-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathregistration.php
More file actions
109 lines (101 loc) · 4.17 KB
/
registration.php
File metadata and controls
109 lines (101 loc) · 4.17 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8"/>
<title>Registration</title>
<link rel="stylesheet" href="style.css"/>
</head>
<body>
<?php
require 'dbConnect.php';
session_start();
$errors = array();
// When form submitted, insert values into the database.
if(isset($_REQUEST['username'])) {
//escapes special characters in a string
$username = stripslashes($_REQUEST['username']); // removes backslashes
$username = mysqli_real_escape_string($conn, $username);
$email = stripslashes($_REQUEST['email']);
$email = mysqli_real_escape_string($conn, $email);
$password = stripslashes($_REQUEST['password']);
$password = mysqli_real_escape_string($conn, $password);
$confirmPassword = stripslashes($_REQUEST['confirmPassword']);
$confirmPassword = mysqli_real_escape_string($conn, $confirmPassword);
//form validation
if(empty($username)) {
array_push($errors, "Username is required");
}
if(empty($email)) {
array_push($errors, "Email is required");
}
if(empty($password)) {
array_push($errors, "Password is required");
}
if($password != $confirmPassword){
array_push($errors, "Passwords do not match");
}
//make sure that the email and username are not already there.
$user_check_query = "SELECT * FROM user WHERE username= '$username' or email='$email' LIMIT 1";
$result = mysqli_query($conn, $user_check_query);
$user = mysqli_fetch_assoc($result);
if($user){
if($user['username'] === $username){
array_push($errors, "Username already exists");
}
if($user['email'] === $email){
array_push($errors, "Email already exists");
}
}
mysqli_free_result($result);
//Only insert if there are no errors
if(count($errors)== 0){
//after error checks we will now insert
$query = "INSERT INTO user (username, password, email) VALUES ('$username', '" . md5($password) . "', '$email')";
$result = mysqli_query($conn, $query);
if ($result) {
echo "<div class='form'>
<h3>You are registered successfully.</h3><br/>
<p class='link'>Click here to <a href='login.php'>Login</a></p>
</div>";
echo "<div class='form'>
<h3>Click here to register another user.</h3><br/>
<p class='link'>Click here to <a href='registration.php'>Register another user</a></p>
</div>";
}
else{
echo "<div class='form'>
<h3>Something went wrong with the connection.</h3><br/>
<p class='link'>Click here to <a href='registration.php'>register</a> again.</p>
</div>";
}
}
else{
echo "<div class='form'>
<h3>You have errors:<br>
*required fields are missing<br>
*passwords do not match<br>
*username/email already exists.</h3><br/>
<p class='link'>Click here to <a href='registration.php'>try</a> again.</p>
</div>";
}
}
else {
?>
<form action="registration.php" method="post">
<p><h1>Registration</h1>
<p><label for="username">Username : </label>
<input type="text" name="username" required></p>
<p><label for="email">Email : </label>
<input type="email" name="email" required></p>
<p><label for="password">Password : </label>
<input type="password" name="password"required></p>
<p><label for="confirmPassword">Confirm Password : </label>
<input type="password" name="confirmPassword"required></p>
<p><button type="submit" name="registration"> Submit </button></p>
<p>Already a user? <a href="login.php"><b>Login</b></a></p>
</form>
<?php
}
?>
</body>
</html>