Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $dbServername = "localhost";
- $dbUsername = "root";
- $dbPassword = "root";
- $dbName = "Login System";
- $con = mysqli_connect($dbServername, $dbUsername, $dbPassword, $dbName);
- <?php
- if (isset($_POST['submit'])) {
- include_once 'dbh.inc.php';
- $first = mysqli_real_escape_string($conn, $_POST['first']);
- $last = mysqli_real_escape_string($conn, $_POST['last']);
- $email = mysqli_real_escape_string($conn, $_POST['email']);
- $uid = mysqli_real_escape_string($conn, $_POST['uid']);
- $pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
- //Error handlers
- //Check for empty fields
- if (empty($first) || empty($last) || empty($email) || empty($uid) || empty($pwd)) {
- echo <h2>Please fill in all fields;
- exit ();
- } else {
- //Check if input characters are valid
- if (!preg_match("/^[a-zA-Z]*$/", $first) || !preg_match("/^[a-zA-Z]*$/", $last)) {
- header("Location: ../signup.php?signup=invalid");
- exit();
- } else {
- //Check if email is valid
- if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
- header("Location: ../signup.php?signup=email");
- exit();
- } else {
- $sql = "SELECT * FROM users WHERE user_uid='$uid'";
- $result = mysqli_query($conn, $sql);
- $resultCheck = mysqli_num_rows($result);
- if ($resultCheck > 0) {
- header("Location: ../signup.php?signup=usertaken");
- exit();
- } else {
- //Hashing the password
- $hashedPwd = password_hash($pwd, PASSWORD_DEFAULT);
- //Insert the user into the database
- $sql = "INSERT INTO users (first, last, email, uid, pwd) VALUES ('$first', '$last', '$email', '$uid', '$hashedPwd');";
- mysqli_query($conn, $sql);
- header("Location: ../signup.php?signup=success");
- exit();
- }
- }
- }
- }
- } else {
- header("Location: ../signup.php");
- exit();
- }
- ?>
- <?php
- include_once 'header.php';
- ?>
- <section class="main-container">
- <div class="main-wrapper">
- <h2>Signup</h2>
- <form class="signup-form" action="includes/signup.inc.php" method="POST">
- <input type="text" name="first" placeholder="Firstname">
- <input type="text" name="last" placeholder="Lastname">
- <input type="text" name="email" placeholder="E-mail">
- <input type="text" name="uid" placeholder="Username">
- <input type="password" name="pwd" placeholder="Password">
- <Button type="submit" name="submit">Sign up</Button>
- </form>
- </div>
- </section>
- <?php
- include_once 'footer.php';
- ?>
- $conn = mysqli_connect( ... );
- if ( !$conn ) {
- die( 'Did not connect: ' . mysqli_connect_error() );
- }
- $result = mysqli_query( $conn, $sql );
- if (false === $result) {
- die( 'Query error: ' . mysqli_error($conn) );
- }
- <?php
- if (isset($_POST['submit'])) {
- include_once 'dbh.inc.php';
- $first = strip_tags(trim($_POST['first']));
- $last = strip_tags(trim($_POST['last']));
- $email = filter_var(trim($_POST['email'], FILTER_SANITIZE_EMAIL));
- $uid = strip_tags(trim($_POST['uid']));
- $pwd = strip_tags(trim($_POST['pwd']));
- //Error handlers
- //Check for empty fields
- if (empty($first) || empty($last) || empty($email) || empty($uid) || empty($pwd)) {
- echo '<h2>Please fill in all fields</h2>'; // was echo <h2>Please fill in all fields; which would cause an error 500
- exit ();
- }
- else {
- //Check if input characters are valid
- if (!preg_match("/^[a-zA-Z]*$/", $first) || !preg_match("/^[a-zA-Z]*$/", $last)) {
- header("Location: ../signup.php?signup=invalid");
- exit();
- }
- else {
- //Check if email is valid
- if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
- header("Location: ../signup.php?signup=email");
- exit();
- }
- else {
- $sql = "SELECT * FROM users WHERE user_uid='$uid'";
- $result = mysqli_query($conn, $sql);
- $resultCheck = mysqli_num_rows($result);
- if ($resultCheck > 0) {
- header("Location: ../signup.php?signup=usertaken");
- exit();
- }
- else {
- //Hashing the password
- $options = [
- 'cost' => 12,
- ];
- $hashedPwd = password_hash($password, PASSWORD_BCRYPT, $options); // Adding salt to hashed password
- //Insert the user into the database
- $sql = "
- INSERT INTO users (first, last, email, uid, pwd)
- VALUES ('" . $first . "',
- '" . $last . "',
- '" . $email . "',
- '" . $uid . "',
- '" . $hashedPwd . "');";
- mysqli_query($conn, $sql);
- header("Location: ../signup.php?signup=success");
- exit();
- }
- }
- }
- }
- }
- else {
- header("Location: ../signup.php");
- exit();
- }
- ?>
- ALTER TABLE `users` ADD `serial` INT PRIMARY KEY AUTO_INCREMENT;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement