<?phprequire "public/assets/include/conf.inc.php";// Login to database

1. <?php
2.  
3. require "public/assets/include/conf.inc.php";
4.  
5. // Login to database
6. function connectDb()
7. {
8.   try
9.   {
10.     $db = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME.";charset=utf8", DB_USER, DB_PWD);
11.     $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
12.   }
13.   catch(PDOException $e)
14.   {
15.     die("Erreur de connection: " . $e->getMessage() );
16.   }
17.   return $db;
18. }
19.  
20. // Register a new user on the website
21. function registerUser()
22. {
23.   $db = connectDb();
24.   $error = false;
25.  
26.   if ($_SERVER["REQUEST_METHOD"] == "POST")
27.   {
28.     // Verify first name input
29.     if (empty($_POST["first-name"]))
30.     {
31.       $_SESSION["errors"]["first_name"] = "A first name is required";
32.       $error = true;
33.     }
34.     else
35.     {
36.       $first_name = verifyInput($_POST["first-name"]);
37.       if (strlen($_POST["first-name"]) < 1 or strlen($_POST["first-name"]) > 100)
38.       {
39.         $_SESSION["errors"]["first_name"] = "Your first name is too long";
40.         $error = true;
41.       }
42.     }
43.  
44.     // Verify last name input
45.     if (empty($_POST["last-name"]))
46.     {
47.       $_SESSION["errors"]["last_name"] = "A last name is required";
48.       $error = true;
49.     }
50.     else
51.     {
52.       $last_name = verifyInput($_POST["last-name"]);
53.       if (strlen($_POST["last-name"]) < 1 or strlen($_POST["last-name"]) > 100)
54.       {
55.         $_SESSION["errors"]["last_name"] = "Your last name is too long";
56.         $error = true;
57.       }
58.     }
59.  
60.     // Verify email input
61.     if (empty($_POST["email"]))
62.     {
63.       $_SESSION["errors"]["email"] = "An email is required";
64.       $error = true;
65.     }
66.     else
67.     {
68.       $email = verifyInput($_POST["email"]);
69.       if (!filter_var($email, FILTER_VALIDATE_EMAIL))
70.       {
71.         $_SESSION["errors"]["email"] = "Invalid email format";
72.         $error = true;
73.       }
74.     }
75.  
76.     // Verify confirm email input
77.     if (empty($_POST["confirm-email"]))
78.     {
79.       $_SESSION["errors"]["confirm_email"] = "You must confirm your email";
80.       $error = true;
81.     }
82.     else
83.     {
84.       $confirm_email = verifyInput($_POST["confirm-email"]);
85.       if($_POST["confirm-email"] != $_POST["email"])
86.       {
87.         $_SESSION["errors"]["confirm_email"] = "Emails do not match";
88.         $error = true;
89.       }
90.     }
91.  
92.     // Verify password input
93.     if (empty($_POST["password"]))
94.     {
95.       $_SESSION["errors"]["password"] = "A password is required";
96.       $error = true;
97.     }
98.     else
99.     {
100.       $password = verifyInput($_POST["password"]);
101.       if(!ctype_alnum($password))
102.       {
103.         $_SESSION["errors"]["password"] = "Only letters and numbers are allowed";
104.         $error = true;
105.       }
106.       if (strlen($_POST["password"]) < 8 or strlen($_POST["password"]) > 20)
107.       {
108.         $_SESSION["errors"]["password"] = "Your password must be between 8 and 20 characters long";
109.         $error = true;
110.       }
111.     }
112.  
113.     // Verify confirm password input
114.     if (empty($_POST["confirm-password"]))
115.     {
116.       $_SESSION["errors"]["confirm_password"] = "You must confirm your password";
117.       $error = true;
118.     }
119.     else
120.     {
121.       $confirm_password = verifyInput($_POST["confirm-password"]);
122.       if($_POST["confirm-password"] != $_POST["password"])
123.       {
124.         $_SESSION["errors"]["confirm_password"] = "Passwords do not match";
125.         $error = true;
126.       }
127.     }
128.  
129.     // Verify username input
130.     if (empty($_POST["username"]))
131.     {
132.       $_SESSION["errors"]["username"] = "An username is required";
133.       $error = true;
134.     }
135.     else
136.     {
137.       $username = verifyInput($_POST["username"]);
138.       if(!ctype_alnum($username))
139.       {
140.         $_SESSION["errors"]["username"] = "Only letters and numbers are allowed";
141.         $error = true;
142.       }
143.       if (strlen($_POST["username"]) < 1 or strlen($_POST["username"]) > 50)
144.       {
145.         $_SESSION["errors"]["username"] = "Your username must be between 1 and 50 characters long";
146.         $error = true;
147.       }
148.     }
149.  
150.     // Verify prefered communication language select
151.     if (empty($_POST["prefered-communication-language"]))
152.     {
153.       $_SESSION["errors"]["prefered_communication_language"] = "A prefered communication language is required";
154.       $error = true;
155.     }
156.     elseif (languageArray($_POST["prefered-communication-language"]) == false)
157.     {
158.       $_SESSION["errors"]["prefered_communication_language"] = "This prefered communication language is invalid";
159.       $error = true;
160.     }
161.  
