Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once ('../includes/config.inc.php');
- $currentpg = 'register';
- $page_title = 'Register';
- $formWidth1 = '340px';
- $bodyId = 'blueBackground';
- include('../includes/default_header.inc');
- //if the user has registered
- if (isset($_POST['submitted'])) {
- require_once (MYSQL); //gets the database connection
- $errors = array(); // declares the errors array that will be printed at end of validation if needed
- //trim spaces off all entered registration data
- $trimmed = array_map('trim', $_POST);
- $spacelessUn = str_replace (" ","",$trimmed['username']);
- //Assume all entries are invalid
- $un = $e = $p = $ic = FALSE; //$un = username, $e = email, $p = password, $ic = invite code
- //Validate the username
- if (preg_match ('/^[A-Z \'.-]{2,20}$/i', $spacelessUn)) {
- $un = mysqli_real_escape_string ($dbc, $spacelessUn);
- } else { //if validation of the username fails then
- $errors[] = '<span>Please enter a valid Username.<span>';
- }
- //Validate the email
- if (preg_match ('/^[\w.-]+@[\w.-]+\.[A-Za-z]{2,6}$/', $trimmed['email'])) {
- $e = mysqli_real_escape_string ($dbc, strtolower($trimmed['email']));
- //ensure that the email is not currently in use
- $q = "SELECT user_id FROM users WHERE email='$e'";
- $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
- if (mysqli_num_rows($r) > 0) { //if the email is available for use
- $e = FALSE;
- $errors[] = '<span>That email is currently registered</span>';
- }
- } else { //if the email is not valid
- $errors[] = '<span>Please enter a valid Email.<span>';
- }
- //Validate the password
- if (preg_match ('/^\w{4,20}$/', $trimmed['password1'])) {
- if ($trimmed['password1'] == $trimmed['password2']) {
- $p = mysqli_real_escape_string ($dbc, $trimmed['password1']);
- } else { //if the passwords don't match
- $errors[] = '<span>Your passwords do not match!</span>';
- }
- } else { //if the password does not validate
- $errors[] = '<span>Please enter a valid Password.</span>';
- }
- if (preg_match ('/^\w{4,20}$/', $trimmed['invitecode'])) {
- $ic = mysqli_real_escape_string ($dbc, $trimmed['invitecode']);
- //verify that invite code is valid
- $q = "SELECT total_invites FROM invites WHERE code='$ic'";
- $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
- if (mysqli_num_rows($r) == 0) { //if the email is available for use
- $ic = FALSE;
- $errors[] = '<span>That invite code is no longer valid.</span>';
- } else {
- $q = "UPDATE invites SET total_invites = total_invites - 1 WHERE code = '$ic'";
- $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
- }
- } else { //if the invite code was not entered.
- $errors[] = '<span>Please enter your invite code.</span>';
- }
- if (!isset($_POST['tosagree']) || $_POST['tosagree'] != "agreed" ) {//if the user did not agree to ToS
- $errors[] = '<span>Please agree to the Terms of Service.<span>';
- }
- if ($un && $e && $p && $ic) { //if there are no errors
- //create email activation code
- $a = md5(uniqid(rand(), true));
- //Add the user to the database
- $q = "INSERT INTO users (username, pass, email, activated, registration_date) VALUES ('$un', SHA1('$p'), '$e', '$a', NOW() )";
- $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
- if (mysqli_affected_rows($dbc) == 1) {//if the query ran correctly and the user was added to the database
- //Send activation email
- $body = "Hey $un,\n\nWelcome to \n\nThanks for registering. I am very excited to hear what you think of it. We are currently in Alpha testing stage so expect it to only get better!\n\nOne last thing, to finish your registration you need to confirm your email address. To activate your email address please click this link:\n\n";
- $body .= BASE_URL . 'activate.php?x=' . urlencode($e) . "&y=$a";
- $body .= "\n\nIf at any time you need help, have thoughts, or just want to talk you can email me at . I would love to here from you! \n\nThanks and I hope you have fun learning";
- mail($trimmed['email'], 'Thanks for registering!', $body, 'From: example@email.com');
- echo '<p>Thanks for registering! Please check your email to confirm your account. If you do not see the email make sure to check your spam folder for an email from <a href="mailto:example@email.com">example@email.com</a>.<p>';
- echo '<p>Get started: <a>Home</a>, <a>Create a Test</a>, <a>My Setttings</a></p>';
- $q = "SELECT user_id, username, user_level FROM users WHERE (email='$e' AND pass=SHA1('$p'))";
- $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
- if (@mysqli_num_rows($r) == 1) { //the user matches a user in the db
- $_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC);
- } else {
- echo 'could not log you in!';
- }
- include('../includes/default_footer.inc');
- exit(); //Stop page from loading anything else
- } else { //if db query did not run correctly
- echo 'I am sorry. You could not be registered because of a system error. Please try again later.';
- }
- }
- mysqli_close($dbc);
- }//end of isset if (checks to see if user has registered and if it should handle the form)
- ?>
- <div id="formContainer">
- <form id="centeredForm" action="?" method="post">
- <p id="formTitle">Register</p>
- <?php
- if (isset($_POST['submitted'])) {
- echo '<div id="formErrors">';
- if (!empty($errors)){
- foreach ($errors as $value) {
- echo "$value<br />\n";
- }
- }
- echo '</div>';
- }
- ?>
- <table id="formTable">
- <tr class="rowHover"><td class="hoverPad">
- <label>Username</label>
- </td><td>
- <input type="text" class="formInput" name="username" value="<?php if(isset($spacelessUn)) echo $spacelessUn; ?>" >
- </td></tr>
- <tr class="rowHover"><td class="hoverPad">
- <label>Email</label>
- </td><td>
- <input type="text" class="formInput" name="email" value="<?php if(isset($trimmed['email'])) echo $trimmed['email']; ?>" >
- </td></tr>
- <tr class="rowHover"><td class="hoverPad">
- <label>Password</label>
- </td><td>
- <input type="password" class="formInput" name="password1">
- </td></tr>
- <tr class="rowHover"><td class="hoverPad">
- <label>Retype Password</label>
- </td><td>
- <input type="password" class="formInput" name="password2">
- </td></tr>
- <tr class="rowHover"><td class="hoverPad">
- <label>Alpha Code</label>
- </td><td>
- <input type="text" class="formInput" name="invitecode" value="<?php if(isset($trimmed['invitecode'])) echo $trimmed['invitecode']; ?>" >
- </td></tr>
- <tr><td>
- </td><td>
- <input type="hidden" value="TRUE" name="submitted">
- </td></tr>
- <tr><td>
- </td><td class="rowHover" id="tosRow">
- <input id="tosagreeCheck" type="checkbox" name="tosagree" value="agreed">
- <label for="tosagreeCheck">I agree to the <a>Terms of Service</a></label>
- </td>
- </tr><tr>
- <td></td>
- <td>
- <input type="submit" value="Sign Up" class="formBttn" name="submit">
- </td></tr>
- </table>
- </form>
- </div>
- <?php
- include('../includes/default_footer.inc');
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement