API tools faq
paste
Guest User

Untitled

a guest
Apr 22nd, 2019
74
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.72 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. session_start();
  3.  
  4. // initializing variables
  5. $username = "";
  6. $email = "";
  7. $errors = array();
  8.  
  9. // connect to the database
  10. $db = mysqli_connect('localhost', 'root', '', 'hello4');
  11.  
  12. // REGISTER USER
  13. if (isset($_POST['reg_user'])) {
  14. // receive all input values from the form
  15. $username = mysqli_real_escape_string($db, $_POST['username']);
  16. $email = mysqli_real_escape_string($db, $_POST['email']);
  17. $password_1 = mysqli_real_escape_string($db, $_POST['password_1']);
  18. $password_2 = mysqli_real_escape_string($db, $_POST['password_2']);
  19.  
  20. // form validation: ensure that the form is correctly filled
  21.  
  22. if (empty($username)) { array_push($errors, "Username is required"); }
  23. if (empty($email)) { array_push($errors, "Email is required"); }
  24. if (empty($password_1)) { array_push($errors, "Password is required"); }
  25. if ($password_1 != $password_2) {
  26. array_push($errors, "The two passwords do not match");
  27. }
  28.  
  29. // first check the database to make sure
  30. // a user does not already exist with the same username and/or email
  31. $user_check_query = "SELECT * FROM users WHERE username='$username' OR email='$email' LIMIT 1";
  32. $result = mysqli_query($db, $user_check_query);
  33. $user = mysqli_fetch_assoc($result);
  34.  
  35. if ($user) { // if user exists
  36. if ($user['username'] === $username) {
  37. array_push($errors, "Username already exists");
  38. }
  39.  
  40. if ($user['email'] === $email) {
  41. array_push($errors, "email already exists");
  42. }
  43. }
  44.  
  45. // Finally, register user if there are no errors in the form
  46. if (count($errors) == 0) {
  47. $password = md5($password_1);//encrypt the password before saving in the database
  48.  
  49. $query = "INSERT INTO users (username, email, password)
  50. VALUES('$username', '$email', '$password')";
  51. mysqli_query($db, $query);
  52. $_SESSION['username'] = $username;
  53. $_SESSION['success'] = "You are now logged in";
  54. header('location: index.php');
  55. }
  56. }
  57. // LOGIN USER
  58. if (isset($_POST['login_user'])) {
  59. $username = mysqli_real_escape_string($db, $_POST['username']);
  60. $password = mysqli_real_escape_string($db, $_POST['password']);
  61.  
  62. if (empty($username)) {
  63. array_push($errors, "Username is required");
  64. }
  65. if (empty($password)) {
  66. array_push($errors, "Password is required");
  67. }
  68.  
  69. if (count($errors) == 0) {
  70. $password = md5($password);
  71. $query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
  72. $results = mysqli_query($db, $query);
  73. if (mysqli_num_rows($results) == 1) {
  74. $_SESSION['username'] = $username;
  75. $_SESSION['success'] = "You are now logged in";
  76. header('location: index.php');
  77. }else {
  78. array_push($errors, "Wrong username/password combination");
  79. }
  80. }
  81. }
  82.  
  83. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!