Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //retreive our data from post(from Register.php)
- $username = $_POST['username'];
- $pass1 = $_POST['pass1'];
- $pass2 = $_POST['pass2'];
- $emailadd = $_POST['emailAdd'];
- $uniref = $_POST['uref'];
- $centerID = $_POST['centerID'];
- //validation
- if ((!$username) || (!$pass1) || (!$pass2) || (!$emailAdd) || (!$uniquereference)|| (!$centerID) ){
- $errorMsg = '<u>Error:</u> You did not submit the following credential(s) correctly: <br/>';
- if(!$username){
- $errorMsg .= ' Username<br/>';
- }
- if(!$pass1){
- $errorMsg .= ' Password 1<br/>';
- }
- if(!$pass2){
- $errorMsg .= ' Password 2<br/>';
- }
- if(!$emailadd){
- $errorMsg .= ' Email Address<br/>';
- }
- if(!$uniquereference){
- $errorMsg .= ' Unique Reference<br/>';
- }
- if(!$centerID){
- $errorMsg .= ' Centre ID<br/>';
- }
- else if($pass1 != $pass2){
- $errorMsg = "<u>ERROR:</u><br />Your Passwords do not match.<br />";
- }
- else if (strlen($username) < 4) {
- $errorMsg = "<u>ERROR:</u><br />Your User Name is too short. 4 - 20 characters please.<br />";
- }
- else if (strlen($username) > 20) {
- $errorMsg = "<u>ERROR:</u><br />Your User Name is too long. 4 - 20 characters please.<br />";
- }
- }
- $hash = hash('sha256', $pass1); //hash the file with sha256 algorithm
- //creates a 3 character sequence
- function createSalt()
- {
- $string = md5(uniqid(rand(), true));
- return substr($string, 0, 3);
- }
- $salt = createSalt();
- $hash = hash('sha256', $salt . $hash);
- //database portion
- $dbhost = 'localhost';
- $dbname = 'login';
- $dbuser = 'chris';
- $dbpass = '';
- $conn = mysql_connect($dbhost,$dbuser,$dbpass);
- mysql_select_db($dbname, $conn);
- //sanitize fields
- $username = mysql_real_escape_string($username); //helps prevent mysql injection
- $query = "INSERT INTO users (username, password, emailadd, salt, uniref, centerID)
- VALUES ('$username', '$hash', '$salt', '$emailadd', '$uniref', '$centerID');";
- mysql_query($query);
- mysql_close();
- header('Location: Registry.php'); //direct user to loginHtml.php
- echo "Registry Successful";
- ?>
Add Comment
Please, Sign In to add comment