Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $trueornot = false; // defining a checker variable
- $secret = '6LchoxEUAAAAABYh_YqXNpM7YX_VYQCVXqGhKLZi'; // google secret key
- $response = $_POST['g-recaptcha-response']; // taking google recaptcha's response
- $userip = $_SERVER['REMOTE_ADDR']; // taking the remote ip adress of the user
- $url = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=$secret&response=$response&remoteip=$userip"); // connecting to google's recaptcha confirm
- $resultarray = json_decode($url , TRUE);
- if ($resultarray['success'] == 1) { // checking if user is not a bot
- $trueornot = true;
- } else {
- echo "<script>alert('Please complete the Captcha!')</script>"; // notifing the user he didn't complete the captcha
- $trueornot = false;
- header( "refresh:0.00001;url=index.html" ); // redirecting to the same page
- }
- if(isset($_POST['submit1']) && $trueornot) // checking if the submit button is clicked and if the user has completed the captcha
- {
- $myApplicationSalt = '$6$1234567890123456'; // application salt
- // database variables
- $db_server = 'localhost';
- $db_name = 'root';
- $db_password = "";
- $db = "loginregister";
- // connecting to the database
- $conn = mysqli_connect($db_server,$db_name,$db_password,$db);
- // collecting data
- $a = 0;
- $password = $_POST['pw'];
- $firstname = $_POST['fname'];
- $lastname = $_POST['lname'];
- $username = $_POST['uname'];
- $email = $_POST['email'];
- // making sure it has no mysqli injections
- $firstname = mysqli_real_escape_string($conn , $firstname);
- $lastname = mysqli_real_escape_string($conn , $lastname);
- $username = mysqli_real_escape_string($conn , $username);
- $email = mysqli_real_escape_string($conn , $email);
- // encrypting the password
- $password = md5($password);
- // selecting every account from the existing database where the email equals to the email the user has submitted
- $sql = "SELECT email FROM registration WHERE email='".$email."'";
- $result = mysqli_query($conn , $sql);
- $row = mysqli_fetch_array($result , MYSQLI_ASSOC); // fetching the row
- if (mysqli_num_rows($result) == 1) { // checking if email is already in use
- echo "<script>window.alert('This email is already in use!')</script>";
- header( "refresh:0;url='index.html'");
- } else {
- $sqlu = "SELECT uname FROM registration WHERE uname='".$username."'"; // selecting every account from the existing database where the username equals the username the user has submitted
- $result1 = mysqli_query($conn , $sqlu);
- $row1 = mysqli_fetch_array($result1 , MYSQLI_ASSOC); // fetching the row
- if (mysqli_num_rows($result1) == 1) { // checking if username is already in use
- echo "<script>window.alert('This username is already in use!')</script>";
- header( "refresh:0;url='index.html'"); // redirecting
- } else {
- $query = mysqli_query($conn , "INSERT INTO registration(fname , lname , uname , email , pw)VALUES ('$firstname' , '$lastname' , '$username' , '$email' , '$password')"); // sending the database our variables
- $a = 1;
- }
- }
- if ($a == 1) { // finishing the registration and redirecting the user
- echo "You are now registered!";
- header( "refresh:2;url=../login.php" );
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement