Login(2)

1. <?php
2. $db_server = mysql_connect('localhost','root','');
3. if(!$db_server)
4. die('Unable to connect to mysql'.mysql_error());
5. mysql_select_db('lab',$db_server)
6. or die('unable to connect to database '.mysql_error());
7. date_default_timezone_set('Africa/Cairo');
8. $email=$fname=$lname=$minit=$home_address=$phone_number=$bank_account=$routing_number=$shipping_address=$password="";
9. $fail="";
10. $submit = $_POST["submit"];
11. if($submit=="LogIn")
12. {
13. $email=$_POST["emaill1"];
14. $password=$_POST["password1"];
15. $fail = validate_email($email);
16. $fail .= validate_password($password);
17. checklogin($email,$fail,$password);
18. }else if($submit=="Register")
19. {
20. $email=$_POST["email"];
21. $fname=$_POST["fusername"];
22. $password=$_POST["password"];
23. $lname=$_POST["lusername"];
24. $minit=$_POST["musername"];
25. $home_address=$_POST["haddress"];
26. $phone_number=$_POST["phonenumber"];
27. $bank_account=$_POST["bankaccount"];
28. $routing_number=$_POST["routingnum"];
29. $shipping_address=$_POST["shipadd"];
30. $fail = validate_fname($fname);
31. $fail .= validate_lname($lname);
32. $fail .= validate_minname($minit);
33. $fail .= validate_homeadd($home_address);
34. $fail .= validate_phonenum($phone_number);
35. $fail .= validate_bankacc($bank_account);
36. $fail .= validate_routingnum($routing_number);
37. $fail .= validate_shipadd($shipping_address);
38. $fail .= validate_password($password);
39. $fail .= validate_email($email);  
40. createuser($email,$fname,$password,$fail,$lname,$minit,$home_address,$phone_number,$bank_account,$routing_number,$shipping_address);
41. }
42.  
43. function validate_fname($fname)
44. {
45. if($fname=="")
46. return "first name field is empty <br>";
47. else
48. return "";
49. }
50. function validate_lname($lname)
51. {
52. if($lname=="")
53. return "last name field is empty <br>";
54. else
55. return "";
56. }
57. function validate_minname($minit)
58. {
59. if($minit=="")
60. return "middle initial name field is empty <br>";
61. else
62. return "";
63. }
64. function validate_homeadd($home_address)
65. {
66. if($home_address=="")
67. return "home address field is empty <br>";
68. else
69. return "";
70. }
71.  
72. function validate_phonenum($phone_number)
73. {
74. if($phone_number=="")
75. return "phone number field is empty <br>";
76. else
77. return "";
78. }
79. function validate_bankacc($bank_account)
80. {
81. if($bank_account=="")
82. return "bank account field is empty <br>";
83. else
84. return "";
85. }
86.  
87. function validate_routingnum($routing_number)
88. {
89. if($routing_number=="")
90. return "routing number field is empty <br>";
91. else
92. return "";
93. }
94. function validate_shipadd($shipping_address)
95. {
96. if($shipping_address=="")
97. return "shipping addressfield is empty <br>";
98. else
99. return "";
100. }
101.  
102. function validate_password($password)
103. {
104. if ($password == "")
105. return "No Password was entered<br>";
106. else if (strlen($password) < 6)
107. return "Passwords must be at least 6 characters<br>";
108. return "";
109. }
110. function validate_email($email)
111. {
112. if ($email == "")
113. return "No Email was entered<br>";
114. else if (!((strpos($email, ".") > 0) &&
115. (strpos($email, "@") > 0)) ||
116. preg_match("/[^a-zA-Z0-9.@_-]/", $email))
117. return "The Email address is invalid<br>";
118. return "";
119. }
120. function checklogin($emaill1,$fail,$password)
121. {
122. if($fail=="")
123. {
124. $res = mysql_query("SELECT email,password FROM member WHERE email='$emaill1'");
125. $row = mysql_fetch_row($res);
126. if($row<=0)
127. {
128. echo "This user is not found !!!<br>";
129. echo "<a href=\"javascript:history.go(-1)\">GO BACK To The Form</a>";
130. }
131. else if($row>0)
132. {
133. $temp2=$row[1];
134. if($temp2!=md5($password))
135. {
136. echo "Password is incorrect for this user !!!<br>";
137. echo "<a href=\"javascript:history.go(-1)\">GO BACK To The Form</a>";
138. exit();
139. }
140. else
141. {
142.  
143. session_start();
144. $_SESSION['email']=$username;
145. $_SESSION['password']=md5($password);
146. header("location: welcome.php");
147.  }
148. }
149. }
150. }
151.  
152.  
153. function createuser($email,$fname,$lname,$minit,$home_address,$phone_number,$bank_account,$routing_number,$shipping_address,$password,$fail)
154. {
155. if($fail=="")
156. {
157. $res = mysql_query("SELECT email,fname,password FROM member WHERE fname='$fname'");
158. $res1= mysql_query("SELECT email,fname,password FROM member WHERE email='$email'");
159. $row = mysql_fetch_row($res);
160. $row1 = mysql_fetch_row($res1);
161. if($row>0)
162. {
163.    
164.     echo "Username is already taken ,Refill the form!!!<br>";
165.     echo "<a href=\"javascript:history.go(-1)\">GO BACK To The Form</a>";
166. }
167. else if($row1>0)
168. {
169.  
170.     echo "This email is already registered for another username,Refill the form!!<br>";
171.     echo "<a href=\"javascript:history.go(-1)\">GO BACK To The Form</a>";
172. }
173. else
174. {
175.   $password=md5($password);
176.   if(!mysql_query("INSERT INTO member(email,fname,minit,lname, password,home_address,phone_number,bank_account,shipping_address) VALUES('$email','$fname','$minit,'$lname','$password','$home_address','$phone_number','$bank_account','$routing_number','$shipping_address')"))
177. die("Cant connect".mysql_error());  
178. else
179. {
180.   session_start();
181.   $_SESSION['name']=$username;
182.   $_SESSION['password']=md5($password);
183.   $_SESSION['dept_id']=NULL;
184.   header("location: welcome2.php");
185. }
186. }
187. }
188. }
189.  
190. ?>