register.php

1. <?php
2.     include("globals/layout/header.php");  
3.  
4.     $beta_on = 1;
5.  
6.     if(isset($_POST['register'])) {
7.    
8.         // grab form data
9.         $login_name            = mysqli_real_escape_string(strip_tags($db, $_POST['login']));
10.         $username             = mysqli_real_escape_string(strip_tags($db,$_POST['username']));
11.         $password            = mysqli_real_escape_string(strip_tags($db, $_POST['password']));
12.         $password_again        = mysqli_real_escape_string(strip_tags($db, $_POST['password_again']));
13.         $email                = mysqli_real_escape_string(strip_tags($db, $_POST['email']));
14.         $birthdate            = mysqli_real_escape_string(strip_tags($db, $_POST['date_month']) . '/' . mysqli_real_escape_string(strip_tags($db,($_POST['date_day'])) . '/' . mysqli_real_escape_string(strip_tags($db, $_POST['date_year']));
15.         $bday                = mysqli_real_escape_string(strip_tags($db, $_POST['date_year'])) . '/' . mysqli_real_escape_string(strip_tags($db, $_POST['date_month'])) . '/' . mysqli_real_escape_string(strip_tags($db,$_POST['date_day']));
16.         $age                 = calculateAge($bday);
17.         $ip                    = $_SERVER['REMOTE_ADDR'];
18.         $registered            = date("Y-m-d H:i:s");      
19.         $security_q            = mysqli_real_escape_string(strip_tags($db, $_POST['security_q']));
20.         $security_a            = mysqli_real_escape_string(strip_tags($db,$_POST['security_a']));
21.         $access_code        = mysqli_real_escape_string(strip_tags($db,$_POST['access_code']));
22.  
23.         if($beta_on = 1) {
24.             $beta = 'Yes';
25.         } else {
26.             $beta = 'No';
27.         }
28.        
29.         $login_check     = mysqli_num_rows(mysqli_query($db, "SELECT `id` FROM users WHERE `login_name`='".$login_name."' LIMIT 1"));
30.         $email_check    = mysqli_num_rows(mysqli_query($db, "SELECT * FROM users WHERE `user_email`='".$email."'"));
31.         $access_check    = mysqli_num_rows(mysqli_query($db, "SELECT * FROM users WHERE `access_code`='".$access_code."'"));
32.  
33.         // set options for password_hash
34.         $options = array(
35.            'cost' => 12,
36.         );
37.              
38.         $hashed_password = password_hash($password, PASSWORD_BCRYPT, $options);
39.         // check that all fields are filled out
40.         if(empty($login_name) || empty($username) || empty($password) || empty($password_again) || empty($email) || empty($birthdate) || empty($access_code)) {
41.             echo $fill_all;
42.         // verify that access code is correct
43.         } else if(!$access_code) {
44.             echo $access_code_incorrect;
45.         // verify that passwords match
46.         } else if($password != $password_again) {
47.             echo $invalid_pass_match;
48.         // verify that login name is unique
49.         } else if ($login_check) {
50.             echo $login_name_not_unique;
51.         // verify that email has only been used three times maximum
52.         } else if ($email_check > 3) {
53.             echo $email_used_x3;
54.         // verify that the user is older than 13 years old from birthdate
55.         } else if ($age < 13) {
56.             echo $too_young;
57.         // if all checks pass, register user
58.         } else {
59.             $query    =    "UPDATE users SET login_name ='".$login_name."', username = '".$username."', password='".$hashed_password."', user_email='".$email."', user_birthdate='".$birthdate."', user_age='".$age."', ip_address='".$ip."', beta='".$beta."', join_date='".$registered."', security_question='".$security_q."', security_answer='".$security_a."' WHERE `access_code` = '".$access_code."'";
60.             mysqli_query($db, $query);
61.            
62.             echo $registration_complete;
63.         }
64.     }
65.         //calculate age of user
66.         function calculateAge($bday) {
67.          $birth = strtotime($bday);
68.          $ageStamp = time() - $birth;
69.          $year = 60 * 60 * 24 * 365; // not accounting for leap year!!!
