Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //Start session
- session_start();
- //Connect to the database
- include("connection.php");
- //Check user inputs
- //Define error messages
- $missingUsername="<p><strong>Please enter a username!</strong></p>";
- $missingEmail="<p><strong>Please enter your email address!</strong></p>";
- $invalidEmail="<p><strong>Please enter a valid email address!</strong></p>";
- $missingPassword="<p><strong>Please enter a password!</strong></p>";
- $invalidPassword="<p><strong>Please enter a valid password, with at least 6 characters long and include one capital letter and one number!</strong></p>";
- $differentPassword="<p><strong>Passwords don\'t match!</strong></p>";
- $missingPassword2="<p><strong>Please confirm your password!</strong></p>";
- //Get username, email, password, password2
- //Get username
- if(empty($_POST["username"])){
- $errors .= $missingUsername;
- }else{
- $username = filter_var($_POST["username"],FILTER_SANITIZE_STRING);
- }
- //Get email
- if(empty($_POST["email"])){
- $errors .= $missingEmail;
- }else{
- $email = filter_var($_POST["email"],FILTER_SANITIZE_EMAIL);
- if(!filter_var($_POST["email"],FILTER_VALIDATE_EMAIL)){
- $errors .= $invalidEmail;
- }
- }
- //Get passwords
- if(empty($_POST["signuppassword"])){
- $errors .= $missingPassword;
- }elseif(!(strlen($_POST["signuppassword"])>=6 and preg_match('/[A-Z]/', $_POST["signuppassword"]) and preg_match('/[0-9]/',$_POST["signuppassword"]))){
- $errors .= $invalidPassword;
- }else{
- $password = filter_var($_POST["signuppassword"],FILTER_SANITIZE_STRING);
- if(empty($_POST["signuppassword2"])){
- $errors .= $missingPassword2;
- }else{
- $password2 = filter_var($_POST["signuppassword2"],FILTER_SANITIZE_STRING);
- if($password !== $password2){
- echo "<p>pass1: $password</p>";
- echo "<p>pass2: $password2</p>";
- $errors .= $differentPassword;
- }
- }
- }
- //If there are any errors print error
- if($errors){
- $resultMessage = "<div class='alert alert-danger'>$errors</div>";
- echo $resultMessage;
- }
- //no errors
- //prepare variables for the queries
- $username = mysqli_real_escape_string($link, $username);
- $email = mysqli_real_escape_string($link, $email);
- $password = mysqli_real_escape_string($link, $password);
- //$password = md5($password);
- $password = hash('sha256',$password);
- //256 bits - 64 characters
- //if username exists in the users table print error
- $sql = "SELECT * FROM users WHERE username = '$username'";
- $result = mysqli_query($link,$sql);
- if(!$result){
- echo "<div class='alert alert-danger'>Error running the query 1!</div>";
- echo "<div class='alert alert-danger'>" . mysqli_error() . "</div>";
- exit;
- }
- $results = mysqli_num_rows($result);
- if($results){
- echo "<div class='alert alert-danger'>That username name is already registered. Do you want to log in?</div>";
- exit;
- }
- //if email exists in the users table print error
- $sql = "SELECT * FROM users WHERE email = '$email'";
- $result = mysqli_query($link,$sql);
- if(!$result){
- echo "<div class='alert alert-danger'>Error running the query 2!</div>";
- echo "<div class='alert alert-danger'>" . mysqli_error() . "</div>";
- exit;
- }
- $results = mysqli_num_rows($result);
- if($results){
- echo "<div class='alert alert-danger'>That email is already registered. Do you want to log in?</div>";
- exit;
- }
- //create a unique activation code
- $activationKey = bin2hex(openssl_random_pseudo_bytes(16));
- //byte: unit of data = 8 bits
- //bit: 0 or 1
- //16 bytes = 128 bits
- //(2*2*2*2)*2*2*2*2*...*2
- //32 charectaers
- //Insert user details and activation code in the users table
- $sql = "INSERT INTO users (username,email,password,activation) VALUES ('$username', '$email', '$password', '$activationKey')";
- if(!mysqli_query($link, $sql)){
- echo "<div class='alert alert-warning'>Error: Unable to execute: $sql." . mysqli_error($link) . "</div>";
- exit;
- }else{
- //echo "<p>Success</p>";
- }
- //Send the user an email with the link to activate.php with their email and activation code
- $message = "Please click on this link to activate your account:\n\n";
- $message .= "http://soulkode.byethost15.com/websites/9.Online%20Notes%20APP/activate.php?email=" .urlencode($email) . "&key=$activationKey";
- if(mail($email, 'Confirm your Registration', $message, 'From:' . 'peter@gmail.com')){
- echo "<div class='alert alert-success'>Thank for your registring! A confirmation email has been sent to $email. Please click on the activation link to activate your account.</div>";
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement