I tried my hand at coding a PHP registration script that a user would be able to use to register a profile for a site. My goal was to write a script that enforced a strict registration policy, focusing on enforcing a secure password and reducing the possibility of a fake email address.                 

The policy I created focused on:

• A unique user name
• A secure password using a minium of 8 characters in a combination of upper case, lower case, numbers (0-9), and special characters (! @ # $ % &)
• Your first and last name
• An e-mail address
• Your gender

I would have included a birthday field but I just didn’t have the motivation to code the HTML for every day, month, and year, go figure. If I ever get bored and decide to play with this script further I will look into it and possibly a function that ensures a user is older than a certain age (13, 18, 21, etc.). The username must be unique, the password must meet the minimum password requirements, names cannot contain numbers or special characters other than a period or hyphen, and email addresses must meet the minimum requirements for an allowable email address as outlined in RFC 5322.

I’m not going to go into the specifics of creating and setting up a database to test/use with this script but this is the description of my database table:

+----------+--------------+------+-----+---------+----------------+
| Field    | Type         | Null | Key | Default | Extra          |
+----------+--------------+------+-----+---------+----------------+
| id       | int(11)      | NO   | PRI | NULL    | auto_increment |
| username | varchar(30)  | NO   |     | NULL    |                |
| password | varchar(100) | NO   |     | NULL    |                 |
| fname    | varchar(100) | NO   |     | NULL    |                |
| lname    | varchar(100) | NO   |     |  NULL    |                |
| email    | varchar(100) | NO   |     | NULL    |                |
| reg      | datetime     | YES  |     | NULL    |                |
| exp      | datetime     | YES  |     | NULL    |                |
| gender   | char(1)      | NO   |     | NULL    |                |
+----------+--------------+------+-----+---------+----------------+
9 rows in set (0.00 sec)

If you want to view my code for this script you can download all of the project including all of the HTML, CSS, and PHP files here: profile_reg.zip (Windows) and profile_reg.tar.gz (Linux). Keep in mind this isn’t a finished project so there are probably a few bugs and I didn’t exactly follow the best coding practices/standards.

If you have any suggestions or ideas regarding my code I would love to hear them. Feel free to tweak, modify, play, possibly even destroy my code as you see fit and if it’s something interesting then I would like to see what you’ve done!

Note: The script does not particularly care what your password is as long as it meets the requirements. If it meets the minimum requirements, it is hashed and stored in the database as an SHA1 hash (you could opt for MD5 as well). To compare passwords when a user wants to login to your site, hash the password they provide and compare the hash values to determine validity.