Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- /* registration
- * import variables
- * open database connection
- * strip slashes and escape characters
- *
- * run query on username
- * run query on email address
- *
- * if they already exist:
- * - present user with username alternatives (birth year? town?)
- * - ask user to login or request a new password (for existing email address)
- *
- * upload data to tables
- * redirect user to homepage (LOGGED IN)
- *
- */
- //import variables
- //Make sure that applicant is over 18
- $legal = array();
- $legal = $_POST['legal'];
- if(isset($legal[0]) && $legal[0] == "of_age") {
- if(isset($legal[1]) && $legal[1] == "read_it") {
- $username = $_POST['username_'];
- $password = $_POST['password_'];
- $fname = $_POST['fname_'];
- $lname = $_POST['lname_'];
- $email = $_POST['email_'];
- $location = $_POST['location_'];
- //fire up a mysql server connection
- $uid="accname";
- $pid="password";
- $dbname = "database";
- $lcn = "localhost";
- $link = mysql_connect($lcn, $uid, $pid);
- if(!$link) {
- die('Could not connect: '.mysql_error());
- }
- /* function for stripping slashes and protecting from SQL injection */
- function safedata($input) {
- // strip slashes from input
- if(get_magic_quotes_gpc()) {
- $input = stripslashes($input);
- }
- //quote if not a number
- if(!is_numeric($input)) {
- $input = mysql_real_escape_string($input);
- }
- return $input;
- }
- $username = safedata($username);
- $password = safedata($password);
- $fname = safedata($fname);
- $lname = safedata($lname);
- $email = safedata($email);
- $location = safedata($location);
- //open database
- $connectdb = mysql_select_db($dbname, $link);
- if(!$connectdb) {
- die('Could not connect to '.$dbname.': '.mysql_error());
- } else {
- $testConn = "<br /><small>(connected to <b>".$dbname."</b>)</small>";
- }
- //check username and email availability and return suggestions if necessary
- function username_avail($username) {
- if(isset($username) && $username !=null) {
- //sql to check user.username for the same username
- $checkuser = mysql_query("SELECT userid, username from user where username='$username'");
- $getRows_user = mysql_num_rows($checkuser);
- if($getRows_user > 0) {
- //need to choose another username. Suggest using current UTC date as suffix?
- $message = "<br />Unfortunately <b>$username</b> is taken, please choose another username.";
- $message = $message." available alternatives include: $username".(Date("s")-2*Date("H"));
- } else {
- //call an email check function to see if the email address is already registered to an account.
- }
- } else {
- $message = "Please make sure to complete all required fields, thank you.";
- }
- return $message;
- }
- //TEMPORARY to be replaced with a generic function
- $email_query = mysql_query("SELECT email from user where email='$email'");
- $getRows_email = mysql_num_rows($email_query);
- if($getRows_email > 0) {
- echo "Email account already registered to a user, please check that you have entered your email address correctly.<br />";
- } else {
- echo " Email is A-Okay.<br />";
- }
- //WORK IN PROGRESS - GENERIC FUNCTION
- function in_db($input, $fld, $tbl) {
- //generic function to compare input variable with database field to see if it already exists
- $sql = mysql_query("SELECT '$fld' FROM '$tbl' WHERE '$fld'='$input'");
- $getRows = mysql_num_rows($sql);
- if($getRows > 0) {
- $found = 1;
- } else {
- $found = 0;
- }
- return $found;
- }
- //connection close
- mysql_close($link);
- //test
- echo $username.": $fname $lname.";
- echo "<br />email address: ".$email;
- echo $testConn."<br />";
- echo username_avail($username)."<br />";
- echo "same job on ($email), but done with a generic function (in_db()): ";
- $fld = "email";
- $tbl = "user";
- echo in_db($email, $fld, $tbl);
- echo "<br /> Return to <a href='index.php'>homepage</a>.";
- } else {
- echo "Sorry, you must agree to the conditions outlined to participate in this website.";
- echo "<br />value of \$terms: ".$legal[1];
- echo "<br />value of \$over18: ".$legal[0];
- }
- } else {
- echo "Sorry, you are not old enough to participate in this website.";
- echo "<br />value of \$terms: ".$legal[1];
- echo "<br />value of \$over18: ".$legal[0];
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement