API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 19th, 2016
85
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.91 KB | None | 0 0
raw download clone embed print report
  1. <br>
  2. <br>
  3. <div class="div_1">
  4. <div id="div_2">
  5. <br>
  6. <h1>User Registration</h1>
  7. <!--this is an HTML form to allow the user to input data and submit the webpage by clicking the button-->
  8. <form action="Sign_Up.php" method="post">
  9. <fieldset>
  10. <p><b>Enter Username</b>
  11. <input type="text" name="UserName" size="20" value="" />
  12. <p><b>Enter First Name</b>
  13. <input type="text" name="FName" size="20" value="" />
  14. <p><b>Enter Last Name (Optional)</b>
  15. <input type="text" name="LName" size="20" value="" />
  16. <p><b>Enter Email</b>
  17. <input type="email" name="Email" size="50" value="" />
  18. <p><b>Enter Password</b>
  19. <input type="password" name="Password" size="10" value="" />
  20. <p><b>Select Profile Picture</b>
  21. <input type="file" name="Image" size='70' value="" />
  22. <p><b>Enter Date of Birth (Optional)</b>
  23. <input type="date" name="DOB" size="10" value="" />
  24. <div align="center">
  25. <input type ="submit" value ="Register" />
  26. </div>
  27. <input type="hidden" name="submitted" value="1" />
  28. </fieldset>
  29. </form>
  30. </div>
  31. </div>
  32. <?php
  33. //this section of code is PHP to validate the contents of the form controls and populate an array
  34. //with error messages
  35. if (isset($_POST['submitted'])) {
  36. //declare variables to store the uploaded data
  37. $username = '';
  38. $dob = '';
  39. $fn = '';
  40. $ln = '';
  41. $Email = '';
  42. $Password = '';
  43.  
  44. $errors = array();
  45.  
  46. if (empty($_POST['UserName']))
  47. $errors[] = 'You must enter a username';
  48. else
  49. $username = trim($_POST['UserName']);
  50.  
  51. if (empty($_POST['FName']))
  52. $errors[] = 'You must enter a first name';
  53. else
  54. $fn = trim($_POST['FName']);
  55.  
  56. if (empty($_POST['Email'])) {
  57. $errors[] = 'You must enter an email';
  58. } elseif (!filter_var($_POST['Email'], FILTER_VALIDATE_EMAIL)) {
  59. $emailErr = "Invalid email format";
  60. } else
  61. $Email = trim($_POST['Email']);
  62.  
  63. if (empty($_POST['Password']))
  64. $errors[] = 'You must enter a Password';
  65. else
  66. $Email = trim($_POST['Password']);
  67.  
  68. $ln = trim($_POST['LName']);
  69. $dob = trim($_POST['DOB']);
  70.  
  71. if (empty($errors)) {
  72. //no errors so try and connect to the DB
  73.  
  74. include 'User.php';
  75.  
  76. $user= new DO_User();
  77.  
  78.  
  79. $user->firstName = trim($_POST['FName']);
  80. $user->lastName = trim( $_POST['LName']);
  81. $user->userName = trim( $_POST['UserName']);
  82. $user->email = trim($_POST['Email']);
  83. $user->password = trim($_POST['Password']);
  84. $user->dob = trim( $_POST['DOB']);
  85.  
  86. if( isset($_FILES['ImageFile']['name']) )
  87. {
  88. $user->image = $_FILES['ImageFile']['name'];
  89. }
  90.  
  91. $errors = $user->isValid();
  92.  
  93. if(empty($errors))
  94. {
  95. if($user->save())
  96. {
  97. echo '<div class="div_1"><div id="div_2">'.
  98. '<h1>Thank you</h1><p>'.$user->userName.' you are now registered</p></div></div>';
  99. }
  100. else
  101. {
  102. echo '<p class="error"> Oh dear. There was an error</p>';
  103. echo '<p class = "error">' . mysqli_error($user->dbc) .'</p>';
  104. }
  105. }
  106. /***** students to add code here *****/
  107.  
