Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!-- register.html, this page is where people can register new accounts -->
- <?php
- date_default_timezone_set('America/New_York');
- session_start();
- require("credentials.php");
- ?>
- <html>
- <head>
- <script type='text/javascript' src='formcheck.js'></script>
- <script type='text/javascript' src='jquery-1.5.1.min.js'></script>
- <?php
- //server side string and account validation, werd
- if(isset($_GET["act"]) && strcmp($_GET["act"], "validate") == 0){
- echo "in function";
- //connect to database
- $conn = mysql_connect($dbhost, $dbuser, $dbpass) or die("Unable to connect to MySQL");
- //Select Database
- mysql_select_db($dbname) or die(mysql_error());
- $err = validate_info($_POST, $sql_conn);
- //close connection
- mysql_close();
- //if error, print it. otherwise, create new account!
- if($err)
- echo '<script type="text/javascript">parent.showError("'.$err.'");</script>';
- else{
- //everything is ok, create session data and create the new account
- $query = "insert into ".$dbname.".users (firstname, lastname,
- username, password, email) values ('".$_POST["n_first"]."', '".$_POST["n_last"]."', '".$_POST["n_name"]."',
- '".$_POST["n_pass"]."', '".$_POST["n_mail"]."');";
- //submit the query
- $query_result = mysql_query($query) or die(mysql_error());
- $lastInsertUserId = mysql_insert_id();
- /*I'm almost 100% sure this is the worst way of redirecting the parent window from an iframe.
- Part of me regrets writing this function, but it works for now and i'll get around to fixing
- it later*/
- //redirect_parent();
- //header("Location: login.php");
- }
- /*
- else if(isset($_GET["act"]) && strcmp($_GET["act"], "show") == 0){
- //;//do something
- }
- else{
- //header("Location: /");
- }*/
- }
- //maybe move this function to utilities?
- function validate_info($userdata, $connection){
- //make sure first and last name only contain alpha-chars
- if(preg_match("/[^a-zA-Z]/", $userdata["n_first"]) || preg_match("/[^a-zA-Z]/", $userdata["n_last"]))
- return "First and Last name can only contain letters.";
- //check if username only contains alpha-numeric characters
- if(preg_match("/[^a-zA-Z0-9]/", $userdata["n_name"]))
- return "Username can only contain letters and numbers";
- //create the sql query
- $query = "select userid,username from ".$dbname.".users where username='".$userdata['n_name']."';";
- //submit the query
- $query_result = mysql_query($query) or die(mysql_error());
- if($check = mysql_fetch_array($query_result))
- return "Username is taken";
- //check password for illegal symbols
- if(preg_match("/[^a-zA-Z0-9!#&_?]/", $userdata["n_pass"]))
- return "Passwords can only contain letters, numbers, and ! # & _ ?";
- return "";
- }
- /* this function is so many sad faces :( :( :( :( */
- function redirect_parent(){
- echo '<script type="text/javascript">parent.window.location="/create/";</script>';
- }
- ?>
- <link rel='stylesheet' href='public/css/index.css' type='text/css' media='screen'/>
- <title>PIMS Registration</title>
- </head>
- <body>
- <div id='create'>
- <form name="signup" action="register.php?act=validate" method="post" enctype="multipart/form-data">
- <table>
- <!-- First name -->
- <tr>
- <td valign="middle">
- First Name:
- </td>
- <td valign="middle">
- <input type="text" name="n_first">
- </td>
- </tr>
- <!-- Last name -->
- <tr>
- <td valign="middle">
- Last Name:
- </td>
- <td valign="middle">
- <input type="text" name="n_last">
- </td>
- </tr>
- <!-- user name -->
- <tr>
- <td valign="middle">
- Username:
- </td>
- <td valign="middle">
- <input type="text" name="n_name">
- </td>
- </tr>
- <!-- email address -->
- <tr>
- <td valign="middle">
- Email:
- </td>
- <td valign="middle">
- <input type="text" name="n_mail">
- </td>
- </tr>
- <!-- password -->
- <tr>
- <td valign="middle">
- Password:
- </td>
- <td valign="middle">
- <input type="password" name="n_pass">
- </td>
- </tr>
- <!-- confirm password -->
- <tr>
- <td valign="middle">
- Confirm Password:
- </td>
- <td valign="middle">
- <input type="password" name="n_cpass">
- </td>
- </tr>
- <!-- Buttons -->
- <tr>
- <td/>
- <td align="right" valign="middle">
- <input type="button" value="Cancel" onClick="window.location = 'index.html'"/>
- <input type="submit" value="Create"/>
- </td>
- </tr>
- </table>
- </form>
- </div>
- <div id="output"></div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment