<?php ob_start(); session_start(); if( isset($_SESSION['user'])!="" ){

1. <?php
2. ob_start();
3. session_start();
4. if( isset($_SESSION['user'])!="" ){
5. header("Location: home.php");
6. }
7. include_once 'dbconnect.php';
8.  
9. $error = false;
10.  
11. if ( isset($_POST['btn-signup']) ) {
12.  
13. // clean user inputs to prevent sql injections
14. $name = trim($_POST['name']);
15. $name = strip_tags($name);
16. $name = htmlspecialchars($name);
17.  
18. $email = trim($_POST['email']);
19. $email = strip_tags($email);
20. $email = htmlspecialchars($email);
21.  
22. $pass = trim($_POST['pass']);
23. $pass = strip_tags($pass);
24. $pass = htmlspecialchars($pass);
25.  
26. // basic name validation
27. if (empty($name)) {
28. $error = true;
29. $nameError = "Please enter your full name.";
30. } else if (strlen($name) < 3) {
31. $error = true;
32. $nameError = "Name must have atleat 3 characters.";
33. } else if (!preg_match("/^[a-zA-Z ]+$/",$name)) {
34. $error = true;
35. $nameError = "Name must contain alphabets and space.";
36. }
37.  
38. //basic email validation
39. if ( !filter_var($email,FILTER_VALIDATE_EMAIL) ) {
40. $error = true;
41. $emailError = "Please enter valid email address.";
42. } else {
43. // check email exist or not
44. $mysqli_query = sprintf("SELECT userEmail FROM users WHERE userEmail = '$email'");
45. $conn = $db->query($mysqli_query);
46.  
47. $count = mysqli_num_rows($mysqli_query);
48. if($count!=0){
49. $error = true;
50. $emailError = "Provided Email is already in use.";
51. }
52. }
53. // password validation
54. if (empty($pass)){
55. $error = true;
56. $passError = "Please enter password.";
57. } else if(strlen($pass) < 6) {
58. $error = true;
59. $passError = "Password must have atleast 6 characters.";
60. }
61.  
62. // password encrypt using bcrypt();
63. $password = password_hash($pass, PASSWORD_BCRYPT);
64. // if there's no error, continue to signup
65.  
66. if( !$error ) {
67.  
68. $stmt = $db->prepare("INSERT INTO users (userName, userEmail, userPass) VALUES (?, ?, ?)");
69. $stmt->bind_param("sss", $user, $email, $password);
70. $stmt->execute();
71. $errTyp = "success";
72. $errMSG = "Successfully registered, you may login now";
73. unset($name);
74. unset($email);
75. unset($pass);
76. } else {
77. $errTyp = "danger";
78. $errMSG = "Something went wrong, try again later...";
79. }
80.  
81.  
82.  
83. }
84.  
85. //dbconnect:
86. // $servername = "localhost";
87. // $username = "root";
88. // $password = "";
89. // $dbname = "test";
90. // $db = new mysqli($servername, $username, $password, $dbname);
91. // if ($db->connect_error) {
92. // die("Connection failed: " . $db->connect_error);
93. // }
94. ?>