API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 30th, 2017
66
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 6.88 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. require_once ('../includes/config.inc.php');
  4. $currentpg = 'register';
  5. $page_title = 'Register';
  6. $formWidth1 = '340px';
  7. $bodyId = 'blueBackground';
  8.  
  9. include('../includes/default_header.inc');
  10.  
  11. //if the user has registered
  12. if (isset($_POST['submitted'])) {
  13.  
  14. require_once (MYSQL); //gets the database connection
  15.  
  16. $errors = array(); // declares the errors array that will be printed at end of validation if needed
  17.  
  18. //trim spaces off all entered registration data
  19. $trimmed = array_map('trim', $_POST);
  20.  
  21. $spacelessUn = str_replace (" ","",$trimmed['username']);
  22.  
  23. //Assume all entries are invalid
  24. $un = $e = $p = $ic = FALSE; //$un = username, $e = email, $p = password, $ic = invite code
  25.  
  26. //Validate the username
  27. if (preg_match ('/^[A-Z \'.-]{2,20}$/i', $spacelessUn)) {
  28.  
  29. $un = mysqli_real_escape_string ($dbc, $spacelessUn);
  30.  
  31. } else { //if validation of the username fails then
  32.  
  33. $errors[] = '<span>Please enter a valid Username.<span>';
  34.  
  35. }
  36.  
  37. //Validate the email
  38. if (preg_match ('/^[\w.-]+@[\w.-]+\.[A-Za-z]{2,6}$/', $trimmed['email'])) {
  39. $e = mysqli_real_escape_string ($dbc, strtolower($trimmed['email']));
  40.  
  41. //ensure that the email is not currently in use
  42. $q = "SELECT user_id FROM users WHERE email='$e'";
  43. $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
  44.  
  45. if (mysqli_num_rows($r) > 0) { //if the email is available for use
  46.  
  47. $e = FALSE;
  48. $errors[] = '<span>That email is currently registered</span>';
  49.  
  50. }
  51.  
  52. } else { //if the email is not valid
  53. $errors[] = '<span>Please enter a valid Email.<span>';
  54. }
  55.  
  56. //Validate the password
  57. if (preg_match ('/^\w{4,20}$/', $trimmed['password1'])) {
  58.  
  59. if ($trimmed['password1'] == $trimmed['password2']) {
  60. $p = mysqli_real_escape_string ($dbc, $trimmed['password1']);
  61. } else { //if the passwords don't match
  62. $errors[] = '<span>Your passwords do not match!</span>';
  63. }
  64.  
  65. } else { //if the password does not validate
  66.  
  67. $errors[] = '<span>Please enter a valid Password.</span>';
  68.  
  69. }
  70.  
  71. if (preg_match ('/^\w{4,20}$/', $trimmed['invitecode'])) {
  72.  
  73. $ic = mysqli_real_escape_string ($dbc, $trimmed['invitecode']);
  74.  
  75. //verify that invite code is valid
  76. $q = "SELECT total_invites FROM invites WHERE code='$ic'";
  77. $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
  78.  
  79. if (mysqli_num_rows($r) == 0) { //if the email is available for use
  80.  
  81. $ic = FALSE;
  82. $errors[] = '<span>That invite code is no longer valid.</span>';
  83.  
  84. } else {
  85.  
  86. $q = "UPDATE invites SET total_invites = total_invites - 1 WHERE code = '$ic'";
  87. $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
  88.  
  89. }
  90.  
  91. } else { //if the invite code was not entered.
  92.  
  93. $errors[] = '<span>Please enter your invite code.</span>';
  94.  
  95. }
  96.  
  97. if (!isset($_POST['tosagree']) || $_POST['tosagree'] != "agreed" ) {//if the user did not agree to ToS
  98.  
  99. $errors[] = '<span>Please agree to the Terms of Service.<span>';
  100.  
  101. }
  102.  
  103. if ($un && $e && $p && $ic) { //if there are no errors
  104.  
  105. //create email activation code
  106. $a = md5(uniqid(rand(), true));
  107.  
  108. //Add the user to the database
  109. $q = "INSERT INTO users (username, pass, email, activated, registration_date) VALUES ('$un', SHA1('$p'), '$e', '$a', NOW() )";
  110.  
  111. $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
  112.  
  113. if (mysqli_affected_rows($dbc) == 1) {//if the query ran correctly and the user was added to the database
  114.  
  115. //Send activation email
  116. $body = "Hey $un,\n\nWelcome to \n\nThanks for registering. I am very excited to hear what you think of it. We are currently in Alpha testing stage so expect it to only get better!\n\nOne last thing, to finish your registration you need to confirm your email address. To activate your email address please click this link:\n\n";
  117.  
  118. $body .= BASE_URL . 'activate.php?x=' . urlencode($e) . "&y=$a";
  119.  
  120. $body .= "\n\nIf at any time you need help, have thoughts, or just want to talk you can email me at  . I would love to here from you! \n\nThanks and I hope you have fun learning";
  121.  
  122. mail($trimmed['email'], 'Thanks for registering!', $body, 'From: example@email.com');
  123.  
  124. echo '<p>Thanks for registering! Please check your email to confirm your account. If you do not see the email make sure to check your spam folder for an email from <a href="mailto:example@email.com">example@email.com</a>.<p>';
  125.  
  126. echo '<p>Get started: <a>Home</a>, <a>Create a Test</a>, <a>My Setttings</a></p>';
  127.  
  128. $q = "SELECT user_id, username, user_level FROM users WHERE (email='$e' AND pass=SHA1('$p'))";
  129. $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
  130.  
  131. if (@mysqli_num_rows($r) == 1) { //the user matches a user in the db
  132.  
  133. $_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC);
  134.  
  135. } else {
  136.  
  137. echo 'could not log you in!';
  138. }
  139.  
  140. include('../includes/default_footer.inc');
  141.  
  142. exit(); //Stop page from loading anything else
  143.  
  144. } else { //if db query did not run correctly
  145.  
  146. echo 'I am sorry. You could not be registered because of a system error. Please try again later.';
  147.  
  148. }
  149.  
  150. }
  151.  
  152. mysqli_close($dbc);
  153.  
  154. }//end of isset if (checks to see if user has registered and if it should handle the form)
  155. ?>
  156.  
  157. <div id="formContainer">
  158. <form id="centeredForm" action="?" method="post">
  159. <p id="formTitle">Register</p>
  160. <?php
  161. if (isset($_POST['submitted'])) {
  162. echo '<div id="formErrors">';
  163. if (!empty($errors)){
  164. foreach ($errors as $value) {
  165.     echo "$value<br />\n";
  166. }
  167. }
  168. echo '</div>';
  169. }
  170. ?>
  171. <table id="formTable">
  172. <tr class="rowHover"><td class="hoverPad">
  173. <label>Username</label>
  174. </td><td>
  175. <input type="text" class="formInput" name="username" value="<?php if(isset($spacelessUn)) echo $spacelessUn; ?>" >
  176. </td></tr>
  177. <tr class="rowHover"><td class="hoverPad">
  178. <label>Email</label>
  179. </td><td>
  180. <input type="text" class="formInput" name="email" value="<?php if(isset($trimmed['email'])) echo $trimmed['email']; ?>" >
  181. </td></tr>
  182. <tr class="rowHover"><td class="hoverPad">
  183. <label>Password</label>
  184. </td><td>
  185. <input type="password" class="formInput" name="password1">
  186. </td></tr>
  187. <tr class="rowHover"><td class="hoverPad">
  188. <label>Retype Password</label>
  189. </td><td>
  190. <input type="password" class="formInput" name="password2">
  191. </td></tr>
  192. <tr class="rowHover"><td class="hoverPad">
  193. <label>Alpha Code</label>
  194. </td><td>
  195. <input type="text" class="formInput" name="invitecode" value="<?php if(isset($trimmed['invitecode'])) echo $trimmed['invitecode']; ?>" >
  196. </td></tr>
  197. <tr><td>
  198. </td><td>
  199. <input type="hidden" value="TRUE" name="submitted">
  200. </td></tr>
  201. <tr><td>
  202. </td><td class="rowHover" id="tosRow">
  203. <input id="tosagreeCheck" type="checkbox" name="tosagree" value="agreed">
  204. <label for="tosagreeCheck">I agree to the <a>Terms of Service</a></label>
  205. </td>
  206. </tr><tr>
  207. <td></td>
  208. <td>
  209. <input type="submit" value="Sign Up" class="formBttn" name="submit">
  210. </td></tr>
  211. </table>
  212. </form>
  213. </div>
  214.  
  215. <?php
  216.  
  217. include('../includes/default_footer.inc');
  218. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!