rockwood

nice work Zettieee

why you guys producing smoke form your <3. i was just asking back there, so there is no need for unnecessary argument.

who is the real owner of this template ?

really gr8 work

there is no word 'assumption' in programming. he has not explained there session hacking prevention feature is available or not. How would you say if he is correct.

you didn't mentioned the db connection type & php version you will use for this enhanced version of user registration page.

looks good but not enough

Yes: to avoid having to escape special characters. Lazy programmers will just drop what the user types, straight into the code somewhere and this is what leads to injection attacks. Even if it's not used maliciously, allowing the user to type characters that will conflict somewhere else can be more hassle than necessary. For example, if you decide to create a filesystem directory per user, to store their uploads in, then the username must conform to directory naming rules on that OS (e.g. no \/:*?"<>| on Windows). Once you've avoided clashes like the directory naming one, and stripped out "';% and // to avoid injection attacks, you have removed most punctuation, and "why does someone even need punctuation in their user name"? It was far easier to write a quick regex to validate usernames against [a-zA-Z0-9_] and be done with it, than faff about with figuring out all the possible punctuation that will not clash, or mapping them to other characters in some way. Then, like many things in computing, as soon as enough people start having just letters, numbers and underscores for usernames, and people start making usernames to that spec, it became the de facto standard and self perpetuates!

The Boy Need the shoe, Best of Luck Buddy

its quotes problem

echo is very big tool

in how much you can make this mod ?

1 + for MTG

// do something like this $user_activation_hash = sha1(uniqid(mt_rand(), true)); function verifyNewUser($user_id, $user_activation_hash) { // if database connection opened if ($this->databaseConnection()) { // try to update user with specified information $query_update_user = $this->db_connection->prepare('UPDATE users SET user_active = 1, user_activation_hash = NULL WHERE user_id = :user_id AND user_activation_hash = :user_activation_hash'); $query_update_user->bindValue(':user_id', intval(trim($user_id)), PDO::PARAM_INT); $query_update_user->bindValue(':user_activation_hash', $user_activation_hash, PDO::PARAM_STR); $query_update_user->execute(); if ($query_update_user->rowCount() > 0) { $this->verification_successful = true; $this->messages[] = MESSAGE_REGISTRATION_ACTIVATION_SUCCESSFUL; } else { $this->errors[] = MESSAGE_REGISTRATION_ACTIVATION_NOT_SUCCESSFUL; } } }

what kind of security issue are you facing ?

still you required help ?

it is Good Job

Its just an idea function filter($var) { return preg_replace('/[^a-zA-Z0-9]/', '', $var);//you can arrange replacements as per your requirement } $getstr = filter($_POST['string']); if(strcmp($getstr, $_POST['string']) === 0 ){ //statement here ---- return true; }else{ header('HTTP/1.1 400 Bad Request'); }

is responsive template Razor ?

i have willing to do work for you you can contact me on [email protected]

bcz of lots of tweaks

Outdated Engine

ABCD time guyz

3rd one is better option

nice work   Good & Nice Work