public function create_user() { global $db; $username = $_POST['req_

1. public function create_user()
2. {
3. global $db;
4.  
5. $username = $_POST['req_username'];
6. $password = $_POST['req_password1'];
7. $email = $_POST['req_email'];
8. $first_name = $_POST['req_firstname'];
9. $last_name = $_POST['req_lastname'];
10. $year = $_POST['req_year'];
11. $month = $_POST['req_month'];
12. $day = $_POST['req_day'];
13. $gender = $_POST['req_gender'];
14. $school = $_POST['req_school'];
15.  
16. /*
17. Check if the username has
18. been registered.
19. */
20. $result = $db->query('SELECT `username` FROM `users` WHERE `username` = \''.$db->escape($username).'\'');
21. if ($db->num_rows($result) > 0)
22. $this->error_msg = 'The username: '.$username.' you are trying to sign up with, has already been registered.';
23.  
24. /*
25. Check if the email addresss has
26. been registered.
27. */
28. $result = $db->query('SELECT `email` FROM `users` WHERE `email` = \''.$db->escape($email).'\'');
29. if ($db->num_rows($result) > 0)
30. $this->error_msg = 'The e-mail address: '.$email.' you are trying to sign up with, has already been registered.';
31.  
32. /*
33. If no errors are found
34. create the user.
35. */
36. if (!$this->error_msg)
37. $result = $db->query('INSERT INTO `users`(`username`, `password`, `email`, `first_name`, `last_name`, `birthday`, `gender`, `school`) VALUES(\''.$db->escape($username).'\', \''.$db->escape($this->hash_pass($password)).'\', \''.$db->escape($email).'\', \''.$db->escape($first_name).'\', \''.$db->escape($last_name).'\', \''.$year. '-' .$month. '-' .$day.'\', \''.$gender.'\', \''.$school.'\')');
38. }