Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <form id='login' action='log_in.php' method='post' accept-charset='UTF-8'>
- <fieldset >
- <legend>Login</legend>
- <input type='hidden' name='submitted' id='submitted' value='1'/>
- <label for='username' >Username:
- </label>
- <input type='text' name='username' id='username'/>
- <label for='password' >Password:
- </label>
- <input type='password' name='password' id='password'/>
- <label for='confirm_password' > Confirm Password:
- </label>
- <input type='password' name='confirm_password' id='confirm_password'/>
- <input type='submit' name='Submit' value='Submit' />
- </fieldset>
- </form>
- <?php
- if (isset($_POST["Submit"])){
- $errors = array();
- $user = $_POST['username'];
- $password = $_POST['password'];
- $hash = password_hash($password, PASSWORD_DEFAULT);
- $log_name = "validation.log";
- $log_timestamp = date("Y-m-d", time());
- $log_data = $user . " " . $hash . " " . $log_timestamp;
- //checks the username for the REGEX requirements
- if(preg_match("/^[0-9a-zA-Z_]{6,12}$/", $_POST["username"]) === 0)
- $errors[] ="Invalid username. A username must contain 6-12 characters and can only use numbers, letters, and underscores.";
- //checks the password for the REGEX requirements
- if(preg_match("/^.*(?=.{8,16})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/", $_POST["password"]) === 0)
- $errors[] ="Invalid password. Password must be 8-16 characters and contain at least one uppercase letter, one number, one special character and no spaces.";
- //Makes sure the passwords match
- if ($_POST["password"] !== $_POST["confirm_password"])
- $errors[] ="Passwords do not match.";
- //checks if username is blank
- if (empty($_POST['username']))
- $errors[] ="Username cannot be left blank.";
- //checks if password is blank
- if(empty($_POST["password"]))
- $errors[] ="Password cannot be left blank.";
- //checks to see that the user entered their password twice
- if(empty($_POST["confirm_password"]))
- $errors[] ="Please enter your password in the Confirm Password field. It cannot be left blank.";
- //prints out any errors
- if (count($errors) > 0){
- foreach ($errors as $error)
- echo $error."<br/>";
- }
- // if successful, writes data into a log file and prints the password hash
- else{
- echo $hash;
- file_put_contents($log_name, $log_data);
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement