<?php // Turn off error reporting error_reporting(0)

1. <?php
2.  
3. // Turn off error reporting
4. error_reporting(0);
5. // Report runtime errors
6. error_reporting(E_ERROR | E_WARNING | E_PARSE);
7. // Report all errors
8. error_reporting(E_ALL);
9. // Same as error_reporting(E_ALL);
10. ini_set("error_reporting", E_ALL);
11. // Report all errors except E_NOTICE
12. error_reporting(E_ALL & ~E_NOTICE);
13. include_once("connect.php");
14. session_start();
15.  
16. if(isset($_POST['submit'])){
17.  
18. }
19.  
20. if(!isset ($_SESSION['email'] )){
21. echo'<li><a href="signup.php">Sign Up</a></li>';
22. echo'<li><a href="auth.php">Login</a></li>';
23. }
24. else{
25.  
26.  
27. if($_SESSION['email']){
28.  
29. $con = mysqli_connect("localhost", "root", "" ,"jono_db") or die("We couldn't connect!");
30. $query = mysqli_query($con,"SELECT * FROM users WHERE email='".$_SESSION['email']."'");
31. $numrows = mysqli_num_rows($query);
32.  
33. if($numrows != 0){
34.  
35. while($row = mysqli_fetch_assoc($query)){
36.  
37. $usertype = $row['is_admin'];
38. if($usertype == 1){
39.  
40. }
41.  
42. }
43. }
44. }
45. echo'<li><a href="logout.php">Logout</a></li>';
46.  
47. }
48.  
49.  
50. ?>
51.  
52.  
53. <?php
54. /* FIELDS ARE STILL EMPTY THIS CODE IS USED FOR HIDING PRECAUTIONAL PHP ERRORS MGS BECAUSE YOURE USING PHP AND HTML FORM IN 1 FILE*/
55. require_once("connect.php");
56. // Turn off error reporting
57. error_reporting(0);
58. // Report runtime errors
59. error_reporting(E_ERROR | E_WARNING | E_PARSE);
60. // Report all errors
61. error_reporting(E_ALL);
62. // Same as error_reporting(E_ALL);
63. ini_set("error_reporting", E_ALL);
64. // Report all errors except E_NOTICE
65. error_reporting(E_ALL & ~E_NOTICE);
66. /* FIELDS ARE STILL EMPTY THIS CODE IS USED FOR HIDING PRECAUTIONAL PHP ERRORS MGS BECAUSE YOURE USING PHP AND HTML FORM IN 1 FILE*/
67.  
68. $firstname = $_POST['firstname'];
69. $lastname = $_POST['lastname'];
70. $email = $_POST['email'];
71. $username = $_POST['username'];
72. $gender = $_POST['gender'];
73. /* ENCRYPT THE PASSWORD USING MD5 FUNCTION */
74. $password = md5($_POST['password']);
75. $passwordconfirm = md5($_POST['passwordconfirm']);
76. $defaultUserType = '0';
77. $usertype = $_POST['usertype'];
78. /* CHECKS WHETHER THIS VARIABLES HAVE VALUES */
79.  
80. if ($firstName && $lastName && $email && $username && $gender && $password && $passwordconfirm){
81. /* CHECKS WHETHER EMAIL FIELD FOLLOWS THE RIGHT EMAIL FORMAT */
82. if (preg_match("/^[_\.0-9a-zA-Z-]+@([0-9a-zA-Z][0-9a-zA-Z-]+\.)+[a-zA-Z]{2,6}$/i", $email)) {
83. if (strlen($password) > 7) {
84. if ($password == $passwordconfirm) {
85.  
86. /* DATABASE CONNECTION */
87. $con = mysqli_connect("localhost", "root", "" ,"jono_db") or die("We couldn't connect!");
88.  
89. /* CHECKS IF THE INPUTED VALUE FOR FIRST NAME IS EXISTED ON THE DATABASE */
90. $usernamechecker = mysqli_query($con,"SELECT firstname FROM users WHERE firstname='$firstname'");
91. $count = mysqli_num_rows($usernamechecker);
92.  
93. /* CHECKS IF THE INPUTED VALUE FOR EMAIL IS EXISTED ON THE DATABASE */
94. $emailchecker = mysqli_query($con ,"SELECT email FROM users WHERE email ='$email'");
95. $count2 = mysqli_num_rows($emailchecker);
96.  
97. if($count != 0 || $count2 != 0){
98. if($count != 0){
99. echo "Username already exist! Please enter another user.";
100. }
101. else if($count2 != 0){
102. echo"Email already exist! Please enter another user.";
103. }
104.  
105. }
106. else{
107. $con = mysqli_connect("localhost", "root", "" ,"jono_db") or die("We couldn't connect!");
108. $query = mysqli_query($con,"SELECT * FROM users WHERE email='".$_SESSION['email']."'");
109. $numrows = mysqli_num_rows($query);
110.  
111. /* START */
112. /* THIS LINES OF CODES ARE USED TO CHECK IF THE USER IS AN ADMIN OR NON ADMIN*/
113. if(isset($_SESSION['email'])){
114.  
115. if($numrows != 0){
116.  
117. while($row = mysqli_fetch_assoc($query)){
118.  
119. $usertype = $row['is_admin'];
120. if($usertype == 1){
121. $query = "INSERT INTO `users`('',`username`, `password`, `email`, `firstname`, `lastname`, `gender`, `is_admin`) VALUES ('$firstname','$lastame','$email','$username','$password','$gender','$usertype')";
122. $result = mysqli_query($con,$query);
123.  
124. echo'Successfully created an account';
125. }
126. }
127. }
128. }
129. /* END */
130.  
131.  
132.  
