Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // Create connection
- //$conn =mysqli_connect("localhost", "root", "", "social");
- //if(mysqli_connect_errno())
- //{
- // echo"CONEECTION FAILED";
- //}
- //else
- //echo "established";
- //Declaring variables to prevent errors
- $firstname = ""; //First name
- $lastname = "";
- $qualification="";
- $specialist="";
- $experience="";
- $clinic_address="";
- $clinic_contact="";
- $personal_contact="";
- $email = ""; //email
- $licencekey="";
- $recognition="";
- $description="";
- $password = ""; //password
- $confirm_password = "";
- $salt = ""; //password 2
- $flag=0;
- $error_array = array(); //Holds error messages
- if(isset($_POST['register_button'])){
- //Registration form values
- //First name
- $firstname = strip_tags($_POST['firstname']); //Remove html tags
- $firstname = str_replace(' ', '', $firstname); //remove spaces
- $firstname = ucfirst(strtolower($firstname)); //Uppercase first letter
- $_SESSION['firstname'] = $firstname; //Stores first name into session variable
- //Last name
- $lastname = strip_tags($_POST['lastname']); //Remove html tags
- $lastname = str_replace(' ', '', $lastname); //remove spaces
- $lastname = ucfirst(strtolower($lastname)); //Uppercase first letter
- $_SESSION['lastname'] = $lastname; //Stores last name into session variable
- //qualification
- $qualification = strip_tags($_POST['qualification']); //Remove html tags
- $qualification = str_replace(' ', '', $qualification); //remove spaces
- $qualification = ucfirst(strtolower($qualification)); //Uppercase first letter
- $_SESSION['qualification'] = $qualification;
- //specialist
- $specialist = strip_tags($_POST['specialist']); //Remove html tags
- $specialist = str_replace(' ', '', $specialist); //remove spaces
- $specialist = ucfirst(strtolower($specialist)); //Uppercase first letter
- $_SESSION['specialist'] = $specialist;
- //experience
- $experience = strip_tags($_POST['experience']); //Remove html tags
- $experience = str_replace(' ', '', $experience); //remove spaces
- //$experience = ucfirst(strtolower($experience)); //Uppercase first letter
- $_SESSION['experience'] = $experience;
- //clinic_address
- $clinic_address = strip_tags($_POST['clinic_address']); //Remove html tags
- $clinic_address = str_replace(' ', '', $clinic_address); //remove spaces
- $clinic_address = ucfirst(strtolower($clinic_address)); //Uppercase first letter
- $_SESSION['clinic_address'] = $clinic_address;
- //clinic_contact
- $clinic_contact = strip_tags($_POST['clinic_contact']); //Remove html tags
- $clinic_contact = str_replace(' ', '', $clinic_contact); //remove spaces
- $clinic_contact = ucfirst(strtolower($clinic_contact)); //Uppercase first letter
- $_SESSION['clinic_contact'] = $clinic_contact;
- //clinic_contact
- $personal_contact = strip_tags($_POST['personal_contact']); //Remove html tags
- $personal_contact = str_replace(' ', '', $personal_contact); //remove spaces
- $personal_contact = ucfirst(strtolower($personal_contact)); //Uppercase first letter
- $_SESSION['personal_contact'] = $personal_contact;
- //email
- $email = strip_tags($_POST['email']); //Remove html tags
- $email= str_replace(' ', '', $email); //remove spaces
- //$email = ucfirst(strtolower($email)); //Uppercase first letter
- $_SESSION['email'] = $email;
- //licencekey
- $licencekey = strip_tags($_POST['licencekey']); //Remove html tags
- $licencekey = str_replace(' ', '', $licencekey); //remove spaces
- //$licencekey = ucfirst(strtolower($licencekey)); //Uppercase first letter
- $_SESSION['licencekey'] = $licencekey;
- //recognition
- $recognition = strip_tags($_POST['recognition']); //Remove html tags
- $recognition = str_replace(' ', '', $recognition); //remove spaces
- $recognition = ucfirst(strtolower($recognition)); //Uppercase first letter
- $_SESSION['recognition'] = $recognition;
- //description
- $description = strip_tags($_POST['description']); //Remove html tags
- $description = str_replace(' ', '', $description); //remove spaces
- $description = ucfirst(strtolower($description)); //Uppercase first letter
- $_SESSION['description'] = $description;
- //Password
- $password = strip_tags($_POST['password']); //Remove html tags
- $password = str_replace(' ', '', $password); //remove spaces
- $password = ucfirst(strtolower($password)); //Uppercase first letter
- $_SESSION['password'] = $password;
- $confirm_password = strip_tags($_POST['confirm_password']);
- $confirm_password = str_replace(' ', '', $confirm_password); //remove spaces
- $confirm_password = ucfirst(strtolower($confirm_password)); //Uppercase first letter
- $_SESSION['confirm_password'] = $confirm_password;
- //Check if email is in valid format
- if(filter_var($email, FILTER_VALIDATE_EMAIL)) {
- $email = filter_var($email, FILTER_VALIDATE_EMAIL);