  108. /*********END OF CODE TO BE ADDED*****************/
  109.  
  110.  
  111. }
  112. else{
  113. echo '<p class="error"> Error </p>';
  114.  
  115. foreach($errors as $msg)
  116. echo " - $msg<br /> ";
  117. }
  118. }
  119.  
  120.  
  121.  
  122.  
  123. //include the footer html file
  124. include 'Footer.php';
  125. ?>
  126.  
  127. <?php
  128.  
  129.  
  130. //author malcolm.mckenzie
  131.  
  132. include_once "DBConn.php";
  133.  
  134. class DO_User extends DBConn {
  135.  
  136. private $tableName = 'Users_1';
  137. //attributes to represent table columns
  138. public $firstName;
  139. public $lastName;
  140. public $email;
  141. public $userName;
  142. public $dob;
  143. public $password;
  144. public $image;
  145. //variable to store validation errors
  146. public $errorMsg;
  147.  
  148. //public $dbc=null;
  149.  
  150. public function DO_User() {
  151. $this->getDBConnection();
  152. }
  153.  
  154. public function get($userName) {
  155. if ($this->getDBConnection()) {
  156.  
  157. $q = 'SELECT * FROM Users_1 WHERE UserName=' . $userName;
  158. $r = mysqli_query($this->dbc, $q);
  159.  
  160. if ($r) {
  161. $row = mysqli_fetch_array($r);
  162.  
  163. $this->userName = $row['UserName'];
  164. $this->firstName = $row['FName'];
  165. $this->lastName = $row['LName'];
  166. $this->email = $row['Email'];
  167. $this->dob = $row['DOB'];
  168. $this->password = $row['Password'];
  169. $this->image = $row['Image'];
  170. return true;
  171. }
  172. else
  173. $this->displayError($q);
  174. }
  175. else
  176. echo '<p class="error">Could not connect to database</p>';
  177.  
  178. return false;
  179. }
  180.  
  181. public function save() {
  182. if ($this->getDBConnection()) {
  183. //escape any special characters
  184. $this->firstName = mysqli_real_escape_string($this->dbc, $this->firstName);
  185. $this->lastName = mysqli_real_escape_string($this->dbc, $this->lastName);
  186. $this->userName = mysqli_real_escape_string($this->dbc, $this->userName);
  187. $this->email = mysqli_real_escape_string($this->dbc, $this->email);
  188. $this->dob = mysqli_real_escape_string($this->dbc, $this->dob);
  189. $this->password = mysqli_real_escape_string($this->dbc, $this->password);
  190. $this->image = mysqli_real_escape_string($this->dbc, $this->image);
  191. /*if ($this->userName == null) {*/
  192. $q = "INSERT INTO Users_1 (FName, LName, UserName, DOB, Email, Password, Image) values" .
  193. "('" . $this->firstName . "','" . $this->lastName . "','" . $this->userName . "', '".
  194. $this->dob . "','" . $this->email ."','". $this->password . "','". $this->image ."')";
  195. /*} else {
  196. $q = "update Users_1 set FName='" . $this->firstName . "', LName='" . $this->lastName .
  197. "',Email='" . $this->email . "', Password='" . $this->password . "' where userName = '" . $this->userName . "'";
  198. }*/
  199.  
  200.  
  201. // $q = "call SaveUser2($this->userId,'$this->firstName','$this->lastName','$this->email','$this->password')";
  202.  
  203. $r = mysqli_query($this->dbc, $q);
  204.  
  205. if (!$r) {
  206. $this->displayError($q);
  207. return false;
  208. }
  209.  
  210. return true;
  211. } else {
  212. echo '<p class="error">Could not connect to database</p>';
  213. return false;
  214. }
  215.  
  216. return true;
  217. }
  218.  
  219. //end of function
  220.  
