function _(id) { return document.getElementById(id);}function emptyElem(x

1. function _(id) {
2. return document.getElementById(id);
3. }
4.  
5. function emptyElem(x, y) {
6. _(x).innerHTML = "";
7. _(y).innerHTML = "";
8. }
9.  
10. function restrict(elem) {
11. var getId = _(elem);
12. var regEx = new RegExp;
13. if(elem == 'username') {
14. regEx = /[^a-z0-9]/gi;
15. } else if(elem == 'email') {
16. regEx = /[' "]/g;
17. } else if(elem == 'phoneNum') {
18. regEx = /[^0-9]/g;
19. }
20. getId.value = getId.value.replace(regEx, "");
21. }
22.  
23. function checkusername() {
24. var username = _('username').value;
25. if(username != "") {
26. _('usernameStatus').innerHTML = "<p class='green'>Checking...</p>";
27. var ajax = ajaxObj("POST", "includes/signup_inc.php");
28. ajax.onreadystatechange = function() {
29. if(ajaxReturn(ajax) == true) {
30. _('usernameStatus').innerHTML = ajax.responseText;
31. }
32. }
33. ajax.send("checkusername="+username);
34. }
35. }
36.  
37. function signup() {
38. var firstname = _('firstname').value;
39. var lastname = _('lastname').value;
40. var username = _('username').value;
41. var email = _('email').value;
42. var gender = _('gender').value;
43. var phoneNum = _('phoneNum').value;
44. var password = _('password').value;
45. var confirmPass = _('confirmPass').value;
46. var status = _('status');
47.  
48. if(firstname == "" || lastname == "" || username == "" || email == "" || gender == "" || phoneNum == "" || password == "" || confirmPass == "") {
49. status.innerHTML = "<p class='red'>Please fill out all fields!</p>";
50. } else if(password != confirmPass) {
51. status.innerHTML = "<p class='red'>Password does not match!</p>";
52. } else {
53. _('signupBtn').disabled = true;
54. status.innerHTML = "<p class='wait_msg'><i class='fa fa-cog fa-spin'></i> Please Wait...</p>";
55. var ajax = ajaxObj("POST", "includes/signup_inc.php");
56. ajax.onreadystatechange = function() {
57. if(ajaxReturn(ajax) == true) {
58. if(ajax.responseText != 'signup_success') {
59. status.innerHTML = ajax.responseText;
60. _('signupBtn').disabled = false;
61. } else {
62. _('signupSuccess').innerHTML = "<div id='cardBox'><div class='card'><div class='card_front'><i class='fa fa-check' aria-hidden='true'></i></div><div class='card_back'>Success!</div></div></div><div id='successText'><p>Your account has been created successfully!</p><a href='login.php'>Click here to Log In</a></div>";
63. }
64. }
65. }
66. ajax.send("firstname="+firstname+"&lastname="+lastname+"&username="+username+"&email="+email+"&gender="+gender+"&phoneNum="+phoneNum+"&password="+password+"&confirmPass="+confirmPass);
67. }
68. }
69.  
70. <?php
71. if(isset($_POST['checkusername'])) {
72. include 'dbconn.php';
73. $username = mysqli_real_escape_string($conn, $_POST['checkusername']);
74. $sql = "SELECT * FROM users WHERE username='$username'";
75. $result = mysqli_query($conn, $sql);
76. $usernameCount = mysqli_num_rows($result);
77. if(strlen($username) < 4 || strlen($username) > 16) {
78. echo "<p class='red'>4 - 16 Characters please!</p>";
79. exit();
80. } else if(is_numeric($username[0])) {
81. echo "<p class='red'>Username must begin with letter!</p>";
82. exit();
83. } else if($usernameCount < 1) {
84. echo "<p class='green'>$username is available!</p>";
85. exit();
86. } else {
87. echo "<p class='red'>$username is already taken!</p>";
88. exit();
89. }
90. }
91.  
92. if(isset($_POST['username'])) {
93. include 'dbconn.php';
94. $firstname = mysqli_real_escape_string($conn, $_POST['firstname']);
95. $lastname = mysqli_real_escape_string($conn, $_POST['lastname']);
96. $username = mysqli_real_escape_string($conn, $_POST['username']);
97. $email = mysqli_real_escape_string($conn, $_POST['email']);
98. $gender = mysqli_real_escape_string($conn, $_POST['gender']);
99. $phoneNum = mysqli_real_escape_string($conn, $_POST['phoneNum']);
100. $password = mysqli_real_escape_string($conn, $_POST['password']);
101. $confirmPass = mysqli_real_escape_string($conn, $_POST['confirmPass']);
102. $ip = preg_replace('#[^0-9.]#', '', getenv('REMOTE_ADDR'));
103.  
104. $sql = "SELECT * FROM users WHERE username='$username'";
105. $result = mysqli_query($conn, $sql);
106. $usernameCount = mysqli_num_rows($result);
107.  
108. $sql = "SELECT * FROM users WHERE username='$username'";
109. $result = mysqli_query($conn, $sql);
110. $emailCount = mysqli_num_rows($result);
111.  
112. if($firstname == "" || $lastname == "" || $username == "" || $email == "" || $gender == "" || $phoneNum == "" || $password == "" || $confirmPass == "") {
113. echo "<p class='red'>Please fill out all fields!</p>";
114. exit();
115. } else if($password != $confirmPass) {
116. echo "<p class='red'>Password does not match!</p>";
117. exit();
118. } else if($usernameCount > 0) {
119. echo "<p class='red'>Username is already taken!</p>";
120. exit();
121. } else if($emailCount > 0) {
122. echo "<p class='red'>Email address already exist!</p>";
123. exit();
124. } else if(is_numeric($username[0])) {
125. echo "<p class='red'>Username must begin with letter!</p>";
126. exit();
127. } else if(strlen($username) < 4 || strlen($username) > 16) {
128. echo "<p class='red'>4 - 16 Characters please!</p>";
129. exit();
130. } else if(!filter_var($email, FILTER_VALIDATE_EMAIL)) {
131. echo "<p class='red'>Invalid email address!</p>";
132. exit();
133. } else {
134. $hashPass = password_hash($password, PASSWORD_DEFAULT);
135. $capFirstname = ucwords($firstname);
136. $capLastname = ucwords($lastname);
137.  
138. $sql = "INSERT INTO users (firstname, lastname, username, email, gender, phone_number, password, ip)
139. VALUES ('$capFirstname', '$capLastname', '$username', '$email', '$gender', '$phoneNum', '$hashPass', '$ip')";
140. $result = mysqli_query($conn, $sql);
141. echo "signup_success";
142. exit();
143. }
144. }