Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!DOCTYPE html>
- <html>
- <head>
- <title>Register</title>
- </head>
- <body>
- <form action="" method="post" name="form1">
- <table>
- <tr>
- <td>Enter your first name*</td>
- <td><input type="text" name="fname" required="yes" pattern="^[a-z1-9]+"></td>
- <td><p>Username takes only small letters or numbers, no capital letters</p></td>
- </tr>
- <tr>
- <td>Enter your last name*</td>
- <td><input type="text" name="lname" required="yes"></td>
- </tr>
- <tr>
- <td>Enter your password*</td>
- <td><input type="password" name="pw" required="yes"></td>
- </tr>
- <tr>
- <td>Enter your email adress*</td>
- <td><input type="email" name="email" required="yes"></td>
- </tr>
- <tr>
- <td>Enter your username*</td>
- <td><input type="text" name="uname" required="yes"></td>
- </tr>
- <tr>
- <td><input type="submit" value="submit" name="submit1"></input></td>
- </tr>
- </table>
- </form>
- </body>
- </html>
- <?php
- if(isset($_POST['submit1']))
- {
- /**
- * Your application salt.
- */
- $myApplicationSalt = '$6$1234567890123456';
- /**
- * Connect to your database.
- */
- try
- {
- $db_server = 'localhost';
- $db_name = 'root';
- $db_password = "";
- $db = "loginregister";
- $conn = mysqli_connect($db_server,$db_name,$db_password,$db);
- }
- /**
- * Here is where you prepare your query.
- * This is what you did in your piece of code, but never executed.
- */
- /**
- * Your passwords should not be stored in plain-text. Ever.
- * And as John Conde pointed out, password_hash is the better way to do this.
- */
- $password = $_POST['pw'];
- $firstname = $_POST['fname'];
- $lastname = $_POST['lname'];
- $username = $_POST['uname'];
- $email = $_POST['email'];
- $firstname = mysqli_real_escape_string($conn , $firstname);
- $lastname = mysqli_real_escape_string($conn , $lastname);
- $username = mysqli_real_escape_string($conn , $username);
- $email = mysqli_real_escape_string($conn , $email);
- $password = mp5($password);
- $sql = "SELECT email FROM registration WHERE email='".$email."'";
- $result = mysqli_query($conn , $sql);
- $row = mysqli_fetch_array($result , MYSQLI_ASSOC);
- if (mysqli_num_rows($result) == 1) {
- echo "Sorry... This email is already in use!";
- } else {
- $sqlu = "SELECT uname FROM registration WHERE uname='".$username."'";
- $result1 = mysqli_query($conn , $sqlu);
- $row1 = mysqli_fetch_array($result1 , MYSQLI_ASSOC);
- if (mysqli_num_rows($result1) == 1) {
- echo "This username is in use! please pick a different one!";
- } else {
- $query = mysqli_query($conn , "INSERT INTO registration(fname , lname , uname , email , pw)VALUES ('$firstname' , '$lastname' , '$username' , '$email' , '$password')");
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement