Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require("db.php");
- if (isset($_POST['register'])) {
- $username = $_POST['username'];
- $email = $_POST['email'];
- $personName= $_POST['fullname'];
- $password = $_POST['password'];
- $position = $_POST['position'];
- $emailActivation = md5( rand(0,1000) );
- $theDate = date('Y-m-d');
- //Strip & Escape User
- $username = stripslashes($_REQUEST['username']);
- $username = mysqli_real_escape_string($con,$username);
- //Strip & Escape email
- $email = stripslashes($_REQUEST['email']);
- $email = mysqli_real_escape_string($con,$email);
- //Strip & Escape PW
- $password = $_REQUEST['password'];
- $hashPassword = password_hash($password, PASSWORD_DEFAULT);
- $personName = $_REQUEST['fullname'];
- $fullname = mysqli_real_escape_string($con,$personName);
- $firstLast = explode (" ", $fullname);
- $firstName = $firstLast[0];
- $lastName = $firstLast[1];
- $sql_u = "SELECT username FROM users WHERE username='$username' LIMIT=1";
- $sql_e = "SELECT email FROM users WHERE email='$email'";
- $res_u = mysqli_query($con, $sql_u);
- $res_e = mysqli_query($con, $sql_e);
- if (mysqli_num_rows($res_u) > 0) {
- $name_error = "Sorry... username already taken";
- }
- else if(mysqli_num_rows($res_e) > 0){
- $email_error = "Sorry... email already taken";
- }
- else{
- $stmt = $con->prepare("INSERT INTO users (username, email, password, firstName, lastName, position, hash)
- VALUES (?, ?, ?, ?, ?, ?, ?)") or die (mysqli_error($con));
- $stmt ->bind_param("ssssssss", $username, $email, $hashPassword,$firstName,$lastName,$position,$emailActivation);
- //Prepared Execute Goes Here
- $stmt->execute();
- $stmt->close();
- mkdir("../profilePics/" . $username);
- echo 'You Have Registered Successfully!<br>
- To Login Go To <a href="login.php">Our Login Page</a>';
- exit();
- }
- }
- ?>
Add Comment
Please, Sign In to add comment