API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 8th, 2017
64
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.21 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. session_start();
  3. /* registration
  4. * import variables
  5. * open database connection
  6. * strip slashes and escape characters
  7. *
  8. * run query on username
  9. * run query on email address
  10. *
  11. * if they already exist:
  12. * - present user with username alternatives (birth year? town?)
  13. * - ask user to login or request a new password (for existing email address)
  14. *
  15. * upload data to tables
  16. * redirect user to homepage (LOGGED IN)
  17. *
  18. */
  19.  
  20. //import variables
  21. //Make sure that applicant is over 18
  22.  
  23. $legal = array();
  24. $legal = $_POST['legal'];
  25.  
  26. if(isset($legal[0]) && $legal[0] == "of_age") {
  27. if(isset($legal[1]) && $legal[1] == "read_it") {
  28. $username = $_POST['username_'];
  29. $password = $_POST['password_'];
  30. $fname = $_POST['fname_'];
  31. $lname = $_POST['lname_'];
  32. $email = $_POST['email_'];
  33. $location = $_POST['location_'];
  34.  
  35. //fire up a mysql server connection
  36. $uid="accname";
  37. $pid="password";
  38. $dbname = "database";
  39. $lcn = "localhost";
  40.  
  41. $link = mysql_connect($lcn, $uid, $pid);
  42. if(!$link) {
  43. die('Could not connect: '.mysql_error());
  44. }
  45.  
  46. /* function for stripping slashes and protecting from SQL injection */
  47. function safedata($input) {
  48.  
  49. // strip slashes from input
  50. if(get_magic_quotes_gpc()) {
  51. $input = stripslashes($input);
  52. }
  53.  
  54. //quote if not a number
  55. if(!is_numeric($input)) {
  56. $input = mysql_real_escape_string($input);
  57. }
  58. return $input;
  59. }
  60.  
  61. $username = safedata($username);
  62. $password = safedata($password);
  63. $fname = safedata($fname);
  64. $lname = safedata($lname);
  65. $email = safedata($email);
  66. $location = safedata($location);
  67.  
  68. //open database
  69. $connectdb = mysql_select_db($dbname, $link);
  70. if(!$connectdb) {
  71. die('Could not connect to '.$dbname.': '.mysql_error());
  72. } else {
  73. $testConn = "<br /><small>(connected to <b>".$dbname."</b>)</small>";
  74. }
  75.  
  76. //check username and email availability and return suggestions if necessary
  77.  
  78. function username_avail($username) {
  79. if(isset($username) && $username !=null) {
  80. //sql to check user.username for the same username
  81. $checkuser = mysql_query("SELECT userid, username from user where username='$username'");
  82. $getRows_user = mysql_num_rows($checkuser);
  83. if($getRows_user > 0) {
  84. //need to choose another username. Suggest using current UTC date as suffix?
  85. $message = "<br />Unfortunately <b>$username</b> is taken, please choose another username.";
  86. $message = $message." available alternatives include: $username".(Date("s")-2*Date("H"));
  87. } else {
  88. //call an email check function to see if the email address is already registered to an account.
  89. }
  90.  
  91. } else {
  92. $message = "Please make sure to complete all required fields, thank you.";
  93. }
  94. return $message;
  95. }
  96.  
  97.  
  98.  
  99. //TEMPORARY to be replaced with a generic function
  100. $email_query = mysql_query("SELECT email from user where email='$email'");
  101. $getRows_email = mysql_num_rows($email_query);
  102. if($getRows_email > 0) {
  103. echo "Email account already registered to a user, please check that you have entered your email address correctly.<br />";
  104. } else {
  105. echo " Email is A-Okay.<br />";
  106. }
  107.  
  108. //WORK IN PROGRESS - GENERIC FUNCTION
  109. function in_db($input, $fld, $tbl) {
  110. //generic function to compare input variable with database field to see if it already exists
  111. $sql = mysql_query("SELECT '$fld' FROM '$tbl' WHERE '$fld'='$input'");
  112. $getRows = mysql_num_rows($sql);
  113. if($getRows > 0) {
  114. $found = 1;
  115. } else {
  116. $found = 0;
  117. }
  118. return $found;
  119. }
  120. //connection close
  121. mysql_close($link);
  122.  
  123. //test
  124. echo $username.": $fname $lname.";
  125. echo "<br />email address: ".$email;
  126. echo $testConn."<br />";
  127. echo username_avail($username)."<br />";
  128. echo "same job on ($email), but done with a generic function (in_db()): ";
  129. $fld = "email";
  130. $tbl = "user";
  131. echo in_db($email, $fld, $tbl);
  132. echo "<br /> Return to <a href='index.php'>homepage</a>.";
  133.  
  134. } else {
  135. echo "Sorry, you must agree to the conditions outlined to participate in this website.";
  136. echo "<br />value of \$terms: ".$legal[1];
  137. echo "<br />value of \$over18: ".$legal[0];
  138. }
  139. } else {
  140. echo "Sorry, you are not old enough to participate in this website.";
  141. echo "<br />value of \$terms: ".$legal[1];
  142. echo "<br />value of \$over18: ".$legal[0];
  143. }
  144.  
  145.  
  146. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!