Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <br>
- <br>
- <div class="div_1">
- <div id="div_2">
- <br>
- <h1>User Registration</h1>
- <!--this is an HTML form to allow the user to input data and submit the webpage by clicking the button-->
- <form action="Sign_Up.php" method="post">
- <fieldset>
- <p><b>Enter Username</b>
- <input type="text" name="UserName" size="20" value="" />
- <p><b>Enter First Name</b>
- <input type="text" name="FName" size="20" value="" />
- <p><b>Enter Last Name (Optional)</b>
- <input type="text" name="LName" size="20" value="" />
- <p><b>Enter Email</b>
- <input type="email" name="Email" size="50" value="" />
- <p><b>Enter Password</b>
- <input type="password" name="Password" size="10" value="" />
- <p><b>Select Profile Picture</b>
- <input type="file" name="Image" size='70' value="" />
- <p><b>Enter Date of Birth (Optional)</b>
- <input type="date" name="DOB" size="10" value="" />
- <div align="center">
- <input type ="submit" value ="Register" />
- </div>
- <input type="hidden" name="submitted" value="1" />
- </fieldset>
- </form>
- </div>
- </div>
- <?php
- //this section of code is PHP to validate the contents of the form controls and populate an array
- //with error messages
- if (isset($_POST['submitted'])) {
- //declare variables to store the uploaded data
- $username = '';
- $dob = '';
- $fn = '';
- $ln = '';
- $Email = '';
- $Password = '';
- $errors = array();
- if (empty($_POST['UserName']))
- $errors[] = 'You must enter a username';
- else
- $username = trim($_POST['UserName']);
- if (empty($_POST['FName']))
- $errors[] = 'You must enter a first name';
- else
- $fn = trim($_POST['FName']);
- if (empty($_POST['Email'])) {
- $errors[] = 'You must enter an email';
- } elseif (!filter_var($_POST['Email'], FILTER_VALIDATE_EMAIL)) {
- $emailErr = "Invalid email format";
- } else
- $Email = trim($_POST['Email']);
- if (empty($_POST['Password']))
- $errors[] = 'You must enter a Password';
- else
- $Email = trim($_POST['Password']);
- $ln = trim($_POST['LName']);
- $dob = trim($_POST['DOB']);
- if (empty($errors)) {
- //no errors so try and connect to the DB
- include 'User.php';
- $user= new DO_User();
- $user->firstName = trim($_POST['FName']);
- $user->lastName = trim( $_POST['LName']);
- $user->userName = trim( $_POST['UserName']);
- $user->email = trim($_POST['Email']);
- $user->password = trim($_POST['Password']);
- $user->dob = trim( $_POST['DOB']);
- if( isset($_FILES['ImageFile']['name']) )
- {
- $user->image = $_FILES['ImageFile']['name'];
- }
- $errors = $user->isValid();
- if(empty($errors))
- {
- if($user->save())
- {
- echo '<div class="div_1"><div id="div_2">'.
- '<h1>Thank you</h1><p>'.$user->userName.' you are now registered</p></div></div>';
- }
- else
- {
- echo '<p class="error"> Oh dear. There was an error</p>';
- echo '<p class = "error">' . mysqli_error($user->dbc) .'</p>';
- }
- }
- /***** students to add code here *****/
- /*********END OF CODE TO BE ADDED*****************/
- }
- else{
- echo '<p class="error"> Error </p>';
- foreach($errors as $msg)
- echo " - $msg<br /> ";
- }
- }
- //include the footer html file
- include 'Footer.php';
- ?>
- <?php
- //author malcolm.mckenzie
- include_once "DBConn.php";
- class DO_User extends DBConn {
- private $tableName = 'Users_1';
- //attributes to represent table columns
- public $firstName;
- public $lastName;
- public $email;
- public $userName;
- public $dob;
- public $password;
- public $image;
- //variable to store validation errors
- public $errorMsg;
- //public $dbc=null;
- public function DO_User() {
- $this->getDBConnection();
- }
- public function get($userName) {
- if ($this->getDBConnection()) {
- $q = 'SELECT * FROM Users_1 WHERE UserName=' . $userName;
- $r = mysqli_query($this->dbc, $q);
- if ($r) {
- $row = mysqli_fetch_array($r);
- $this->userName = $row['UserName'];
- $this->firstName = $row['FName'];
- $this->lastName = $row['LName'];
- $this->email = $row['Email'];
- $this->dob = $row['DOB'];
- $this->password = $row['Password'];
- $this->image = $row['Image'];
- return true;
- }
- else
- $this->displayError($q);
- }
- else
- echo '<p class="error">Could not connect to database</p>';
- return false;
- }
- public function save() {
- if ($this->getDBConnection()) {
- //escape any special characters
- $this->firstName = mysqli_real_escape_string($this->dbc, $this->firstName);
- $this->lastName = mysqli_real_escape_string($this->dbc, $this->lastName);
- $this->userName = mysqli_real_escape_string($this->dbc, $this->userName);
- $this->email = mysqli_real_escape_string($this->dbc, $this->email);
- $this->dob = mysqli_real_escape_string($this->dbc, $this->dob);
- $this->password = mysqli_real_escape_string($this->dbc, $this->password);
- $this->image = mysqli_real_escape_string($this->dbc, $this->image);
- /*if ($this->userName == null) {*/
- $q = "INSERT INTO Users_1 (FName, LName, UserName, DOB, Email, Password, Image) values" .
