API tools faq
paste
Guest User

Untitled

a guest
Sep 15th, 2017
25
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 9.29 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. // Create connection
  4. $conn =mysqli_connect("localhost", "root", "", "social");
  5. if(mysqli_connect_errno())
  6. {
  7.     echo"CONEECTION FAILED";
  8. }
  9. else
  10. echo "";
  11.  
  12.  
  13.  
  14.  
  15.  
  16. //Declaring variables to prevent errors
  17. $firstname = ""; //First name
  18. $lastname = "";
  19. $qualification="";
  20. $specialist="";
  21. $experience="";
  22. $clinic_address="";
  23. $clinic_contact="";
  24. $personal_contact="";
  25. $email = ""; //email
  26. $licencekey="";
  27. $recognition="";
  28. $description="";
  29. $password = ""; //password
  30. $confirm_password = "";
  31. $salt = ""; //password 2
  32. $flag=0;
  33.  $error_array = array(); //Holds error messages
  34.  
  35. if(isset($_POST['register_button'])){
  36.  
  37.     //Registration form values
  38.  
  39.     //First name
  40.     $firstname = strip_tags($_POST['firstname']); //Remove html tags
  41.     $firstname = str_replace(' ', '', $firstname); //remove spaces
  42.     $firstname = ucfirst(strtolower($firstname)); //Uppercase first letter
  43.     $_SESSION['firstname'] = $firstname; //Stores first name into session variable
  44.  
  45.     //Last name
  46.     $lastname = strip_tags($_POST['lastname']); //Remove html tags
  47.     $lastname = str_replace(' ', '', $lastname); //remove spaces
  48.     $lastname = ucfirst(strtolower($lastname)); //Uppercase first letter
  49.     $_SESSION['lastname'] = $lastname; //Stores last name into session variable
  50.  
  51.    
  52.     //qualification
  53.     $qualification = strip_tags($_POST['qualification']); //Remove html tags
  54.     $qualification = str_replace(' ', '', $qualification); //remove spaces
  55.     $qualification = ucfirst(strtolower($qualification)); //Uppercase first letter
  56.     $_SESSION['qualification'] = $qualification;
  57.  
  58.    
  59.     //specialist
  60.     $specialist = strip_tags($_POST['specialist']); //Remove html tags
  61.     $specialist = str_replace(' ', '', $specialist); //remove spaces
  62.     $specialist = ucfirst(strtolower($specialist)); //Uppercase first letter
  63.     $_SESSION['specialist'] = $specialist;
  64.  
  65.  
  66.     //experience
  67.     $experience = strip_tags($_POST['experience']); //Remove html tags
  68.     $experience = str_replace(' ', '', $experience); //remove spaces
  69.     $experience = ucfirst(strtolower($experience)); //Uppercase first letter
  70.     $_SESSION['experience'] = $experience;
  71.  
  72.    
  73.     //clinic_address
  74.     $clinic_address = strip_tags($_POST['clinic_address']); //Remove html tags
  75.     $clinic_address = str_replace(' ', '', $clinic_address); //remove spaces
  76.     $clinic_address = ucfirst(strtolower($clinic_address)); //Uppercase first letter
  77.     $_SESSION['clinic_address'] = $clinic_address;
  78.  
  79.    
  80.     //clinic_contact
  81.     $clinic_contact = strip_tags($_POST['clinic_contact']); //Remove html tags
  82.     $clinic_contact = str_replace(' ', '', $clinic_contact); //remove spaces
  83.     $clinic_contact = ucfirst(strtolower($clinic_contact)); //Uppercase first letter
  84.     $_SESSION['clinic_contact'] = $clinic_contact;
  85.    
  86.  
  87.     //clinic_contact
  88.     $personal_contact = strip_tags($_POST['personal_contact']); //Remove html tags
  89.     $personal_contact = str_replace(' ', '', $personal_contact); //remove spaces
  90.     $personal_contact = ucfirst(strtolower($personal_contact)); //Uppercase first letter
  91.     $_SESSION['personal_contact'] = $personal_contact;  
  92.  
  93.  
  94.  
