Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $connect = new mysqli("localhost", "root", "Bismillah1", "capstone");
- if ($mysqli->connect_errno) {
- printf("Connection failed: %sn", $mysqli->connect_error);
- die();
- }
- session_start();
- if(isset($_POST["Sign Up"]))
- {
- if(empty($_POST["Email"]) || empty($_POST["Password"]))
- {
- echo '<script> alert ("Both Feldsa are required)</script">';
- }
- else
- {
- $_SESSION['email'] = $_POST['Email'];
- $_SESSION['password'] = $_POST['Password'];
- $_SESSION['Repeatpassword'] = $_POST['Repeatpassword'];
- $_SESSION['name'] = $_POST['name'];
- $_SESSION['weight'] = $_POST['weight'];
- $_SESSION['feet'] = $_POST['feet'];
- $_SESSION['inches'] = $_POST['inches'];
- $_SESSION['age'] = $_POST['age'];
- $_SESSION['goal'] = $_POST['Goal'];
- // Escape all $_POST variables to protect against SQL injection
- $email = $mysqli->escape_string($_POST['email']);
- $password = $mysqli->escape_string(password_hash($_POST['password'], PASSWORD_BCRYPT));
- $RepPassword = $mysqli->escape_string(password_hash($_POST['Repeatpassword'], PASSWORD_BCRYPT));
- $name = $mysqli->escape_string($_POST['name']);
- $Weight = $mysqli->escape_string($_POST['weight']);
- $feet = $mysqli->escape_string($_POST['feet']);
- $inches = $mysqli->escape_string($_POST['inches']);
- $age = $mysqli->escape_string($_POST['age']);
- $goal = $mysqli->escape_string($_POST['goal']);
- $hash = $mysqli->escape_string( md5( rand(0,1000) ) );
- // Check if user with that email already exists
- // We know user email exists if the rows returned are more than 0
- $result = $mysqli->query("SELECT * FROM User WHERE Email_Address='$email'") or die($mysqli->error);
- if ( $result->num_rows > 0 ) {
- $_SESSION['message'] = 'User with this email already exists!';
- }
- else { // Email doesn't already exist in a database, proceed...
- // active is 0 by DEFAULT (no need to include it here)
- $sql = "INSERT INTO User (Email_Address, Password, Full Name, Weight, Feet, Inches, Age, Goal, hash) "
- . "VALUES ('$email', 'password', 'name' , 'Weight' , 'feet' , 'inches' , 'age' , 'goal', 'hash')";
- }
- if ( ! $mysqli->query($sql)
- {
- $_SESSION['message'] = 'Registration successfully';
- echo $_SESSION['message'];
- header("location: loginaccount.html");
- }
- }
- else
- {$_SESSION['message'] = 'Registration failed!';
- echo $_SESSION['message'];
- }
- }
- ?>
- <?php
- if(isset($_POST["login"]))
- {
- $email = $mysqli->escape_string($_POST['Email']);
- $result = $mysqli->query("SELECT * FROM User WHERE Email_Address='$email'");
- if ( $result->num_rows == 0 ) { //
- {
- $_SESSION['message'] = "User with that email doesn't exist!";
- echo $_SESSION['message'];
- }
- else {
- $user = $result->fetch_assoc();
- if ( password_verify($_POST['password'], $user['Password']) ) {
- $_SESSION['email'] = $user['Email_Address'];
- $_SESSION['name'] = $user['Full Name'];
- $_SESSION['weight'] = $user['Weight '];
- $_SESSION['feet'] = $user['Feet '];
- $_SESSION['inches'] = $user['Inches '];
- $_SESSION['age'] = $user['Age '];
- $_SESSION['goal'] = $user['Goal '];
- $_SESSION['logged_in'] = true;
- $_SESSION['active'] = $user['Active'];
- header("location: loginaccount.html");
- }
- }
- ?>
- //<p align ="center"><a href="Register.php">Register</a></p>
- I have included the php file in my html file in the following way, I believe the code is right
- <!DOCTYPE html>
- <html lang="en" dir="ltr">
- <?php include 'Caplogin.php';?>
- <head>
- <meta charset="utf-8">
- <meta name="viewport" content = "width=device-width">
- <meta name="description" content="A place where people can take
- fitness to the next level">
- <title>Swole Summer | Account Creation </title>
- <link rel = "stylesheet" href ="./css/style.css">
- </head>
Add Comment
Please, Sign In to add comment