Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include 'mysql_connect.php';
- //Sanitize incoming username and password
- $username = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
- $password = filter_var($_POST['password'], FILTER_SANITIZE_STRING);
- $stmt = $db->prepare("SELECT id FROM `accounts` WHERE username = ?");
- $stmt->bind_param('ss', $username);
- $stmt->execute();
- $stmt->store_result();
- if($stmt->num_rows > 0){
- echo "<p>Username already taken</p>";
- exit();
- }
- $stmt = $db->prepare("INSERT into `accounts` (username, password, last_login) VALUES (?, md5(?), NOW());");
- if(empty($_POST['username'])){
- echo "<p>Please enter a username</p>";
- exit();
- }
- if(empty($_POST['password'])){
- echo "<p>Please enter a password</p>";
- exit();
- }
- //Bind the input parameters to the prepared statement
- $stmt->bind_param('ss', $username, $password);
- //Execute the query
- $stmt->execute();
- session_start();
- $_SESSION['username'] = $username;
- //Redirect the user to the home page
- header('Location: SCPB_Home.html');
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement