Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- $fullname = "";
- $class = "";
- $username = "";
- $errors = array();
- $db =mysqli_connect('localhost','root','','registration');
- //register user
- if(isset($_POST['reg_user'])){
- $fullname = mysqli_real_escape_string($db, $_POST['fullname']);
- $class = mysqli_real_escape_string($db, $_POST['class']);
- $username = mysqli_real_escape_string($db, $_POST['username']);
- $password_1 = mysqli_real_escape_string($db, $_POST['password_1']);
- $password_2 = mysqli_real_escape_string($db, $_POST['password_2']);
- if (empty($fullname )) { array_push($errors, "Fullname is required"); }
- if (empty($class)) { array_push($errors, "Class is required"); }
- if (empty($username)) {array_push ($errors, "Username is required"); }
- if (empty($password_1)) { array_push($errors, "Password is required"); }
- if ($password_1 != $password_2) {
- array_push($errors, "The two passwords do not match");
- }
- $user_check_query = "SELECT * FROM users WHERE username='$username' OR class='$class' LIMIT 1";
- $result = mysqli_query($db, $user_check_query);
- $user = mysqli_fetch_assoc($result);
- if ($user){
- if ($user['username']===$username){
- array_push($errors, "Username already exist");
- }
- if ($user['class']=== $class){
- array_push($errors, "Class already exist");
- }
- }
- if (count($errors) == 0) {
- $password = md5($password_1);//encrypt the password before saving in the database
- $query = "INSERT INTO users (fullname, class, username, password)
- VALUES('$fullname', '$class', '$username','$password')";
- mysqli_query($db, $query);
- $_SESSION['username'] = $username;
- $_SESSION['success'] = "You are now logged in";
- header('location: index.php');
- }
- }
- //login useer
- if (isset($_POST['login_user'])) {
- $username = mysqli_real_escape_string($db, $_POST['username']);
- $password = mysqli_real_escape_string($db, $_POST['password']);
- if (empty($username)) {
- array_push($errors, "Username is required");
- }
- if (empty($password)) {
- array_push($errors, "Password is required");
- }
- if (count($errors) == 0) {
- $password = md5($password);
- //$query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
- $query = "SELECT username='$username' AND password='$password' FROM users";
- $results = mysqli_query($db, $query);
- if (mysqli_num_rows($results) == 1) {
- $_SESSION['username'] = $username;
- $_SESSION['success'] = "You are now logged in";
- header('location: index.php');
- }else {
- array_push($errors, "Wrong username/password combination");
- }
- }
- }
- ?>
Add Comment
Please, Sign In to add comment