70.          return floor($ageStamp / $year);
71.         }
72. ?>
73. <div class="formLayout">
74.     <h2>Come Join Us In Eqcetera v2.0!</h2>
75.     <div class="formLayout-body">
76.         <form action="" method="post">
77.             <!-- USERNAME FIELD  -->
78.                 <label for="username">Username: <span style="font-size:smaller;">(what other's will know you as)</span></label>
79.                 <input class="login_input" type="text" name="username" id="username"   autocomplete="off" ><br />
80.             <!-- LOGIN NAME FIELD  -->
81.                 <label for="login">Login Name: <span style="font-size:smaller;">(only letters and numbers, 3 to 64 characters, must be unique)</span> </label>
82.                 <input class="login_input" type="text" pattern="[a-zA-Z0-9]{3,64}" name="login" id="login"  autocomplete="off" required="" ><br />
83.             <!-- PASSWORD FIELD  -->
84.                 <label for="password">Password: <span style="font-size:smaller;">(min. 6 characters)</span>  </label>
85.                 <input class="login_input" type="password" name="password" id="password" pattern="{4,64}" autocomplete="off" required=""><br />
86.             <!-- PASSWORD AGAIN FIELD  -->
87.                 <label for="password_again">Password Again: </label>
88.                 <input class="login_input" type="password" name="password_again" pattern="{4,64}" id="password_again" autocomplete="off" required=""><br />
89.             <!-- EMAIL FIELD  -->
90.                 <label for="email">Valid Email: </label>
91.                 <input class="login_input" type="email" name="email" id="email" autocomplete="off" required=""><br />
92.             <!-- ACCESS CODE FIELD  -->
93.                 <label for="access_code">v2.0 BETA Access Code: </label>
94.                 <input class="login_input" type="text" name="access_code" id="access_code" autocomplete="off" required=""><br />
95.             <!-- BIRTHDATE FIELD  -->
96.               <?php
97.                       $year_limit = '13';  
98.                      
99.                    $html_output = '        <label for="birth_date">Date of Birth:</label> ';
100.            
101.            
102.                    /*months*/
103.                    $html_output .= '<select name="date_month" id="month_select" required >';
104.                    $months = array("", "January", "February", "March", "April", "May", "June", "July", "August", "September", "October", "November", "December");
105.                        for ($month = 1; $month <= 12; $month++) {
106.                               if($month <= 9)
107.                         {
108.                             $month_o = "0".$month;
109.                         }
110.                         else if($month >= 10) {
111.                             $month_o = $month;
112.                         }
113.                            $html_output .= '               <option value="' . $month_o . '">' . $months[$month] . '</option>';
114.                        }
115.                    $html_output .= '           </select>'."\n";
116.                    /*days*/
117.                    $html_output .= '           <select name="date_day" id="day_select">';
118.                        for ($day = 1; $day <= 31; $day++) {
119.                        if($day < 10)
120.                         {
121.                             $day = "0".$day;
122.                         }
123.                            $html_output .= '               <option>' . $day . '</option>';
124.                        }
125.                    $html_output .= '           </select>'."\n";
126.                    /*years*/
127.                    $html_output .= '           <select name="date_year" id="year_select">';
128.                        for ($year = 1945; $year <= (date("Y") - $year_limit); $year++) {
129.                            $html_output .= '               <option>' . $year . '</option>';
130.                        }
131.                    $html_output .= '           </select> <br> ';
132.            
133.                echo $html_output;
134.             ?>
135.             <p align="center" style="font-size:15px;"><i>You will need to set a security question and answer. <br />This can be changed later and is used to reset your account <br />if you should lose the information.</i></p>
136.             <!-- SECURITY QUESTION FIELD  -->
137.                 <label for="security_q">Security Question: </label>
138.                 <input class="login_input" type="text" name="security_q" id="security_q" autocomplete="off" required=""><br />
139.             <!-- SECURITY ANSWER FIELD  -->
140.                 <label for="security_a">Security Answer: </label>
141.                 <input class="login_input" type="text" name="security_a" id="security_a" autocomplete="off" required=""><br />
142.  
143.             <!-- SUBMIT BUTTON -->
144.                 <div class="button-holder"><input type="submit"  name="register" value="Register!" /> </div>
145.         </form>
146.     </div>
147. </div>
148. <?php
149. // include footer file
150.     include("globals/layout/footer.php");
151. ?>