  95.  
  96.     //email
  97.     $email = strip_tags($_POST['email']); //Remove html tags
  98.     $email= str_replace(' ', '', $email); //remove spaces
  99.     $email = ucfirst(strtolower($email)); //Uppercase first letter
  100.     $_SESSION['email'] = $email;
  101.  
  102.  
  103.     //licencekey
  104.     $licencekey = strip_tags($_POST['licencekey']); //Remove html tags
  105.     $licencekey = str_replace(' ', '', $licencekey); //remove spaces
  106.     $licencekey = ucfirst(strtolower($licencekey)); //Uppercase first letter
  107.     $_SESSION['licencekey'] = $licencekey;
  108.  
  109.  
  110.     //recognition
  111.     $recognition = strip_tags($_POST['recognition']); //Remove html tags
  112.     $recognition = str_replace(' ', '', $recognition); //remove spaces
  113.     $recognition = ucfirst(strtolower($recognition)); //Uppercase first letter
  114.     $_SESSION['recognition'] = $recognition;
  115.  
  116.  
  117.     //description
  118.     $description = strip_tags($_POST['description']); //Remove html tags
  119.     $description = str_replace(' ', '', $description); //remove spaces
  120.     $description = ucfirst(strtolower($description)); //Uppercase first letter
  121.     $_SESSION['description'] = $description;
  122.  
  123.  
  124.  
  125.  
  126.     //Password
  127.     $password = strip_tags($_POST['password']); //Remove html tags
  128.     $password = str_replace(' ', '', $password); //remove spaces
  129.     $password = ucfirst(strtolower($password)); //Uppercase first letter
  130.     $_SESSION['password'] = $password;
  131.  
  132.  
  133.     $confirm_password = strip_tags($_POST['confirm_password']);
  134.     $confirm_password = str_replace(' ', '', $confirm_password); //remove spaces
  135.     $confirm_password = ucfirst(strtolower($confirm_password)); //Uppercase first letter
  136.     $_SESSION['confirm_password'] = $confirm_password;
  137.  
  138.  
  139.    
  140.         //Check if email is in valid format
  141.         if(filter_var($email, FILTER_VALIDATE_EMAIL)) {
  142.  
  143.             $email = filter_var($email, FILTER_VALIDATE_EMAIL);
  144.  
  145.             //Check if email already exists
  146.             $e_check = mysqli_query($con, "SELECT email FROM users WHERE email='$email'");
  147.  
  148.             //Count the number of rows returned
  149.             $num_rows = mysqli_num_rows($e_check);
  150.  
  151.             if($num_rows > 0) {
  152.                 array_push($error_array, "Email already in use<br>");
  153.             }
  154.         }
  155.         else {
  156.             array_push($error_array, "Invalid email format<br>");
  157.        
  158.         }
  159.  
  160.        }
  161.  
  162.    
  163.     if(strlen($firstname) > 25 || strlen($firstname) < 2) {
  164.         array_push($error_array, "Your first name must be between 2 and 25 characters<br>");
  165.     }
  166.  
  167.     if(strlen($lastname) > 25 || strlen($lastname) < 2) {
  168.         array_push($error_array,  "Your last name must be between 2 and 25 characters<br>");
  169.     }
  170.     if(strlen($qualification) > 150 || strlen($firstname) < 2) {
  171.         array_push($error_array, "Your qualification must be between 2 and 150 characters(including spaces)<br>");
  172.     }
  173.     if(strlen($specialist) > 150 || strlen($specialist) < 2) {
  174.         array_push($error_array, "Your specialisation must be between 2 and 150 characters(including spaces)<br>");
  175.     }
  176.     if(strlen($experience) > 3 || strlen($experience) < 0 ) {
  177.         array_push($error_array, "Your experience must be in years and it can not be greater than 2 digits<br>");
  178.     }
  179.     if(strlen($clinic_address) > 50 ) {
  180.         array_push($error_array, "Your address can not be more than 50 words<br>");
  181.       }
  182.     if(strlen($clinic_contact) != 10) {
  183.         array_push($error_array, "Invalid clinic contact<br>");
  184.     }
  185.     if(strlen($personal_contact) != 10) {
  186.         array_push($error_array, "Invalid personal contact<br>");
  187.     }
  188.     if(strlen($licencekey) > 25 || strlen($licencekey) < 2) {
  189.         array_push($error_array, "Your licensekey must be between 2 and 25 characters<br>");
  190.     }
  191.     if(strlen($description) > 250 || strlen($description) < 15) {
  192.         array_push($error_array, "Your description must be between 15 and 250 characters<br>");
  193.     }
  194.    
