Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include('../session.php');
- $greskica="";
- $uspjesnoDodan="";
- $erorcode=1;
- if ($_SERVER["REQUEST_METHOD"] == "POST") {
- $username = preg_replace('/\s+/', '', mysqli_real_escape_string($db, $_POST['username']));
- $password = mysqli_real_escape_string($db, $_POST['password']);
- $password2 = mysqli_real_escape_string($db, $_POST['password2']);
- $ime = preg_replace('/\s+/', '', stripslashes(mysqli_real_escape_string($db, $_POST['ime'])));
- $prezime = preg_replace('/\s+/', '', stripslashes(mysqli_real_escape_string($db, $_POST['prezime'])));
- $role = mysqli_real_escape_string($db, $_POST['role']);
- if ($password == $password2) {
- $erorcode=0;
- $pwhash = password_hash($password, PASSWORD_DEFAULT);
- } else {
- $erorcode=1;
- $greskica ="<div class='alert alert-danger'>Password are not the same</div>";
- }
- if ($role > 1 || $role < 0) {
- $erorcode=1;
- $greskica = "<div class='alert alert-danger'>User role error</div>";
- }else{
- $erorcode=0;
- }
- if($erorcode == 0){
- //Provjeri postojil takav username
- $stmt_provjeriIsti = $db->prepare("SELECT username FROM users WHERE BINARY username = ? ");
- $stmt_provjeriIsti->bind_param('s', $username);
- $stmt_provjeriIsti->execute();
- $stmt_provjeriIsti->bind_result($username2);
- $stmt_provjeriIsti->store_result();
- $stmt_provjeriIsti->fetch();
- if ($stmt_provjeriIsti->num_rows == 1) {
- $greskica = "<div class='alert alert-danger'>Username already exist</div>";
- mysqli_stmt_close($stmt_provjeriIsti);
- mysqli_close($db);
- } else {
- $stmt_dodajKorisnika = $db->prepare("INSERT INTO users (username, password, firstname, lastname, role) VALUES (?, ?, ?, ?, ?)");
- $stmt_dodajKorisnika->bind_param('ssssi', $username, $pwhash, $ime, $prezime, $role);
- if ($stmt_dodajKorisnika->execute()) {
- $nulica = "";
- $stmt_dodajSliku = $db->prepare("INSERT INTO userimage (user, url, lastUpload) VALUES (?, ?, ?)");
- $stmt_dodajSliku->bind_param('sss', $username, $nulica, $nulica);
- $stmt_dodajSliku->execute();
- $stmt_dodajSliku->close();
- $uspjesnoDodan = "<div class='alert alert-success'>User added successfully</div>";
- }
- $stmt_dodajKorisnika->close();
- mysqli_close($db);
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement