Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- id | f_name | l_name | position | paygrade | users_id |..|
- id | username | password | user_level | user_roles | email | employee_id
- <?php
- //If the POST var "register" exists (our submit button), then we can
- //assume that the user has submitted the registration form.
- if(isset($_POST['register'])){
- //Retrieve the field values from our registration form.
- //to be inserted in employee table
- $first_name = !empty($_POST['first_name']) ? trim($_POST['first_name']) : null;
- $last_name = !empty($_POST['last_name']) ? trim($_POST['last_name']) : null;
- $email = !empty($_POST['email']) ? trim($_POST['email']) : null;
- $phone = !empty($_POST['phone']) ? trim($_POST['phone']) : null;
- $company_name = !empty($_POST['company_name']) ? trim($_POST['company_name']) : null;
- $subdomain_name = !empty($_POST['subdomain_name']) ? trim($_POST['subdomain_name']) : null;
- //to be inserted in users table
- $username = !empty($_POST['username']) ? trim($_POST['username']) : null;
- $password = !empty($_POST['password']) ? trim($_POST['password']) : null;
- //TO ADD: Error checking (username characters, password length, etc).
- //Basically, you will need to add your own error checking BEFORE
- //the prepared statement is built and executed.
- //Now, we need to check if the supplied username already exists.
- //Construct the SQL statement and prepare it.
- $sqlUsername = "SELECT COUNT(username) AS num FROM users WHERE username = :username";
- $stmt = $pdo->prepare( $sqlUsername);
- //Bind the provided username to our prepared statement.
- $stmt->bindValue(':username', $username);
- //Execute.
- $stmt->execute();
- //Fetch the row.
- $row = $stmt->fetch(PDO::FETCH_ASSOC);
- //If the provided username already exists - display error.
- //TO ADD - Your own method of handling this error. For example purposes,
- //I'm just going to kill the script completely, as error handling is outside
- //the scope of this tutorial.
- if($row['num'] > 0){
- die('That username already exists!');
- }
- //Hash the password as we do NOT want to store our passwords in plain text.
- $passwordHash = password_hash($password, PASSWORD_BCRYPT, array("cost" => 12));
- //Prepare our INSERT statement.
- //Remember: We are inserting a new row into our users table.
- $sqlUsername = "INSERT INTO users (username, password) VALUES (:username, :password)";
- $stmt = $pdo->prepare( $sqlUsername);
- //Bind our variables.
- $stmt->bindValue(':username', $username);
- $stmt->bindValue(':password', $passwordHash);
- //Execute the statement and insert the new account.
- $result = $stmt->execute();
- //If the signup process is successful.
- if($result){
- //do something here
- echo 'Thank you for registering with our website.';
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement