Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php require_once("checklogin.php"); ?>
- <?php
- require_once("includes/functions.php");
- if(isset($_POST['f_name'], $_POST['l_name'], $_POST['email'], $_POST['user_name'], $_POST['user_pswd'],
- $_POST['user_pswd2'], $_POST['type']))
- {
- require_once("includes/connection.php");
- //real escape all the user entered data
- $f_name = $connection->real_escape_string($_POST['f_name']);
- $l_name = $connection->real_escape_string($_POST['l_name']);
- $email = $connection->real_escape_string($_POST['email']);
- $user_name = $connection->real_escape_string($_POST['user_name']);
- $user_pswd = $connection->real_escape_string($_POST['user_pswd']);
- $user_pswd2 = $connection->real_escape_string($_POST['user_pswd2']);
- $type = $_POST['type'];
- echo $l_name . "<br />" . $email . "<br />";
- //check the amount of rows that matches the username to see if it is taken
- $stmt = $connection->prepare("SELECT COUNT(user_name) AS count
- FROM user
- WHERE user_name = ?");
- $stmt->bind_param('s', $user_name);
- $stmt->execute();
- $stmt->bind_result($count); // place the result (count) into this variable
- $stmt->fetch(); //fill the result variable(s) binded
- $stmt->close();
- $same = false;
- if($user_pswd == $user_pswd2)
- {
- $same = true;
- }
- if(((int)$count == 0) && ($same == true))
- { // username is not taken and there is no password mismatch
- $user_pswd = hashed_pass($user_pswd); // produce hashed password
- $query = <<<SQL
- INSERT INTO
- user
- (user_type, fname, lname, user_name, user_password,
- user_email)
- VALUES
- ('$type',
- '$f_name',
- '$l_name',
- '$user_name',
- '$user_pswd',
- '$email'
- );
- SQL;
- if(isset($query))
- {
- $result = $connection->query($query);
- if(!$result)
- {
- echo "Error Message: " . $connection->error; // if query failed empty spit out an error
- }
- else
- {
- header("location: user_add_success.php"); //sent to success page
- exit();
- }
- }
- $connection->close();
- }
- elseif((int)$count > 0) // if the username is taken
- {
- header("location: taken_username.php"); //sent to error page
- exit();
- }
- elseif($same == false) // if there is a password mismatch
- {
- header("location: pswd_mismatch.php"); //sent to error page
- exit();
- }
- }
- else
- {
- header("location: missing_info.php"); //sent back to the Add user page
- exit();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement