/* validate.php *///the form has been submitted with postif ($_SERVER["REQ

1. /* validate.php */
2.  
3. //the form has been submitted with post
4. if ($_SERVER["REQUEST_METHOD"] == "POST") {
5.  
6. //two passwords are equal to each other
7. if ($_POST['password'] == $_POST['confirmpassword']) {
8.  
9. //define other variables with submitted values from $_POST
10. $username = $mysqli->real_escape_string($_POST['username']);
11. $email = $mysqli->real_escape_string($_POST['email']);
12.  
13. //md5 hash password for security
14. $password = md5($_POST['password']);
15.  
16. //path were our avatar image will be stored
17. $avatar_path = $mysqli->real_escape_string('images/'.$_FILES['avatar']['name']);
18.  
19. //make sure the file type is image
20. if (preg_match("!image!",$_FILES['avatar']['type'])) {
21.  
22. //copy image to images/ folder
23. if (copy($_FILES['avatar']['tmp_name'], $avatar_path)){
24.  
25. //set session variables to display on welcome page
26. $_SESSION['username'] = $username;
27. $_SESSION['avatar'] = $avatar_path;
28.  
29. //insert user data into database
30. $sql =
31. "INSERT INTO users (username, email, password, avatar) "
32. . "VALUES ('$username', '$email', '$password', '$avatar_path')";
33.  
34. //check if mysql query is successful
35. if ($mysqli->query($sql) === true){
36. $_SESSION['message'] = "Registration successful!"
37. . "Added $username to the database!";
38. //redirect the user to welcome.php
39. header("location: welcome.php");
40. }
41. }
42. }
43. }
44. }