<?php include_once 'header.php';?><section class="main-container"> <d

1. <?php
2. include_once 'header.php';
3. ?>
4.  
5. <section class="main-container">
6. <div class="main-wrapper">
7. <h2>Signup</h2>
8. <form class="signup-form" action="includes/signup.inc.php" method="POST">
9. <input type="text" name="first" placeholder="Firstname">
10. <input type="text" name="last" placeholder="Lastname">
11. <input type="text" name="email" placeholder="E-mail">
12. <input type="text" name="uid" placeholder="Username">
13. <input type="text" name="pwd" placeholder="Password">
14. <button type="submit" name="submit">Sign up</button>
15. </form>
16. </div>
17. </section>
18.  
19. <?php
20. include_once 'footer.php';
21. ?>
22.  
23. <?php
24.  
25. if (isset($_POST['submit'])) {
26.  
27. include_once 'dbh.inc.php';
28.  
29. $first = mysqli_real_escape_string($conn, $_POST['first']);
30. $last = mysqli_real_escape_string($conn, $_POST['last']);
31. $email = mysqli_real_escape_string($conn, $_POST['email']);
32. $uid = mysqli_real_escape_string($conn, $_POST['uid']);
33. $pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
34.  
35. //Error handlers
36. //Check for empty fields
37. if (empty($first) || empty($last) || empty($email) || empty($uid) || empty($pwd)) {
38. header("Location: ../signup.php?signup=empty");
39. exit();
40. } else {
41. //Check if input characters are valid
42. if (!preg_match("/^[a-zA-Z]*$/", $first) || !preg_match("/^[a-zA-Z]*$", $last)) {
43. header("Location: ../signup.php?signup=invalid");
44. exit();
45. } else {
46. //Check if email is valid
47. if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
48. header("Location: ../signup.php?signup=email");
49. exit();
50. } else {
51. $sql = "SELECT * FROM users WHERE user_uid='$uid'";
52. $result = mysqli_query($conn, $sql);
53. $resultCheck = mysqli_num_rows($result);
54.  
55. if ($resultCheck > 0) {
56. header("Location: ../signup.php?signup=usertaken");
57. exit();
58. } else {
59. //Hashing the password
60. $hashedPwd = password_hash($pwd, PASSWORD_DEFAULT);
61. //Insert the user into the database
62. $sql = "INSERT INTO users (user_first, user_last, user_email, user_uid, user_pwd) VALUES ('$first', '$last', '$email', '$uid', '$hashedPwd');";
63. mysqli_query($conn, $sql);
64. header("Location: ../signup.php?signup=success");
65. exit();
66. }
67. }
68. }
69. }
70.  
71. } else {
72. header("Location: ../signup.php");
73. exit();
74. }
75.  
76. <?php
77.  
78. $dbServername = "MYSERVERNAME";
79. $dbUsername = "MYUSERNAME";
80. $dbPassword = "MYPASSWORD";
81. $dbName = "MYDATABASENAME";
82.  
83. $conn = mysqli_connect($dbServername, $dbUsername, $dbPassword, $dbName);