- //Check if email already exists
- $e_check = mysqli_query($con, "SELECT email FROM users WHERE email='$email'");
- //Count the number of rows returned
- $num_rows = mysqli_num_rows($e_check);
- if($num_rows > 0) {
- array_push($error_array, "Email already in use<br>");
- }
- }
- else {
- array_push($error_array, "Invalid email format<br>");
- }
- if(strlen($firstname) > 25 || strlen($firstname) < 2) {
- array_push($error_array, "Your first name must be between 2 and 25 characters<br>");
- }
- if(strlen($lastname) > 25 || strlen($lastname) < 2) {
- array_push($error_array, "Your last name must be between 2 and 25 characters<br>");
- }
- if(strlen($qualification) > 150 || strlen($firstname) < 2) {
- array_push($error_array, "Your qualification must be between 2 and 150 characters(including spaces)<br>");
- }
- if(strlen($specialist) > 150 || strlen($specialist) < 2) {
- array_push($error_array, "Your specialisation must be between 2 and 150 characters(including spaces)<br>");
- }
- if(strlen($experience) > 3 || strlen($experience) < 0 ) {
- array_push($error_array, "Your experience must be in years and it can not be greater than 2 digits<br>");
- }
- if(strlen($clinic_address) > 50 ) {
- array_push($error_array, "Your address can not be more than 50 words<br>");
- }
- if(strlen($clinic_contact) != 10) {
- array_push($error_array, "Invalid clinic contact<br>");
- }
- if(strlen($personal_contact) != 10) {
- array_push($error_array, "Invalid personal contact<br>");
- }
- if(strlen($licencekey) > 25 || strlen($licencekey) < 6) {
- array_push($error_array, "Your licensekey must be between 6 and 25 characters<br>");
- }
- if(strlen($description) > 25 || strlen($description) < 2) {
- array_push($error_array, "Your description must be between 2 and 25 characters<br>");
- }
- if($password != $confirm_password) {
- array_push($error_array, "Your passwords do not match<br>");
- }
- else {
- if(!preg_match('/^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[^a-zA-Z0-9])(?!.*\s).{8,25}$/', $password)){
- array_push($error_array, "Your passwords must follow given set of rules<br>");
- //return false;
- }
- }
- if(empty($error_array)){
- //$escapedPW = mysqli_real_escape_string($conn,'$password');
- # generate a random salt to use for this account
- $salt = bin2hex(mcrypt_create_iv(32, MCRYPT_DEV_URANDOM));
- $saltedPW = $password . $salt;
- ///sha256 is a hashing algorithm
- $hashedPW = hash('sha256', $saltedPW);
- //Generate username by concatenating first name and last name
- //$username = strtolower($firstname . "_" . $lastname);
- //$check_username_query = mysqli_query($con, "SELECT username FROM users WHERE username='$username'");
- //$i = 0;
- //if username exists add number to username
- //while(mysqli_num_rows($check_username_query) != 0) {
- //$i++; //Add 1 to i
- //$username = $username . "_" . $i;
- //$check_username_query = mysqli_query($con, "SELECT username FROM users WHERE username='$username'");
- //}
- //Profile picture assignment
- //$sql = "INSERT INTO users ('firstname','lastname','qualification','specialist','experience','clinic_address',clinic_contact','personal_contact','email','licencekey','recognition','password','salt') VALUES ('$firstname','$lastname','$qualification','$specialist','$experience','$clinic_address','$clinic_contact','$personal_contact','$email','$licencekey','$recognition','$password','$hashedPW')";
- $sql="INSERT INTO users(firstname,lastname,email,password,salt) values ('$firstname','$lastname','$email','$hashedPW','$salt')";
- if ($con->query($sql) === TRUE) { echo "no error";
- }
- else
- echo "not inserted";
- //$result=$con->query($sql);
- //if($result == true)
- //echo "inserted";
- //else
- //echo "not inserted";
- //$query = mysqli_query($con, "INSERT INTO users ('firstname','lastname','qualification','specialist','experience','clinic_address,'clinic_contact','personal_contact','email','licencekey','recognition','password',,'salt') VALUES ('$firstname','$lastname','$qualification','$specialist','$experience','$clinic_address','$clinic_contact','$personal_contact','$email','$licencekey','$recognition','$password','$salt','hashedPW')");
- array_push($error_array, "<span style='color: #14C800;'>You're all set! Goahead and login!</span><br>");
- //Clear session variables
- $_SESSION['firstname'] = "";
- $_SESSION['lastname'] = "";
- $_SESSION['qualification'] = "";
- $_SESSION['specialist'] = "";
- $_SESSION['experience'] = "";
- $_SESSION['clinic_address'] = "";
- $_SESSION['clinic_contact'] = "";
- $_SESSION['personal_contact'] = "";
- $_SESSION['email'] = "";
- $_SESSION['licencekey'] = "";
- $_SESSION['recognition'] = "";
- $_SESSION['password'] = "";
- $_SESSION['confirm_password'] = "";
- $_SESSION['salt'] = "";
- } }
- ?>
Add Comment
Please, Sign In to add comment