162.     // Verify country select
163.     if (empty($_POST["country"]))
164.     {
165.       $_SESSION["errors"]["country"] = "A country is required";
166.       $error = true;
167.     }
168.     elseif (countryArray($_POST["country"]) == false)
169.     {
170.       $_SESSION["errors"]["country"] = "This country is invalid";
171.       $error = true;
172.     }
173.  
174.     // Verify birth date select
175.     if (empty($_POST["birth-date"]))
176.     {
177.       $_SESSION["errors"]["birth_date"] = "A birth date is required";
178.       $error = true;
179.     }
180.  
181.     // Verify gender select
182.     if (empty($_POST["gender"]))
183.     {
184.       $_SESSION["errors"]["gender"] = "A gender is required";
185.       $error = true;
186.     }
187.     elseif (genderArray($_POST["gender"]) == false)
188.     {
189.       $_SESSION["errors"]["gender"] = "This gender is invalid";
190.       $error = true;
191.     }
192.  
193.     // Verify ToS check
194.     if (!isset($_POST["tos"]))
195.     {
196.       $_SESSION["errors"]["tos"] = "You must validate the conditions";
197.       $error = true;
198.     }
199.   }
200.  
201.   // Verify that the email isn't already used
202.   $query = $db->prepare("SELECT COUNT(email) FROM user WHERE email=:email");
203.   $query->bindParam(':email', $email);
204.   $query->execute();
205.   $count = $query->fetch();
206.   if ($count[0] > 0)
207.   {
208.     $_SESSION["errors"]["email"] = "Email is already in use";
209.     $error = true;
210.   }
211.  
212.   // Register the new user account in the database
213.   if(!$error)
214.   {
215.     $query = $db->prepare("INSERT INTO user (email, password, username, prefered_communication_language, first_name, last_name, country, birth_date, gender) VALUES (:email, :password, :username, :prefered_communication_language, :first_name, :last_name, :country, :birth_date, :gender)");
216.     $query->bindParam(':email', $email);
217.     $query->bindParam(':password', $password);
218.     $query->bindParam(':username', $username);
219.     $query->bindParam(':prefered_communication_language', $_POST["prefered-communication-language"]);
220.     $query->bindParam(':first_name', $first_name);
221.     $query->bindParam(':last_name', $last_name);
222.     $query->bindParam(':country', $_POST["country"]);
223.     $query->bindParam(':birth_date', $_POST["birth-date"]);
224.     $query->bindParam(':gender', $_POST["gender"]);
225.  
226.     $password = password_hash($_POST["password"], PASSWORD_DEFAULT);
227.  
228.     $query->execute();
229.  
230.     $_SESSION["accountCreated"] = 1;
231.     header("Location: /login.php");
232.     exit;
233.   }
234. }
235.  
236. // Verification of user input: removing leading and trailing spaces, removing backslashes, converting special characters to HTML entities
237. function verifyInput($data)
238. {
239.     $data = trim($data);
240.     $data = stripslashes($data);
241.     $data = htmlspecialchars($data);
242.     return $data;
243. }
244.  
245. // Check if prefered communication language value is correct
246. function languageArray($language)
247. {
248.   $language_array = ["Afrikanns", "Albanian", "Arabic", "Armenian", "Basque", "Bengali", "Bulgarian", "Catalan", "Cambodian", "Chinese (Mandarin)", "Croation", "Czech", "Danish", "Dutch", "English", "Estonian", "Fiji", "Finnish",
249.   "French", "Georgian", "German", "Greek", "Gujarati", "Hebrew", "Hindi", "Hungarian", "Icelandic", "Indonesian", "Irish", "Italian", "Japanese", "Javanese", "Korean", "Latin", "Latvian", "Lithuanian", "Macedonian",
250.   "Malay", "Malayalam", "Maltese", "Maori", "Marathi", "Mongolian", "Nepali", "Norwegian", "Persian", "Polish", "Portuguese", "Punjabi", "Quechua", "Romanian", "Russian", "Samoan", "Serbian", "Slovak", "Slovenian", "Spanish",
251.   "Swahili", "Swedish", "Tamil", "Tatar", "Telugu", "Thai", "Tibetan", "Tonga", "Turkish", "Ukranian", "Urdu", "Uzbek", "Vietnamese", "Welsh", "Xhosa"];
252.   if (in_array($language, $language_array))
253.   {
254.     return true;
255.   }
256.   else
257.   {
258.     return false;
259.   }
260. }
261.  
