<?php//signup.phpinclude 'connect.php';include 'header.php';echo '<h3>

1. <?php
2. //signup.php
3. include 'connect.php';
4. include 'header.php';
5.  
6. echo '<h3>Sign up</h3><br />';
7.  
8. if($_SERVER['REQUEST_METHOD'] != 'POST')
9. {
10.     /*the form hasn't been posted yet, display it
11.       note that the action="" will cause the form to post to the same page it is on */
12.     echo '<form method="post" action="">
13.         Username: <input type="text" name="username" /><br />
14.         Password: <input type="password" name="password"><br />
15.         Password again: <input type="password" name="user_pass_check"><br />
16.         E-mail: <input type="email" name="email"><br />
17.         <input type="submit" value="Add category" />
18.      </form>';
19. }
20. else
21. {
22.     /* so, the form has been posted, we'll process the data in three steps:
23.         1.  Check the data
24.         2.  Let the user refill the wrong fields (if necessary)
25.         3.  Save the data
26.     */
27.     $errors = array(); /* declare the array for later use */
28.    
29.     if(isset($_POST['username']))
30.     {
31.         //the user name exists
32.         if(!ctype_alnum($_POST['username']))
33.         {
34.             $errors[] = 'The username can only contain letters and digits.';
35.         }
36.         if(strlen($_POST['username']) > 30)
37.         {
38.             $errors[] = 'The username cannot be longer than 30 characters.';
39.         }
40.     }
41.     else
42.     {
43.         $errors[] = 'The username field must not be empty.';
44.     }
45.    
46.    
47.     if(isset($_POST['password']))
48.     {
49.         if($_POST['password'] != $_POST['user_pass_check'])
50.         {
51.             $errors[] = 'The two passwords did not match.';
52.         }
53.     }
54.     else
55.     {
56.         $errors[] = 'The password field cannot be empty.';
57.     }
58.    
59.     if(!empty($errors)) /*check for an empty array, if there are errors, they're in this array (note the ! operator)*/
60.     {
61.         echo 'Uh-oh.. a couple of fields are not filled in correctly..<br /><br />';
62.         echo '<ul>';
63.         foreach($errors as $key => $value) /* walk through the array so all the errors get displayed */
64.         {
65.             echo '<li>' . $value . '</li>'; /* this generates a nice error list */
66.         }
67.         echo '</ul>';
68.     }
69.     else
70.     {
71.         //the form has been posted without, so save it
72.         //notice the use of mysql_real_escape_string, keep everything safe!
73.         //also notice the sha1 function which hashes the password
74.         $sql = "INSERT INTO
75.                     users(fullname, xfire, steam, username, password, email, date, user_level)
76.                 VALUES('asdf', 'asdf', 'asdf', '" . mysqli_real_escape_string($link, $_POST['username']) . "',
77.                        '" . sha1($_POST['password']) . "',
78.                        '" . mysqli_real_escape_string($link, $_POST['email']) . "',
79.                         NOW(),
80.                         0)";
81.                        
82.         $result = mysqli_query($link, $sql);
83.         if(!$result)
84.         {
85.             //something went wrong, display the error
86.             echo 'Something went wrong while registering. Please try again later.';
87.             echo mysqli_error($link); //debugging purposes, uncomment when needed
88.         }
89.         else
90.         {
91.             echo 'Succesfully registered. You can now <a href="signin.php">sign in</a> and start posting! :-)';
92.         }
93.     }
94. }
95.  
96. include 'footer.php';
97. ?>