  195.    
  196.  
  197.     if($password != $confirm_password) {
  198.         array_push($error_array,  "Your passwords do not match<br>");
  199.  
  200.     }
  201.     else {
  202.     if(!preg_match('/^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[^a-zA-Z0-9])(?!.*\s).{8,25}$/', $password)){
  203.        
  204.     //echo'wrong...!';
  205.     return false;
  206.     }
  207.  
  208. else
  209. {
  210.   echo'right';
  211.   $flag = 1;
  212.     return true;}}
  213.  
  214. if($flag == 1){
  215. $escapedPW = mysqli_real_escape_string($conn,$_REQUEST['password']);
  216.  
  217. # generate a random salt to use for this account
  218. $salt = bin2hex(mcrypt_create_iv(32, MCRYPT_DEV_URANDOM));
  219. $saltedPW =  $escapedPW . $salt;
  220. ///sha256 is a hashing algorithm
  221. $hashedPW = hash('sha256', $saltedPW);}
  222.         //Generate username by concatenating first name and last name
  223.         $username = strtolower($firstname . "_" . $lastname);
  224.         $check_username_query = mysqli_query($con, "SELECT username FROM users WHERE username='$username'");
  225.  
  226.  
  227.         $i = 0;
  228.         //if username exists add number to username
  229.         while(mysqli_num_rows($check_username_query) != 0) {
  230.             $i++; //Add 1 to i
  231.             $username = $username . "_" . $i;
  232.             $check_username_query = mysqli_query($con, "SELECT username FROM users WHERE username='$username'");
  233.         }
  234.  
  235.         //Profile picture assignment
  236.        
  237. $sql = "INSERT INTO users VALUES ('firstname','lastname','qualification','specialist','experience','clinic_address',clinic_contact','personal_contact','email','licencekey','recognition','password',,'salt')  VALUES ('$firstname','$lastname','$qualification','$specialist','$experience','$clinic_address','$clinic_contact','$personal_contact','$email','$licencekey','$recognition','$password','$salt','hashedPW')");
  238.  
  239. $result=$con->query($sql);
  240. if($result == true)
  241.     echo "inserted";
  242. else
  243.     echo "not inserted";
  244.  
  245.        
  246.  
  247.         //$query = mysqli_query($con, "INSERT INTO users ('firstname','lastname','qualification','specialist','experience','clinic_address,'clinic_contact','personal_contact','email','licencekey','recognition','password',,'salt')  VALUES ('$firstname','$lastname','$qualification','$specialist','$experience','$clinic_address','$clinic_contact','$personal_contact','$email','$licencekey','$recognition','$password','$salt','hashedPW')");
  248.  
  249.         array_push($error_array, "<span style='color: #14C800;'>You're all set! Goahead and login!</span><br>");
  250.  
  251.         //Clear session variables
  252.         $_SESSION['firstname'] = "";
  253.         $_SESSION['lastname'] = "";
  254.         $_SESSION['qualification'] = "";
  255.         $_SESSION['specialist'] = "";
  256.         $_SESSION['experience'] = "";
  257.         $_SESSION['clinic_address'] = "";
  258.         $_SESSION['clinic_contact'] = "";
  259.         $_SESSION['personal_contact'] = "";
  260.         $_SESSION['email'] = "";
  261.         $_SESSION['licencekey'] = "";
  262.         $_SESSION['recognition'] = "";
  263.         $_SESSION['password'] = "";
  264.         $_SESSION['confirm_password'] = "";
  265.         $_SESSION['salt'] = "";
  266.    
  267.    
  268. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!