Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if (isset($_POST['submit'])) {
- require_once 'config.php';
- $firstname = mysqli_real_escape_string($connect, $_POST['firstname']);
- $lastname = mysqli_real_escape_string($connect, $_POST['lastname']);
- $email = mysqli_real_escape_string($connect, $_POST['email']);
- $username = mysqli_real_escape_string($connect, $_POST['username']);
- $password = mysqli_real_escape_string($connect, $_POST['password']);
- if (empty($firstname) || empty($lastname) || empty($email) || empty($username) || empty($password)) {
- header("Location: ../signup.php?signup=empty");
- exit();
- } else {
- if (!preg_match('/^[a-z]*$/i', $firstname) || !preg_match('/^[a-z]*$/i', $lastname) || !preg_match('/^[a-zd_]{4,20}$/i', $username)) {
- header("Location: ../signup.php?signup=invalid");
- exit();
- } else {
- if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
- header("Location: ../signup.php?signup=email_invalid");
- exit();
- } else {
- $sql = "SELECT * FROM users WHERE username='$username'";
- $search = mysqli_query($connect, $sql);
- $validate = mysqli_num_rows($search);
- if ($validate > 0) {
- header("Location: ../signup.php?signup=username_already_taken");
- exit();
- } else {
- $hashed_password = password_hash($password, PASSWORD_DEFAULT);
- $sql = "INSERT INTO users (firstname, lastname, email, username, password) VALUES ('$firstname', '$lastname', '$email', '$username', '$hashed_password')";
- mysqli_query($connect, $sql);
- $sql = $connect->query("SELECT * FROM users WHERE email='$email'");
- $result = mysqli_fetch_assoc($sql);
- $emailRecipient = $result["email"];
- $subject = 'Welcome';
- $message_body = 'You have successfully created an account '.$username.'! Welcome';
- mail($emailRecipient, $subject, $message_body);
- header("Location: ../index.php");
- exit();
- }
- }
- }
- }
- } else {
- header("Location: ../signup.php");
- exit();
- }
- ?>
- function validateInput()
- {
- //assign values to array
- $user_input['firstname'] = mysqli_real_escape_string($connect, $_POST['firstname']);
- $user_input['lastname'] = mysqli_real_escape_string($connect, $_POST['lastname']);
- $user_input['email'] = mysqli_real_escape_string($connect, $_POST['email']);
- $user_input['username'] = mysqli_real_escape_string($connect, $_POST['username']);
- $user_input['password'] = mysqli_real_escape_string($connect, $_POST['password']);
- //loop through array to see if empty
- foreach($user_input as $field => $value){
- if(empty($value) || is_null($value){//check for empty
- //failed
- }
- if(($field === 'email') && !filter_var()){//check valid email
- //failed
- }
- if((!preg_match('/^[a-z]*$/i', $value) && ($field != 'username')){//check rules for all fields but username
- //failed
- }
- if((!preg_match('/^[a-zd_]{4,20}$/i', $value)&&($field === 'username')){
- //failed
- }
- }
- if (isset($_POST['submit'])) {
- require_once 'config.php';
- validateInput();
- //continue on
Add Comment
Please, Sign In to add comment