API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 7th, 2017
63
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.10 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. $dbServername = "localhost";
  4. $dbUsername = "root";
  5. $dbPassword = "root";
  6. $dbName = "Login System";
  7.  
  8. $con = mysqli_connect($dbServername, $dbUsername, $dbPassword, $dbName);
  9.  
  10. <?php
  11.  
  12. if (isset($_POST['submit'])) {
  13.  
  14. include_once 'dbh.inc.php';
  15.  
  16. $first = mysqli_real_escape_string($conn, $_POST['first']);
  17. $last = mysqli_real_escape_string($conn, $_POST['last']);
  18. $email = mysqli_real_escape_string($conn, $_POST['email']);
  19. $uid = mysqli_real_escape_string($conn, $_POST['uid']);
  20. $pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
  21.  
  22. //Error handlers
  23. //Check for empty fields
  24. if (empty($first) || empty($last) || empty($email) || empty($uid) || empty($pwd)) {
  25. echo <h2>Please fill in all fields;
  26. exit ();
  27. } else {
  28. //Check if input characters are valid
  29. if (!preg_match("/^[a-zA-Z]*$/", $first) || !preg_match("/^[a-zA-Z]*$/", $last)) {
  30. header("Location: ../signup.php?signup=invalid");
  31. exit();
  32. } else {
  33. //Check if email is valid
  34. if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
  35. header("Location: ../signup.php?signup=email");
  36. exit();
  37. } else {
  38. $sql = "SELECT * FROM users WHERE user_uid='$uid'";
  39. $result = mysqli_query($conn, $sql);
  40. $resultCheck = mysqli_num_rows($result);
  41.  
  42. if ($resultCheck > 0) {
  43. header("Location: ../signup.php?signup=usertaken");
  44. exit();
  45. } else {
  46. //Hashing the password
  47. $hashedPwd = password_hash($pwd, PASSWORD_DEFAULT);
  48. //Insert the user into the database
  49. $sql = "INSERT INTO users (first, last, email, uid, pwd) VALUES ('$first', '$last', '$email', '$uid', '$hashedPwd');";
  50. mysqli_query($conn, $sql);
  51. header("Location: ../signup.php?signup=success");
  52. exit();
  53. }
  54. }
  55. }
  56. }
  57.  
  58. } else {
  59. header("Location: ../signup.php");
  60. exit();
  61. }
  62.  
  63. ?>
  64.  
  65. <?php
  66. include_once 'header.php';
  67. ?>
  68.  
  69. <section class="main-container">
  70. <div class="main-wrapper">
  71. <h2>Signup</h2>
  72. <form class="signup-form" action="includes/signup.inc.php" method="POST">
  73. <input type="text" name="first" placeholder="Firstname">
  74. <input type="text" name="last" placeholder="Lastname">
  75. <input type="text" name="email" placeholder="E-mail">
  76. <input type="text" name="uid" placeholder="Username">
  77. <input type="password" name="pwd" placeholder="Password">
  78. <Button type="submit" name="submit">Sign up</Button>
  79. </form>
  80.  
  81. </div>
  82. </section>
  83.  
  84. <?php
  85. include_once 'footer.php';
  86. ?>
  87.  
  88. $conn = mysqli_connect( ... );
  89.  
  90. if ( !$conn ) {
  91. die( 'Did not connect: ' . mysqli_connect_error() );
  92. }
  93.  
  94. $result = mysqli_query( $conn, $sql );
  95.  
  96. if (false === $result) {
  97. die( 'Query error: ' . mysqli_error($conn) );
  98. }
  99.  
  100. <?php
  101. if (isset($_POST['submit'])) {
  102. include_once 'dbh.inc.php';
  103. $first = strip_tags(trim($_POST['first']));
  104. $last = strip_tags(trim($_POST['last']));
  105. $email = filter_var(trim($_POST['email'], FILTER_SANITIZE_EMAIL));
  106. $uid = strip_tags(trim($_POST['uid']));
  107. $pwd = strip_tags(trim($_POST['pwd']));
  108. //Error handlers
  109. //Check for empty fields
  110. if (empty($first) || empty($last) || empty($email) || empty($uid) || empty($pwd)) {
  111. echo '<h2>Please fill in all fields</h2>'; // was echo <h2>Please fill in all fields; which would cause an error 500
  112. exit ();
  113. }
  114. else {
  115. //Check if input characters are valid
  116. if (!preg_match("/^[a-zA-Z]*$/", $first) || !preg_match("/^[a-zA-Z]*$/", $last)) {
  117. header("Location: ../signup.php?signup=invalid");
  118. exit();
  119. }
  120. else {
  121. //Check if email is valid
  122. if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
  123. header("Location: ../signup.php?signup=email");
  124. exit();
  125. }
  126. else {
  127. $sql = "SELECT * FROM users WHERE user_uid='$uid'";
  128. $result = mysqli_query($conn, $sql);
  129. $resultCheck = mysqli_num_rows($result);
  130. if ($resultCheck > 0) {
  131. header("Location: ../signup.php?signup=usertaken");
  132. exit();
  133. }
  134. else {
  135. //Hashing the password
  136. $options = [
  137. 'cost' => 12,
  138. ];
  139. $hashedPwd = password_hash($password, PASSWORD_BCRYPT, $options); // Adding salt to hashed password
  140. //Insert the user into the database
  141. $sql = "
  142. INSERT INTO users (first, last, email, uid, pwd)
  143. VALUES ('" . $first . "',
  144. '" . $last . "',
  145. '" . $email . "',
  146. '" . $uid . "',
  147. '" . $hashedPwd . "');";
  148. mysqli_query($conn, $sql);
  149. header("Location: ../signup.php?signup=success");
  150. exit();
  151. }
  152. }
  153. }
  154. }
  155. }
  156. else {
  157. header("Location: ../signup.php");
  158. exit();
  159. }
  160. ?>
  161.  
  162. ALTER TABLE `users` ADD `serial` INT PRIMARY KEY AUTO_INCREMENT;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!