Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //Declaring variables to prevent errors
- $firstname = ""; //First name
- $lastname = "";
- $qualification="";
- $specialist="";
- $experience="";
- $clinic_address="";
- $clinic_contact="";
- $personal_contact="";
- $email = ""; //email
- $licensekey="";
- $recognition="";
- $description="";
- $password = ""; //password
- $salt = ""; //password 2
- $flag=0;
- $error_array = array(); //Holds error messages
- if(isset($_POST['register_button'])){
- //Registration form values
- //First name
- $fname = strip_tags($_POST['firstname']); //Remove html tags
- $fname = str_replace(' ', '', $firstname); //remove spaces
- $fname = ucfirst(strtolower($firstname)); //Uppercase first letter
- $_SESSION['firstname'] = $firstname; //Stores first name into session variable
- //Last name
- $lname = strip_tags($_POST['lastname']); //Remove html tags
- $lname = str_replace(' ', '', $lastname); //remove spaces
- $lname = ucfirst(strtolower($lastname)); //Uppercase first letter
- $_SESSION['lastname'] = $lastname; //Stores last name into session variable
- //qualification
- $lname = strip_tags($_POST['qualification']); //Remove html tags
- $lname = str_replace(' ', '', $qualification); //remove spaces
- $lname = ucfirst(strtolower($qualification)); //Uppercase first letter
- $_SESSION['qualification'] = $qualification;
- //experience
- $lname = strip_tags($_POST['experience']); //Remove html tags
- $lname = str_replace(' ', '', $experience); //remove spaces
- $_SESSION['experience'] = $experience;
- //clinic address
- $lname = strip_tags($_POST['clinic_address']); //Remove html tags
- $lname = ucfirst(strtolower($clinic_address)); //Uppercase first letter
- $_SESSION['clinic_address'] = $clinic_address;
- //clinic contact
- $lname = strip_tags($_POST['clinic_contact']); //Remove html tags
- $lname = str_replace(' ', '', $clinic_contact); //remove spaces
- $_SESSION['clinic_contact'] = $clinic_contact;
- // personal contact
- $lname = strip_tags($_POST['personal_contact']); //Remove html tags
- $lname = str_replace(' ', '', $personal_contact); //remove spaces
- $_SESSION['personal_contact'] = $personal_contact; //
- //email
- $em = strip_tags($_POST['email']); //Remove html tags
- $em = str_replace(' ', '', $email); //remove spaces
- $em = ucfirst(strtolower($email)); //Uppercase first letter
- $_SESSION['reg_email'] = $em; //Stores email into session variable
- //license key
- $lname = strip_tags($_POST['licensekey']); //Remove html tags
- $lname = str_replace(' ', '', $licensekey); //remove spaces
- $_SESSION['personal_contact'] = $licensekey;
- //Description
- $lname = strip_tags($_POST['description']); //Remove html tags
- $lname = str_replace(' ', '', $description); //remove spaces
- $_SESSION['personal_contact'] = $description; //
- //Password
- $password = strip_tags($_POST['reg_password']); //Remove html tags
- //Check if email is in valid format
- if(filter_var($email, FILTER_VALIDATE_EMAIL)) {
- $email = filter_var($email, FILTER_VALIDATE_EMAIL);
- //Check if email already exists
- $e_check = mysqli_query($con, "SELECT email FROM users WHERE email='$email'");
- //Count the number of rows returned
- $num_rows = mysqli_num_rows($e_check);
- if($num_rows > 0) {
- array_push($error_array, "Email already in use<br>");
- }
- }
- else {
- array_push($error_array, "Invalid email format<br>");
- }
- }
- if(strlen($firstname) > 25 || strlen($firstname) < 2) {
- array_push($error_array, "Your first name must be between 2 and 25 characters<br>");
- }
- if(strlen($lastname) > 25 || strlen($lastname) < 2) {
- array_push($error_array, "Your last name must be between 2 and 25 characters<br>");
- }
- if(strlen($qualification) > 150 || strlen($firstname) < 2) {
- array_push($error_array, "Your qualification must be between 2 and 150 characters(including spaces)<br>");
- }
- if(strlen($) < 150 || strlen($specialist) > 2) {
- array_push($error_array, "Your specialisation must be between 2 and 150 characters(including spaces)<br>");
- }
- if(strlen($experience) > 3 || strlen($experience) < 0 ) {
- array_push($error_array, "Your experience must be in years and it can not be greater than 2 digits<br>");
- }
- if(strlen($clinic_address) > 50 {
- array_push($error_array, "Your address can not be more than 50 words<br>");
- }
- if(strlen($clinic_contact) != 10) {
- array_push($error_array, "Invalid clinic contact<br>");
- }
- if(strlen($personal_contact) != 10 {
- array_push($error_array, "Invalid personal contact<br>");
- }
- if(strlen($licensekey) > 25 || strlen($licensekey) < 2) {
- array_push($error_array, "Your licensekey must be between 2 and 25 characters<br>");
- }
- if(strlen($description) > 250 || strlen($description) < 15) {
- array_push($error_array, "Your description must be between 15 and 250 characters<br>");
- }
- if($password != $confirm_password) {
- array_push($error_array, "Your passwords do not match<br>");
- }
- else {
- <script> function validate(form) {
- var e = form.elements;
- var decimal= /^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[^a-zA-Z0-9])(?!.*\s).{8,25}$/;
- if(e['password'].value.match(decimal)){
- alert('Right...!')
- $flag =1;
- return true;
- }
- else
- {
- alert('wrong')
- return false;
- }}</script>
- if($flag == 1){
- $escapedPW = mysqli_real_escape_string($conn,$_REQUEST['password']);
- # generate a random salt to use for this account
- $salt = bin2hex(mcrypt_create_iv(32, MCRYPT_DEV_URANDOM));
- $saltedPW = $escapedPW . $salt;
- ///sha256 is a hashing algorithm
- $hashedPW = hash('sha256', $saltedPW);}
- //Generate username by concatenating first name and last name
- $username = strtolower($firstname . "_" . $lastname);
- $check_username_query = mysqli_query($con, "SELECT username FROM users WHERE username='$username'");
- $i = 0;
- //if username exists add number to username
- while(mysqli_num_rows($check_username_query) != 0) {
- $i++; //Add 1 to i
- $username = $username . "_" . $i;
- $check_username_query = mysqli_query($con, "SELECT username FROM users WHERE username='$username'");
- }
- //Profile picture assignment
- $query = mysqli_query($con, "INSERT INTO users ('firstname','lastname','username','password','salt')VALUES ('$firstname','lastname','username','password','hashedPW')");
- array_push($error_array, "<span style='color: #14C800;'>You're all set! Goahead and login!</span><br>");
- //Clear session variables
- $_SESSION['firstname'] = "";
- $_SESSION['lastname'] = "";
- $_SESSION['email'] = "";
- $_SESSION['description'] = "";
- }
- }
- ?>
Add Comment
Please, Sign In to add comment