<?phprequire ("connect.php");if(!empty($_POST)){ if(empty($_POST['u

1. <?php
2. require ("connect.php");
3.  
4. if(!empty($_POST))
5. {
6.  
7.   if(empty($_POST['username'])) {
8.  
9.     die ("Please enter a username");
10.   }
11.  
12.   if(empty($_POST['password'])) {
13.  
14.     die ("Please enter a password");
15.   }
16.  
17.   if (empty($_POST['email'])) {
18.  
19.     die ("Please enter an email");
20.   }
21.  
22.   $query = "SELECT 1 FROM users WHERE username = :username";
23.  
24.   $query_params = array(
25.       ':username' => $_POST['username']
26.   );
27.  
28.   try
29.   {
30.       $stmt = $db->prepare($query);
31.       $result = $stmt->execute($query_params);
32.   }
33.   catch(PDOException $ex)
34.   {
35.       die("Failed to run query: " . $ex->getMessage());
36.   }
37.  
38.   $row = $stmt->fetch();
39.  
40.   if($row)
41.   {
42.       die("This username is already in use");
43.   }
44.  
45.   $query = "
46.      INSERT INTO users (
47.          id,
48.          username,
49.          password,
50.          email,
51.          isAdmin
52.      ) VALUES (
53.          NULL,
54.          :username,
55.          :password,
56.          :email,
57.          0
58.            )
59.  ";
60.  
61. $options = [
62.     'cost' => 12,
63.     'salt' => mcrypt_create_iv(22, MCRYPT_DEV_URANDOM),
64. ];
65.  
66. $password = password_hash($_POST['password'], PASSWORD_BCRYPT, $options);
67.  
68.  
69. $query_params = array(
70.     ':username' => $_POST['username'],
71.     ':password' => $password,
72.     ':email' => $_POST['email']
73.     );
74.  
75. try
76. {
77.     // Execute the query to create the user
78.     $stmt = $db->prepare($query);
79.     $result = $stmt->execute($query_params);
80. }
81. catch(PDOException $ex)
82. {
83.     // Note: On a production website, you should not output $ex->getMessage().
84.     // It may provide an attacker with helpful information about your code.
85.     die("Failed to run query: " . $ex->getMessage());
86. }
87.  
88. // This redirects the user back to the login page after they register
89. header("Location: login.php");
90.  
91. // Calling die or exit after performing a redirect using the header function
92. // is critical.  The rest of your PHP script will continue to execute and
93. // will be sent to the user if you do not die or exit.
94. die("Redirecting to login.php");
95. }
96.  
97. ?>
98.  
99. <!DOCTYPE html>
100. <html>
101. <head>
102.     <title>Εστιατόριο</title>
103.     <meta charset="utf-8">
104.     <meta name="viewport" content="width=device-width, initial-scale=1">
105.     <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
106.     <link rel="stylesheet" href="style.css">
107.     <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script>
108.     <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
109. </head>
110. <body>
111.  
112.   <div class="jumbotron text-center">
113.     <h1>Εστιατόριο</h1>
114.     <!--<img HEIGHT="140" WIDTH="140" src="img/black.png" alt="fork"> -->
115.     </br></br>
116.   </div>
117.  
118. <div class="register">
119. <h1>Register</h1>
120. <form action="register.php" method="post">
121.     Username:<br />
122.     <input type="text" name="username" value="" />
123.     <br /><br />
124.     E-Mail:<br />
125.     <input type="text" name="email" value="" />
126.     <br /><br />
127.     Password:<br />
128.     <input type="password" name="password" value="" />
129.     <br /><br />
130.     <input type="submit" value="Register" />
131. </form>
132. </div>
133. <footer>
134.  
135. <div class="container-fluid text-center bg-gray2 copyr" >
136.  
137.    &copy; Restaurant <?php echo date("Y") ?>
138.  
139. </footer>