Tham khảo tài liệu 'tạo mạng xã hội với php - part 10', công nghệ thông tin, đồ họa - thiết kế - flash phục vụ nhu cầu học tập, nghiên cứu và làm việc hiệu quả | Users Registration and Authentication password length if strlen _POST register_password 6 allClear false this- registrationErrors Your password is too short it must be at least 6 characters this- registrationErrorLabels register_password_label error this- registrationErrorLabels register_password_confirm_ label error Next we have the e-mail address we need to check it for header injection and that the format of the e-mail address is correct. The first highlighted section of code shows the header injection check and the second shows the format check. email headers if strpos urldecode _POST register_email r true strpos urldecode _POST register_email n true allClear false this- registrationErrors Your email address is not valid security this- registrationErrorLabels register_email_label error email valid if preg_match A _a-z0-9- . _a-z0-9- @ a-z0-9- . a-z0-9- . a-z 2 4 A _POST register_email allClear false this- registrationErrors You must enter a valid email address this- registrationErrorLabels register_email_label error To help protect us from a legal perspective we should get legal advice on the policies and terms and conditions we need to enforce on our social network. When we have such terms in place we will want our users to accept these before allowing them to join let s ensure they ticked the appropriate box on our registration form template ------------------------------------ 72 ---------------------------------- Download from Chapter 3 terms accepted if isset _POST register_terms _POST register_ terms 1 allClear false this- registrationErrors You must accept our terms and conditions. this- registrationErrorLabels register_terms_label error If a user signs up with the e-mail address or username of an existing user we will have some problems particularly when they come to log in or request an e-mail to reset their password. To prevent this we need to check that the username and e-mail address are not currently in use by another user which can