- "('" . $this->firstName . "','" . $this->lastName . "','" . $this->userName . "', '".
- $this->dob . "','" . $this->email ."','". $this->password . "','". $this->image ."')";
- /*} else {
- $q = "update Users_1 set FName='" . $this->firstName . "', LName='" . $this->lastName .
- "',Email='" . $this->email . "', Password='" . $this->password . "' where userName = '" . $this->userName . "'";
- }*/
- // $q = "call SaveUser2($this->userId,'$this->firstName','$this->lastName','$this->email','$this->password')";
- $r = mysqli_query($this->dbc, $q);
- if (!$r) {
- $this->displayError($q);
- return false;
- }
- return true;
- } else {
- echo '<p class="error">Could not connect to database</p>';
- return false;
- }
- return true;
- }
- //end of function
- public function delete() {
- if ($this->getDBConnection()) {
- $q = "DELETE FROM Users_1 WHERE userName=" . mysql_escape_string($this->userName);
- $r = mysqli_query($this->dbc, $q);
- if (!$r) {
- $this->displayError($q);
- return false;
- }
- return true;
- } else {
- echo '<p class="error">Could not connect to database</p>';
- return false;
- }
- }
- public function validateFields() {
- return $errors;
- }
- public function isValid() {
- //declare array to hold any errors messages
- $errors = array();
- if (empty($this->firstName))
- $errors[] = 'You must enter first name';
- if (empty($this->userName))
- $errors[] = 'You must enter last name';
- else {
- if (!$this->validUserName())
- $errors[] = 'This username is already registered';
- }
- if (empty($this->email))
- $errors[] = 'You must enter email';
- else {
- if (!$this->validEmail())
- $errors[] = 'This email address is already registered';
- }
- if (empty($this->password))
- $errors[] = 'You must enter password';
- if (empty($this->image))
- $errors[] = 'You must enter image path';
- return $errors;
- }
- public function validEmail() {
- if ($this->getDBConnection()) {
- $q = "SELECT userName FROM Users_1 WHERE Email='" . mysqli_escape_string($this->dbc, $this->email) . "'";
- $r = mysqli_query($this->dbc, $q);
- if ($r) {
- while ($row = mysqli_fetch_array($r)) {
- $userName = $row[0];
- //we have found a record that has this email - if it is not the current user the the email
- //must be registered to someone else
- if ($userName != $this->userName)
- return false;
- }
- } else {
- $this->displayError($q);
- return false;
- }
- } else {
- echo '<p class="error">Could not connect to database</p>';
- return false;
- }
- return true;
- }
- public function validUserName() {
- if ($this->getDBConnection()) {
- $q = "SELECT userName FROM Users_1 WHERE userName ='" . mysqli_escape_string($this->dbc, $this->userName) . "'";
- $r = mysqli_query($this->dbc, $q);
- if ($r) {
- while ($row = mysqli_fetch_array($r)) {
- $userName = $row[0];
- //we have found a record that has this email - if it is not the current user the the email
- //must be registered to someone else
- if ($userName != $this->userName)
- return false;
- }
- } else {
- $this->displayError($q);
- return false;
- }
- } else {
- echo '<p class="error">Could not connect to database</p>';
- return false;
- }
- return true;
- }
- public function getUserFullName() {
- if ($this->getDBConnection()) {
- $q = "SELECT CONCAT(FName, ' ', LName) from Users_1 where UserName = $this->userName";
- $r = mysqli_query($this->dbc, $q);
- if($r){
- $row = mysqli_fetch_array($r);
- return $row[0];
- }
- else {
- $this->displayError($q);
- return false;
- }
- }
- return false;
- }
- private function displayError($q) {
- echo '<p class="error">' . $q . '</p>';
- echo '<p class="error">A database error occurred</p>';
- echo '<p class="error">' . mysqli_error($this->dbc) . '</p>';
- }
- }
- //end of class decl
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement