suk dik

1. <?php
2.  
3. include 'DB-connect.php';
4. require_once('functions.php');
5.  
6. $error = 0;
7.  
8.  
9. $valueUsername = mysqli_real_escape_string($link, $_POST['username']);
10. $valuePassword = mysqli_real_escape_string($link, $_POST['password']);
11. $valueeMail = mysqli_real_escape_string($link, $_POST['email']);
12. $valueRealName = mysqli_real_escape_string($link, $_POST['realname']);
13. $valueAge = mysqli_real_escape_string($link, $_POST['age']);
14.  
15. $usernameQuery = "SELECT username FROM accounts WHERE username='$valueUsername'";
16. $checkUsername = mysqli_query($link, $usernameQuery);
17.  
18. if(0 < mysqli_num_rows($checkUsername))
19. {
20. echo '<script>alert("That username has already been used.");</script>';
21. $error++;
22. }
23.  
24. if(0 === preg_match("/\S+/", $_POST['username']))
25. {
26. echo '<script>alert("Your username is invalid.");</script>';
27. $error++;
28. }
29.  
30. if(0 === preg_match("/.{10,}/", $_POST['password']))
31. {
32. echo '<script>alert("The password entered was invalid. (Too short)");</script>';
33. $error++;
34. }
35.  
36. if(0 === preg_match("/\S+/", $_POST['realname']))
37. {
38. echo '<script>alert("Please enter a real name.");</script>';
39. $error++;
40. }
41.  
42. if (0 === preg_match("/.+@.+\..+/", $_POST['email']))
43. {
44. echo '<script>alert("Invalid e-mail.");</script>';
45. $error++;
46. }
47.  
48. $emailQuery="SELECT email FROM accounts WHERE email='$valueeMail'";
49. $checkEmail = mysqli_query($link, $emailQuery);
50.  
51. if(0 < mysqli_num_rows($checkEmail))
52. {
53. echo '<script>alert("That e-mail has already been used.");</script>';
54. $error++;
55. }
56.  
57. if(0 === preg_match("/\S+/", $_POST['age']))
58. {
59. echo '<script>alert("Please enter your age.");</script>';
60. $error++;
61. }
62.  
63.  
64.  
65. $uniqueSalt = unique_salt();
66. $hash = myhash($valuePassword, $uniqueSalt);
67.  
68.  
69. if ($error<1)
70. {
71.  
72. $sql = "INSERT INTO accounts (username, password, Salt, email, realname, age) VALUES ('$valueUsername', '$hash', '$uniqueSalt', '$valueeMail', '$valueRealName', '$valueAge')";
73. }
74.  
75.  
76.  
77. if ($error<1)
78. {
79. header("refresh:0; url= include/login.php");
80. echo '<h1 style="text-align: center; font-weight:600;">Account created,</h1><h2 style="text-align: center;"> redirecting to login-page in a few seconds...</h2>';
81. }
82.  
83. else if ($error>0)
84. {
85. echo '<script>alert("You are missing something, try again!");</script>';
86. header("refresh:0; url= include/registration.php");
87. }
88. if (!mysqli_query($link, $sql))
89. {
90. die('Error: ' . mysqli_error($link));
91.  
92. }
93.  
94.  
95.  
96. mysqli_close($link);
97.  
98.  
99.  
100.  
101.  
102. ?>