262. // Check if country value is correct
263. function countryArray($country)
264. {
265.   $country_array = ["Afghanistan", "Aland Islands", "Albania", "Algeria", "American Samoa", "Andorra", "Angola", "Anguilla", "Antarctica", "Antigua", "Argentina", "Armenia", "Aruba", "Australia", "Austria", "Azerbaijan", "Bahamas", "Bahrain", "Bangladesh",
266.   "Barbados", "Barbuda", "Belarus", "Belgium", "Belize", "Benin", "Bermuda", "Bhutan", "Bolivia", "Bosnia", "Botswana", "Bouvet Island", "Brazil", "British Indian Ocean Trty.", "Brunei Darussalam", "Bulgaria", "Burkina Faso", "Burundi", "Caicos Islands", "Cambodia",
267.   "Cameroon", "Canada", "Cape Verde", "Cayman Islands", "Central African Republic", "Chad", "Chile", "China", "Christmas Island", "Cocos (Keeling) Islands", "Colombia", "Comoros", "Congo", "Congo, Democratic Republic of the", "Cook Islands", "Costa Rica", "Cote d'Ivoire", "Croatia", "Cuba", "Cyprus",
268.   "Czech Republic", "Denmark", "Djibouti", "Dominica", "Dominican Republic", "Ecuador", "Egypt", "El Salvador", "Equatorial Guinea", "Eritrea", "Estonia", "Ethiopia", "Falkland Islands (Malvinas)", "Faroe Islands", "Fiji", "Finland", "France", "French Guiana", "French Polynesia", "French Southern Territories",
269.   "Futuna Islands", "Gabon", "Gambia", "Georgia", "Germany", "Ghana", "Gibraltar", "Greece", "Greenland", "Grenada", "Guadeloupe", "Guam", "Guatemala", "Guernsey", "Guinea", "Guinea-Bissau", "Guyana", "Haiti", "Heard", "Herzegovina",
270.   "Holy See", "Honduras", "Hong Kong", "Hungary", "Iceland", "India", "Indonesia", "Iran (Islamic Republic of)", "Iraq", "Ireland", "Isle of Man", "Israel", "Italy", "Jamaica", "Jan Mayen Islands", "Japan", "Jersey", "Jordan", "Kazakhstan", "Kenya",
271.   "Kiribati", "Korea", "Korea (Democratic)", "Kuwait", "Kyrgyzstan", "Lao", "Latvia", "Lebanon", "Lesotho", "Liberia", "Libyan Arab Jamahiriya", "Liechtenstein", "Lithuania", "Luxembourg", "Macao", "Macedonia", "Madagascar", "Malawi", "Malaysia", "Maldives",
272.   "Mali", "Malta", "Marshall Islands", "Martinique", "Mauritania", "Mauritius", "Mayotte", "McDonald Islands", "Mexico", "Micronesia", "Miquelon", "Moldova", "Monaco", "Mongolia", "Montenegro", "Montserrat", "Morocco", "Mozambique", "Myanmar", "Namibia",
273.   "Nauru", "Nepal", "Netherlands", "Netherlands Antilles", "Nevis", "New Caledonia", "New Zealand", "Nicaragua", "Niger", "Nigeria", "Niue", "Norfolk Island", "Northern Mariana Islands", "Norway", "Oman", "Pakistan", "Palau", "Palestinian Territory, Occupied", "Panama", "Papua New Guinea",
274.   "Paraguay", "Peru", "Philippines", "Pitcairn", "Poland", "Portugal", "Principe", "Puerto Rico", "Qatar", "Reunion", "Romania", "Russian Federation", "Rwanda", "Saint Barthelemy", "Saint Helena", "Saint Kitts", "Saint Lucia", "Saint Martin (French part)", "Saint Pierre", "Saint Vincent",
275.   "Samoa", "San Marino", "Sao Tome", "Saudi Arabia", "Senegal", "Serbia", "Seychelles", "Sierra Leone", "Singapore", "Slovakia", "Slovenia", "Solomon Islands", "Somalia", "South Africa", "South Georgia", "South Sandwich Islands", "Spain", "Sri Lanka", "Sudan", "Suriname",
276.   "Svalbard", "Swaziland", "Sweden", "Switzerland", "Syrian Arab Republic", "Taiwan", "Tajikistan", "Tanzania", "Thailand", "The Grenadines", "Timor-Leste", "Tobago", "Togo", "Tokelau", "Tonga", "Trinidad", "Tunisia", "Turkey", "Turkmenistan", "Turks Islands",
277.   "Tuvalu", "Uganda", "Ukraine", "United Arab Emirates", "United Kingdom", "United States", "Uruguay", "US Minor Outlying Islands", "Uzbekistan", "Vanuatu", "Vatican City State", "Venezuela", "Vietnam", "Virgin Islands (British)", "Virgin Islands (US)", "Wallis", "Western Sahara", "Yemen", "Zambia", "Zimbabwe"];
278.   if (in_array($country, $country_array))
279.   {
280.     return true;
281.   }
282.   else
283.   {
284.     return false;
285.   }
286. }
287.  
288. // Check if gender value is correct
289. function genderArray($gender)
290. {
291.   $gender_array = ["Male", "Female", "Not specified"];
292.   if (in_array($gender, $gender_array))
293.   {
294.     return true;
295.   }
296.   else
297.   {
298.     return false;
299.   }
300. }
301.  
302. ?>