<?phpinclude 'connect.php'; $error = 0; $valueUsername = mysqli_re

1. <?php
2.  
3. include 'connect.php';
4.  
5. $error = 0;
6.  
7.  
8. $valueUsername = mysqli_real_escape_string($link, $_POST['username']);
9. $valuePassword = mysqli_real_escape_string($link, $_POST['password']);
10. $valueeMail = mysqli_real_escape_string($link, $_POST['email']);
11. $valueRealName = mysqli_real_escape_string($link, $_POST['realname']);
12. $valueAge = mysqli_real_escape_string($link, $_POST['age']);
13.  
14. $usernameQuery = "SELECT username FROM accounts WHERE username='$valueUsername'";
15. $checkUsername = mysqli_query($link, $usernameQuery);
16.  
17. if(0 < mysqli_num_rows($checkUsername))
18. {
19. echo '<script>alert("That username has already been used.");</script>';
20. $error++;
21. }
22.  
23. if(0 === preg_match("/\S+/", $_POST['username']))
24. {
25. echo '<script>alert("Your username is invalid.");</script>';
26. $error++;
27. }
28.  
29. if(0 === preg_match("/.{10,}/", $_POST['password']))
30. {
31. echo '<script>alert("The password entered was invalid. (Too short)");</script>';
32. $error++;
33. }
34.  
35. if(0 === preg_match("/\S+/", $_POST['realname']))
36. {
37. echo '<script>alert("Please enter a real name.");</script>';
38. $error++;
39. }
40.  
41. if (0 === preg_match("/.+@.+\..+/", $_POST['email']))
42. {
43. echo '<script>alert("Invalid e-mail.");</script>';
44. }
45.  
46. $emailQuery="SELECT email FROM accounts WHERE email='$valueeMail'";
47. $checkEmail = mysqli_query($link, $emailQuery);
48.  
49. if(0 < mysqli_num_rows($checkEmail))
50. {
51. echo '<script>alert("That e-mail has already been used.");</script>';
52. $error++;
53. }
54.  
55. if(0 === preg_match("/\S+/", $_POST['age']))
56. {
57. echo '<script>alert("Please enter your age.");</script>';
58. $error++;
59. }
60.  
61.  
62. function unique_salt() {
63.  
64. return substr(sha1(mt_rand()),0,22);
65. }
66.  
67. $uniqueSalt = unique_salt();
68.  
69.  
70. function myhash($valuePassword, $uniqueSalt)
71. {
72.  
73.  
74. $hash = sha1($uniqueSalt . $valuePassword);
75.  
76.  
77. for ($i = 0; $i < 1000; $i++)
78. {
79. $hash = sha1($hash);
80. }
81.  
82. return $hash;
83. }
84.  
85. $hash = myhash($valuePassword, $uniqueSalt);
86. if ($error<1)
87. {
88. $sql = "INSERT INTO accounts (username, password, Salt, email, realname, age) VALUES ('$valueUsername', '$hash', '$uniqueSalt', '$valueeMail', '$valueRealName', '$valueAge')";
89. }
90.  
91.  
92.  
93. if($error > 0)
94. {
95. echo '<script>alert("Try again!");</script>';
96. header("refresh:0; url= registration.php");
97. }
98.  
99. else
100. {
101. header("refresh:3; url= login.php");
102. echo '<h1 style="text-align: center; font-weight:600;">Account created,</h1><h2 style="text-align: center;"> redirecting to login page in a few seconds...</h2>';
103. }
104.  
105.  
106.  
107.  
108. mysqli_close($link);