  221. public function delete() {
  222. if ($this->getDBConnection()) {
  223. $q = "DELETE FROM Users_1 WHERE userName=" . mysql_escape_string($this->userName);
  224. $r = mysqli_query($this->dbc, $q);
  225.  
  226. if (!$r) {
  227. $this->displayError($q);
  228. return false;
  229. }
  230.  
  231. return true;
  232. } else {
  233. echo '<p class="error">Could not connect to database</p>';
  234. return false;
  235. }
  236. }
  237.  
  238. public function validateFields() {
  239.  
  240. return $errors;
  241. }
  242.  
  243. public function isValid() {
  244. //declare array to hold any errors messages
  245. $errors = array();
  246.  
  247. if (empty($this->firstName))
  248. $errors[] = 'You must enter first name';
  249.  
  250. if (empty($this->userName))
  251. $errors[] = 'You must enter last name';
  252. else {
  253. if (!$this->validUserName())
  254. $errors[] = 'This username is already registered';
  255. }
  256.  
  257. if (empty($this->email))
  258. $errors[] = 'You must enter email';
  259. else {
  260. if (!$this->validEmail())
  261. $errors[] = 'This email address is already registered';
  262. }
  263.  
  264. if (empty($this->password))
  265. $errors[] = 'You must enter password';
  266.  
  267. if (empty($this->image))
  268. $errors[] = 'You must enter image path';
  269.  
  270. return $errors;
  271. }
  272.  
  273. public function validEmail() {
  274. if ($this->getDBConnection()) {
  275. $q = "SELECT userName FROM Users_1 WHERE Email='" . mysqli_escape_string($this->dbc, $this->email) . "'";
  276. $r = mysqli_query($this->dbc, $q);
  277.  
  278. if ($r) {
  279. while ($row = mysqli_fetch_array($r)) {
  280. $userName = $row[0];
  281.  
  282. //we have found a record that has this email - if it is not the current user the the email
  283. //must be registered to someone else
  284. if ($userName != $this->userName)
  285. return false;
  286. }
  287. } else {
  288. $this->displayError($q);
  289. return false;
  290. }
  291. } else {
  292. echo '<p class="error">Could not connect to database</p>';
  293. return false;
  294. }
  295.  
  296. return true;
  297. }
  298.  
  299. public function validUserName() {
  300. if ($this->getDBConnection()) {
  301. $q = "SELECT userName FROM Users_1 WHERE userName ='" . mysqli_escape_string($this->dbc, $this->userName) . "'";
  302. $r = mysqli_query($this->dbc, $q);
  303.  
  304. if ($r) {
  305. while ($row = mysqli_fetch_array($r)) {
  306. $userName = $row[0];
  307.  
  308. //we have found a record that has this email - if it is not the current user the the email
  309. //must be registered to someone else
  310. if ($userName != $this->userName)
  311. return false;
  312. }
  313. } else {
  314. $this->displayError($q);
  315. return false;
  316. }
  317. } else {
  318. echo '<p class="error">Could not connect to database</p>';
  319. return false;
  320. }
  321.  
  322. return true;
  323. }
  324.  
  325. public function getUserFullName() {
  326.  
  327. if ($this->getDBConnection()) {
  328.  
  329. $q = "SELECT CONCAT(FName, ' ', LName) from Users_1 where UserName = $this->userName";
  330.  
  331. $r = mysqli_query($this->dbc, $q);
  332.  
  333. if($r){
  334. $row = mysqli_fetch_array($r);
  335. return $row[0];
  336. }
  337. else {
  338. $this->displayError($q);
  339. return false;
  340. }
  341. }
  342.  
  343. return false;
  344. }
  345.  
  346. private function displayError($q) {
  347. echo '<p class="error">' . $q . '</p>';
  348. echo '<p class="error">A database error occurred</p>';
  349. echo '<p class="error">' . mysqli_error($this->dbc) . '</p>';
  350. }
  351.  
  352. }
  353.  
  354. //end of class decl
  355. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!