133. /* INSERT THE VALID INPUTED VALUES IN THE TABLE USERS */
134. $query = "INSERT INTO `users`('',`username`, `password`, `email`, `firstname`, `lastname`, `gender`, `is_admin`) VALUES ('$firstname','$lastame','$email','$username','$password','$gender','$defaultUserType')";
135. $result = mysqli_query($con,$query);
136.  
137. if($result){
138. echo'<h3 color="red">Successfully created an account</h3>';
139. }
140. }
141. }
142. else {
143. echo 'Your password does not match.';
144. }
145. }
146. else{
147. echo "Your password is too short! You need to type a password between 4 and 15 characters!";
148.  
149. }
150.  
151. }
152. }
153. ?>
154.  
155. <!DOCTYPE html>
156. <html lang="en">
157.  
158. <head>
159. <?php include('header.php'); ?>
160. </head>
161.  
162. <body>
163. <?php include('navigation.php'); ?>
164.  
165.  
166. <form method="POST" action="signup.php">
167. <div id="loginsignup">
168. <!-- LOGIN PAGE -->
169.  
170. <!-- REGISTRATION FORM -->
171. <div class="text-center" style="padding:50px 0">
172. <div class="logo">register</div>
173. <!-- Main Form -->
174. <div class="login-form-1">
175. <form id="register-form" class="text-left">
176. <div class="login-form-main-message"></div>
177. <div class="main-login-form">
178. <div class="login-group">
179. <div class="form-group">
180. <label for="reg_username" class="sr-only">Username</label>
181. <input type="text" class="form-control" id="reg_username" name="username" placeholder="Username">
182. </div>
183. <div class="form-group">
184. <label for="reg_password" class="sr-only">Password</label>
185. <input type="password" class="form-control" id="reg_password" name="password" placeholder="Password">
186. </div>
187. <div class="form-group">
188. <label for="reg_password_confirm" class="sr-only">Password Confirm</label>
189. <input type="password" class="form-control" id="reg_password_confirm" name="passwordconfirm" placeholder="Confirm Password">
190. </div>
191.  
192. <div class="form-group">
193. <label for="reg_email" class="sr-only">Email</label>
194. <input type="text" class="form-control" id="reg_email" name="email" placeholder="Email">
195. </div>
196. <div class="form-group">
197. <label for="reg_firstname" class="sr-only">First Name</label>
198. <input type="text" class="form-control" id="reg_firstname" name="firstname" placeholder="First Name">
199. </div>
200.  
201. <div class="form-group">
202. <label for="reg_lastname" class="sr-only">Last Name</label>
203. <input type="text" class="form-control" id="reg_lastname" name="lastname" placeholder="Last Name">
204. </div>
205.  
206. <div class="form-group login-group-checkbox">
207. <input type="radio" class="" name="reg_gender" id="male" placeholder="username">
208. <label for="male">Male</label>
209.  
210. <input type="radio" class="" name="reg_gender" id="female" placeholder="username">
211. <label for="female">Female</label>
212. </div>
213.  
214. <div class="form-group login-group-checkbox">
215. <input type="checkbox" class="tickbox" id="reg_agree" name="reg_agree" value="1"/>
216. <label for="reg_agree">I agree with terms and conditions <a href="#">terms</a></label>
217. </div>
218. </div>
219. <?php
220. /* FIELDS ARE STILL EMPTY THIS CODE IS USED FOR HIDING PRECAUTIONAL PHP ERRORS MGS BECAUSE YOURE USING PHP AND HTML FORM IN 1 FILE*/
221. require_once("connect.php");
222. // Turn off error reporting
223. error_reporting(0);
224. // Report runtime errors
225. error_reporting(E_ERROR | E_WARNING | E_PARSE);
226. // Report all errors
227. error_reporting(E_ALL);
228. // Same as error_reporting(E_ALL);
229. ini_set("error_reporting", E_ALL);
230. // Report all errors except E_NOTICE
231. error_reporting(E_ALL & ~E_NOTICE);
232. /* FIELDS ARE STILL EMPTY THIS CODE IS USED FOR HIDING PRECAUTIONAL PHP ERRORS MGS BECAUSE YOURE USING PHP AND HTML FORM IN 1 FILE*/
233.  
234.  
235. /* START */
236. /* THIS LINE OF CODES , CHECKS WHETHER THERE IS CURRENTLY LOGGED IN USER AND WHETHER
237. ITS AN ADMIN OR NON ADMIN*/
238. if(isset($_SESSION['email'])){
239. if($_SESSION['email']){
240. $con = mysqli_connect("localhost", "root", "" ,"jono_db") or die("We couldn't connect!");
241. $query = mysqli_query($con,"SELECT * FROM users WHERE email='".$_SESSION['email']."'");
242. $numrows = mysqli_num_rows($query);
243. if($numrows != 0){
244. while($row = mysqli_fetch_assoc($query)){
245. $usertype = $row['is_admin'];
246. if($usertype == 1){
247. echo'<label>User Type:</label><br/>';
248. echo'<select name="usertype">';
249. echo'<option value="1">ADMIN</option>';
250. echo'<option value="0">NON ADMIN</option>';
251. echo'</select>';
252.  
253. }
254. else{
255. header('Location: home.php');
256. }
257. }
258. }
259. }
260. }
261. ?>
262. <button type="submit" name="submit" class="login-button"><i class="fa fa-chevron-right"></i></button>
263.  
264. </div>
265. <div class="etc-login-form">
266. <p>Already have an account? <a href="auth.php">Login Here</a></p>
267. </div>
268. </form>
269. </div>
270. <!-- end:Main Form -->
271. </div>
272.  
273.  
274. </div>
275.  
276. </body>
277. </html>