<?php session_start(); $username = ""; $email = ""; $errors

1. <?php
2. session_start();
3. $username = "";
4. $email = "";
5. $errors = array();
6.  
7. $db = mysqli_connect('localhost','root','','registration');
8.  
9. if(isset($_POST['register'])){
10. $username = mysqli_real_escape_string($db,$_POST['username']);
11. $email = mysqli_real_escape_string($db,$_POST['email']);
12. $password = mysqli_real_escape_string($db,$_POST['password']);
13. $password2 = mysqli_real_escape_string($db,$_POST['password2']);
14.  
15. if(empty($username)){
16. array_push($errors, "Username is required");
17. }
18. if(empty($email)){
19. array_push($errors, "Email is required");
20. }
21. if(empty($password)){
22. array_push($errors, "Password is required");
23. }
24.  
25. if($password != $password2){
26. array_push($errors, "The two password do not match");
27. }
28. if(count($errors) == 0){
29. $sql = "INSERT INTO users (username, email, password) VALUES ('$username','$email','$password')";
30. mysqli_query($db, $sql);
31. $_SESSION['username'] = $username;
32. $_SESSION['success'] = "You are now logged in";
33. header('location:index.php');
34. }
35.  
36. }
37.  
38. if(isset($_POST['login'])){
39. $username = mysqli_real_escape_string($db,$_POST['username']);
40. $password = mysqli_real_escape_string($db,$_POST['password']);
41.  
42. if(empty($username)){
43. array_push($errors, "Username is required");
44. }
45. if(empty($password)){
46. array_push($errors, "Password is required");
47. }
48. if(count($errors) == 0){
49. $query = "SELECT * FROM users WHERE username ='$username' AND password ='$password'";
50. $result = mysqli_query($db, $query);
51. if(mysqli_num_rows($result) > 0){
52. header('location:add.php');
53.  
54. } else{
55. array_push($errors, "wrong username or password");
56. }
57. }
58. }
59.  
60. if(isset($_GET['logout'])){
61. session_destroy();
62. unset($_SESSION['username']);
63. header('location: login.php');
64.  
65. }
66.  
67. ?>