For both login and registration check the includes/nav.php file.
Registration
make sure there are input boxes for firstname, lastname, email, username, password, if either of those boxes are empty when the button is clicked then display an error message, that's the client side security. Ask chatgpt for more ways to sanitize and validate information in the client side, just pick something simple so we can say we did it. Don't kill yourself.
For server side validation you'll have to do in php.
For lecture 15, Error Handling there's explanations on how to do so. But pretty much you have to ensure that the data doesn't have any malicious information before inserting into the db. I think it'd be best to send the data to a seperate php file and do the processing there before insertion.
Here is where you'll want to hash the password so their information is protected before inserting into the database.
Before inserting make sure the username isn't already in the db, I would do it by making a query with that username and seeing if it returns nothing but you can do it another way.
For both login and registration check the includes/nav.php file.
Registration make sure there are input boxes for firstname, lastname, email, username, password, if either of those boxes are empty when the button is clicked then display an error message, that's the client side security. Ask chatgpt for more ways to sanitize and validate information in the client side, just pick something simple so we can say we did it. Don't kill yourself.
For server side validation you'll have to do in php. For lecture 15, Error Handling there's explanations on how to do so. But pretty much you have to ensure that the data doesn't have any malicious information before inserting into the db. I think it'd be best to send the data to a seperate php file and do the processing there before insertion. Here is where you'll want to hash the password so their information is protected before inserting into the database. Before inserting make sure the username isn't already in the db, I would do it by making a query with that username and seeing if it returns nothing but you can do it another way.