<?php session_start(); $username = ""; $email = ""; $errors = arra

1. <?php
2. session_start();
3.  
4. $username = "";
5. $email = "";
6. $errors = array();
7. $_SESSION['success'] = "";
8.  
9. //zur Datenbank verbinden
10. $db = mysqli_connect('localhost', 'root', '', 'registration');
11.  
12. //wenn der registrierknopf geklickt wurde
13. if (isset($_POST['reg_user'])) {
14. $username = mysql_real_escape_string($db, $_POST['username']);
15. $email = mysql_real_escape_string($db, $_POST['email']);
16. $password_1 = mysql_real_escape_string($db, $_POST['password_1']);
17. $password_2 = mysql_real_escape_string($db, $_POST['password_2']);
18.  
19. //checken ob Anmeldedaten richtig sind
20. if (empty($username)) { array_push($errors, "Username is required"); }
21. if (empty($email)) { array_push($errors, "Email is required"); }
22. if (empty($password_1)) { array_push($errors, "Password is required"); }
23.  
24. if ($password_1 != $password_2) {
25. array_push($errors, "The two passwords do not match");
26. }
27.  
28. // register user if there are no errors in the form
29. if (count($errors) == 0) {
30. $password = md5($password_1);//encrypt the password before saving in the database
31. $query = "INSERT INTO users (username, email, password)
32. VALUES('$username', '$email', '$password')";
33. mysqli_query($db, $query);
34.  
35. $_SESSION['username'] = $username;
36. $_SESSION['success'] = "You are now logged in";
37. header('location: index.php');
38. }
39.  
40. }
41. if (isset($_POST['login_user'])) {
42. $username = mysqli_real_escape_string($db, $_POST['username']);
43. $password = mysqli_real_escape_string($db, $_POST['password']);
44.  
45. if (empty($username)) {
46. array_push($errors, "Username is required");
47. }
48. if (empty($password)) {
49. array_push($errors, "Password is required");
50. }
51.  
52. if (count($errors) == 0) {
53. $password = md5($password);
54. $query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
55. $results = mysqli_query($db, $query);
56.  
57. if (mysqli_num_rows($results) == 1) {
58. $_SESSION['username'] = $username;
59. $_SESSION['success'] = "You are now logged in";
60. header('location: index.php');
61. }else {
62. array_push($errors, "Wrong username/password combination");
63. }
64. }
65. }
66.  
67. ?>