Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- ob_start();
- require('extra/header.php');
- if(!empty($_SESSION['loggedin']))
- {
- if($_SESSION['loggedin'] == 1)
- {
- header("Location: dashboard.php");
- exit();
- }
- }
- $query = "
- SELECT
- signupdisabled
- FROM settings
- ";
- try
- {
- $stmt = $db->prepare($query);
- $result = $stmt->execute();
- }
- catch(PDOException $ex)
- {
- die("Failed to run query: " . $ex->getMessage());
- }
- $row = $stmt->fetch();
- if($row['signupdisabled'] == 1)
- {
- ?>
- <div class="container" style="width:450px;">
- <div class="alert alert-danger" style="text-align: center;">
- <a class="alert-link">Registrations are currently disabled by Administrators</a>
- </div>
- </div><?php
- }
- else
- {
- if(!empty($_POST))
- {
- if(empty($_POST['username']))
- {
- die("Please enter a username.");
- }
- if(empty($_POST['password']))
- {
- die("Please enter a password.");
- }
- if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
- {
- die("Invalid E-Mail Address");
- }
- $query = "
- SELECT
- 1
- FROM users
- WHERE
- username = :username
- ";
- $query_params = array(
- ':username' => $_POST['username']
- );
- try
- {
- $stmt = $db->prepare($query);
- $result = $stmt->execute($query_params);
- }
- catch(PDOException $ex)
- {
- die("Failed to run query: " . $ex->getMessage());
- }
- $row = $stmt->fetch();
- if($row)
- {
- die("This username is already in use");
- }
- $query = "
- SELECT
- 1
- FROM users
- WHERE
- email = :email
- ";
- $query_params = array(
- ':email' => $_POST['email']
- );
- try
- {
- $stmt = $db->prepare($query);
- $result = $stmt->execute($query_params);
- }
- catch(PDOException $ex)
- {
- die("Failed to run query: " . $ex->getMessage());
- }
- $row = $stmt->fetch();
- if($row)
- {
- die("This email address is already registered");
- }
- $query = "
- INSERT INTO users (
- username,
- password,
- salt,
- email
- ) VALUES (
- :username,
- :password,
- :salt,
- :email
- )
- ";
- $salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647));
- $password = hash('sha256', $_POST['password'] . $salt);
- for($round = 0; $round < 65536; $round++)
- {
- $password = hash('sha256', $password . $salt);
- }
- $query_params = array(
- ':username' => $_POST['username'],
- ':password' => $password,
- ':salt' => $salt,
- ':email' => $_POST['email']
- );
- try
- {
- $stmt = $db->prepare($query);
- $result = $stmt->execute($query_params);
- }
- catch(PDOException $ex)
- {
- die("Failed to run query: " . $ex->getMessage());
- }
- header("Location: login.php");
- die("Redirecting to login.php");
- }
- ?>
- <div class="container" style="width:450px;">
- <form class="form-signin" role="form" action="register.php" method="post">
- <h2 class="form-signin-heading">Registration Form</h2>
- <input type="text" name="username" class="form-control" placeholder="Username" required><br />
- <input type="email" name="email" class="form-control" placeholder="Email address" required autofocus><br />
- <input type="password" name="password" class="form-control" placeholder="Password" required><br />
- <center><br />
- <button class="btn btn-lg btn-primary btn-block" type="submit">Register Me</button>
- </form>
- </div>
- <?php } ?>
- <?php require('extra/footer.php'); ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement