-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathsignup.php
125 lines (106 loc) · 3.98 KB
/
signup.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
<?php require('includes/init.php'); ?>
<?php
require_once('includes/dbconnect.php');
$userMsg = "";
$email = $password = $verifypassword = "";
$emailError = $passError = $verifyPassError = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["email"])) {
$emailError = "email is required";
} else {
$email = test_input($_POST["email"]);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailError = "invalid email address";
}
}
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["password"])) {
$passError = "password is required";
} else {
$password = test_input($_POST["password"]);
if (strlen($password) < 8) {
$passError = "password length must be between 8-32";
}
}
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["verifypassword"])) {
$verifyPassError = "please re-enter password";
} else {
$verifypassword = test_input($_POST["verifypassword"]);
if ($password !== $verifypassword) {
$verifyPassError = "password does not match";
}
}
}
function check_user_exists($conn, $email)
{
$sql = "SELECT email FROM users WHERE email=?";
$stmt = $conn->prepare($sql);
$stmt->bind_param('s', $email);
if ($stmt->execute()) {
$result = $stmt->get_result();
return ($result->num_rows > 0);
}
return false;
}
$formOk = $GLOBALS['emailError'] . $GLOBALS['passError'] . $GLOBALS['verifyPassError'];
$formEmpty = $GLOBALS['email'] . $GLOBALS['password'] . $GLOBALS['verifypassword'];
if ($formOk === "" && $formEmpty !== "") {
$email = $GLOBALS['email'];
$password = $GLOBALS['password'];
$passhash = password_hash($password, PASSWORD_DEFAULT);
if (check_user_exists($conn, $email)) {
$userMsg = 'user already exists';
} else {
$userMsg = 'user does not exist';
$sql = "INSERT INTO users (password, name, email, acc_type, mobile, address)
VALUES(?, NULL, ?, 'normal', NULL, NULL)";
$stmt = $conn->prepare($sql);
$stmt->bind_param('ss', $passhash, $email);
if ($stmt->execute()) {
$userMsg = $userMsg . "<br>" . 'user ' . $email . ' created successfully';
header('location: signin.php');
} else {
$userMsg = $userMsg . "<br>" . 'could not create user';
}
}
}
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<!DOCTYPE html>
<html>
<head>
<?php require('includes/styles.php'); ?>
</head>
<body>
<?php require('components/_header.php'); ?>
<?php require('components/_search.php'); ?>
<div class="spacer center">
<h2 class="padded center-top">Register</h2>
<form name="signup" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post" class="form-style center-top">
<label for="email">email</label>
<input type="email" name="email" value="<?php echo $email; ?>" required placeholder="[email protected]">
<span class="error">* <?php echo $emailError; ?></span>
<label for="password">password</label>
<input type="password" name="password" value="<?php echo $password; ?>" required minlength="8" maxlength="32" placeholder="********">
<span class="error"><?php echo $passError; ?></span>
<label for="verifypassword">verify password</label>
<input type="password" name="verifypassword" value="<?php echo $verifypassword; ?>" required minlength="8" maxlength="32" placeholder="********">
<span class="error"><?php echo $verifyPassError; ?></span>
<span></span>
<input type="submit" value="Sign Up">
<span></span>
</form>
<span class="padded"><?php echo $userMsg ?></span>
</div>
<?php require('components/_footer.php'); ?>
</body>
</html>