Registration form

Getting Started Newbie Questions
#21

Both sides either have to be POST or both sides have to be GET.  POST is a little more difficult to setup on the Corona side and the PHP side, just change the $_POST’s to $_GET’s.

But you have to make the parameter names match on both sides. If you’re going to use “username”, “password”, etc. on the PHP side, you have to use username, password etc. on the Corona side. “a”, “b” and “c” wont work.

If you’re going to base64 encode on one side, you have to base64 decode on the other.

We can do this in a very simple example, but your server will be very insecure. 

Rob

#22

Sorry I had some business to attend to , but I corrected everything you told me to but when I click the register button nothing happens . The info doesn’t go in the database . 

register.lua :

local composer = require( "composer" ) local scene = composer.newScene() local widget = require("widget") -- forward declare the text fields local mime = require("mime") local username local password local email local function networkListener( event ) if ( event.isError ) then print( "Network error: ", event.response ) else print( event.response ) end end local function handleButtonEvent( event ) if ( "ended" == event.phase ) then local URL = "https://web.web.com/register.php?username=" .. mime.b64( username.text ) .. "&password=" .. mime.b64(password.text) .. "&email=" .. mime.b64( email.text ) network.request(URL, "GET", networkListener) composer.gotoScene("login") else print( "Something went wrong. Try again.") end end local function loginLink( event ) if ( "ended" == event.phase ) then composer.gotoScene("login") end end function scene:create(event) local screenGroup = self.view display.setDefault("background", 0, 3, 5) local icon = display.newImage("icon\_opt.png", 160, 70) screenGroup:insert(icon) username = native.newTextField( 160, 200, 180, 30 ) -- take the local off since it's forward declared username.placeholder = "Username" screenGroup:insert(username) password = native.newTextField( 160, 250,180, 30 ) -- take the local off since it's forward declared password.isSecure = true password.placeholder = "Password" screenGroup:insert(password) password2 = native.newTextField( 160, 300,180, 30 ) -- take the local off since it's forward declared password2.isSecure = true password2.placeholder = "Confirm Password" screenGroup:insert(password2) email = native.newTextField( 160, 350, 180, 30 ) -- take the local off since it's forward declared email.placeholder = "E-mail" screenGroup:insert(email) local Button = widget.newButton( { shape = "roundedRect", left = 70, top = 400, id = "Register", label = "Register", onEvent = userRegister } ) screenGroup:insert(Button) local Button2 = widget.newButton( { left = 70, top = 460, id = "Loginhere", label = "Login here", onEvent = loginLink } ) screenGroup:insert(Button2) end function scene:show(event) end function scene:hide(event) end function scene:destroy(event) end scene:addEventListener("create", scene) scene:addEventListener("show", scene) scene:addEventListener("hide", scene) scene:addEventListener("destroy", scene) return scene

register.php :

 if (isset($\_GET['register'])) { if ($\_GET['password'] == $\_POST['password2']) { $username = $\_GET['username']; $password = $\_GET['password']; $email = $\_GET['email']; // validate and sanitize all of these inputs // and see that they are not blank at the same time // Do your MySqli here to find the $username and // bring out result of find in $username\_result $result = mysqli\_query($con ,"SELECT \* FROM users WHERE username='$username' AND email='$email'"); if(mysqli\_num\_rows($result) \> 0) { echo "User exist"; } else { // it is not in use so put it in $password = password\_hash($password, PASSWORD\_BCRYPT, array('cost' =\> 12)); $sql = "INSERT into users VALUES(null, '$username', '$password', '$email')"; if(mysqli\_query($conn, $sql)){ // if insert checked as successful echo username and password saved successfully echo"Your user was created."; }else{ echo "Sorry something went wrong. } } }else{ echo "The passwords do not match."; } }
#23

First of all, is the URL of your web service really:  https://web.web.com/register.php? (it’s not, it gives a 404 page not found error).

Secondly have you tested the URL to make sure it’s working. You should be able to hand construct the URL and put it in a web browser and make sure it’s doing what you think it does. If you have errors in your web script, you may need to look at your server logs to see it.

Third, you are base64 encoding your parameters on the Corona Side. You are not base64 decoding them on your host side.

Forth, there is still a $_POST reference in your PHP script (side note, your password2 text field is global, don’t forget to forward declare it)

You need to also look at the console log for your app and see what messages are being printed there (and share them with us).

Rob

#24

No the real URL works . Do I need to use base64 ? I am securing my password with a password hash which works good . My console log isn’t showing anything I don’t know what’s wrong with the register button

#25

Warning: Could not load font HelveticaNeue-Light. Using default font.

Warning: Could not load font HelveticaNeue-Light. Using default font.

That is all that comes out of the console log

#26

Try replacing this

local function networkListener( event ) if ( event.isError ) then print( "Network error: ", event.response ) else print( event.response ) end end

with this

local function networkListener( event ) local json = require("json") print(json.encode(event)) end
#27

With regards to base64, it’s all about how much you care about your customers data security. If you’re using http:// and not https:// and you don’t encode the data some how, you’re usernames and passwords are in the clear and it’s easy for any hacker in a coffee shop to grab it and since users tend to use the same passwords, there is a good chance they now have their bank info.

It’s up to you.

Also the script above isn’t sending password2 to the server either.

I’m not sure you want to go to the login scene before your registration completes. In your login scene do  you destroy the previous scene?

#28

Scott a better choice would be to just:

     print( json.prettify( event ) )

It formats it much better.

Rob

#29

Oh yah forget about that api, I am just use to using the encode method.

#30 
function scene:show(event) composer.removeScene( "register" ) end -- some code from login scene

I don’t know how to use base64 in my php

#31

http://php.net/manual/en/function.base64-decode.php

#32

or

http://php.net/manual/en/function.base64-encode.php

#33

But I don’t want to secure the username only the password and email

#34

Since you’re removing the scene there is a good chance you’re removing it before the network.request() finishes. I would move that composer.gotoScene(“login”)  to inside the network.request()  listener function after you get a successful registration.

Rob

#35

Then only encode/decode those values.

#36 
$str = 'password'; echo base64\_encode($str);

Is this way good to decode the password values ?

#37

That should work

#38

That would be how you encode the value (turn it into a Base64 character string). If you receive a base64 encoded string you need to decode it like:

$password = base64_decode( $_GET[‘password’]);

#39 
$username = $\_GET['username']; $password = base64\_decode( $\_GET['password']); $email= base64\_decode( $\_GET['email']);

Still nothing goes into my database

#40

Are you getting any errors in your website logs?