onto the database
  • The last usersid from the login table is gathered so that the system allocated the next usersid to the new registered individual
  • This id is stored within the activation table along with the users unique token, this id and token are set within the email activation link therefore only valid once and for that user


No comments:

Post a Comment