//TODO 1: require db.php
require(__DIR__ . "/db.php");Matt Toegel matthew.toegel@njit.edu
| This lesson requires the completion of User Registration Part 1 |
We left off with a basic registration form with simple validation
The current form doesn’t perform any significant actions beyond displaying a success message
In this presentation, we’ll persist data and explore additional PHP functions
This requires the Users table created in the Project Setup lesson
Checkpoint (if needed):
From this link https://github.com/MattToegel/IT202-2025/tree/Module04-Registration-Part1, grab the following files:
public_html/project/register.php
lib/functions.php
lib/safer_echo.php
Ensure you are on the Feat-MS1-UserRegistration branch
If not, git checkout Feat-MS1-UserRegistration
Navigate to functions.php, specifically TODO 1 (top of the page)
Add the following code:
//TODO 1: require db.php
require(__DIR__ . "/db.php");This require() will pull the database connection into functions.php, avoiding manual specification for each file
Any file that requires functions.php can refer to the getDB() function directly
Remember: Require vs include:
Include: Throws a warning if the file isn’t found but continues the script
Require: Throws an error if the file isn’t found and stops the script
Let’s make the necessary changes to register.php
This section will be added towards the bottom of register.php
Add this code to TODO 4, then try it out; verify via the VS Code MySQL Extension
if (!$hasError){
// comment out or delete the "success" echo
// echo "Success<br>";
// TODO 4: Hash password before storing
$hashed_password = password_hash($password, PASSWORD_BCRYPT); (1) (2)
$db = getDB(); // available due to the `require()` of `functions.php` (3)
// Code for inserting user data into the database
$stmt = $db->prepare("INSERT INTO Users (email, password) VALUES (:email, :password)"); (4)
try{
$stmt->execute([':email' => $email, ':password' => $hashed_password]); (5)
echo "Successfully registered!";
}
catch(Exception $e){
echo "There was an error registering<br>"; // user-friendly message
error_log("Registration Error: " . var_export($e, true)); // log the technical error for debugging
}
}| 1 | password_hash() creates a secure hash of the password |
| 2 | PASSWORD_BCRYPT specifies the bcrypt algorithm for hashing (results in a 60-character string with a salt* value) |
| 3 | getDB() retrieves the database connection from functions.php |
| 4 | Prepares the SQL statement to insert the user data (email and hashed password) |
| 5 | Executes the prepared statement with the provided email and hashed password (using named parameters to prevent SQL injection) |
Never store plaintext passwords in the database. Always use a secure hashing function like password_hash() to protect user credentials. |
password_hash() was used to create a secure hash of the password for storage
Bcrypt is a strong hashing algorithm that includes a salt, making it resistant to rainbow table attacks
A rainbow table is a pre-computed table for reversing cryptographic hash functions, primarily used for cracking password hashes
The first record was inserted and verified via the MySQL Extension
Commit the changes to the Feat-MS1-UserRegistration branch
git commit -m "user registration: save data to database with password hashing"
Push the Feat-MS1-UserRegistration branch to GitHub
git push origin Feat-MS1-UserRegistration
Create the Pull Request to Milestone1 and complete the merge
Locally checkout Milestone1 and pull the latest changes
Next lessons: Set up navigation bar and login page
Checkpoint: https://github.com/MattToegel/IT202-2025/tree/Module04-Registration-Part2
Note: My branch name differs from yours so I can isolate the lesson content